Investigators traced the man through digital tracks he left on the internet, as well as by speaking to witnesses, including another unnamed 19-year-old man that the hacker had communicated with via an encrypted messaging service. The hacker, who used the pseudonyms “G0t” and “Orbit”, was arrested on January 6 after investigators searched his home.
“Bad passwords were one of the reasons he had it so easy,” Seehofer said. “I was shocked at how simple most passwords were: ‘ILoveYou’, ‘1,2,3’. A whole array of really simple things.”
The latest incident comes just over a month after German security officials detected a major cyber attack against the email accounts of German lawmakers, as well as the military, and several German embassies by a Russian hacker group with ties to Moscow’s military intelligence wing, the GRU.
That attack occurred less than a year after the BfV, Germany’s intelligence service, said the Russian government was behind a cyberattack on German computer networks that was discovered in December 2017 and was also linked to the same hacker group that carried out the November 2018 breach.
As Norwegian Refugee Council research found, 70 percent of Syrian refugees lack basic identification and documents showing ownership of property.
The global passport
Host nations certainly has a share in the damage, as they face problems concerning the accessibility of vital information about the newcomers — dealing with the undocumented refugee, the immigration service can’t gain the information about his/her health status, family ties or criminal record, or verify any other vital data that helps them make a decision. Needless to say, this may lead to the designation of refugee status being exploited by economic migrants, fugitives or even the war criminals that caused the mass displacement to begin with.
Another important issue is data security. Refugees’ personal identities are carefully re-established with the support of clever biometric systems set up by the U.N. Agency for Refugees (UNHCR). UNHCR registers millions of refugees and maintains those records in a database. But the evidence suggests that centralized systems like this could be prone to attacks. As a report on UNCHR’s site notes, Aadhaar — India’s massive biometric database and the largest national database of people in the world — has suffered serious breaches, and last year, allegations were made that access was for sale on the internet for as little as $8
Finland, a country with a population of 5.5 million, cannot boast huge numbers of refugees. For 2018, it set a quota of 750 people, mainly flying from Syria and the Democratic Republic of Congo. That’s way less than neighboring Sweden, which promised to take in 3,400. Nevertheless, the country sets a global example of the use of effective technology in immigration policy: It’s using blockchain to help the newcomers get on their feet faster.
The system, developed by the Helsinki-based startup MONI, maintains a full analogue of a bank account for every one of its participants.
Speaking at the World Economic Forum in Davos in January 2018, the billionaire investor and philanthropist George Soros revealed that his structures already use a blockchain in immigration policies
In 2017, Accenture and Microsoft Corp. teamed up to build a digital ID network using blockchain technology, as part of a U.N.-supported project to provide legal identification to 1.1 billion people worldwide with no official documents.
a Memorandum of Understanding (MOU) with blockchain platform IOTA to explore how the technology could increase efficiency.
The FBI has released a public service announcement warning educators and parents that edtech can create cybersecurity risks for students.
In April 2017, security researchers found a flaw in Schoolzilla’s data configuration settings. And in May 2017, a hacker reportedly stole 77 million user accounts from Edmodo.
Amelia Vance, the director of the Education Privacy Project at the Future of Privacy Forum, writes in an email to EdSurge that the FBI likely wanted to make sure that as the new school year starts, parents and schools are aware of potential security risks. And while she thinks it’s “great” that the FBI is bringing more attention to this issue, she wishes the public service announcement had also addressed another crucial challenge.
“Schools across the country lack funding to provide and maintain adequate security,” she writes. “Now that the FBI has focused attention on these concerns, policymakers must step up and fund impactful security programs.”
According to Vance, a better approach might involve encouraging parents to have conversations with their children’s’ school about how it keeps student data safe.
Encyclopedia of Criminal Activities and the Deep Web
Countries all over the world are seeing significant increases in criminal activity through the use of technological tools. Such crimes as identity theft, cyberattacks, drug trafficking, and human trafficking are conducted through the deep and dark web, while social media is utilized by murderers, sex offenders, and pedophiles to elicit information and contact their victims. As criminals continue to harness technology to their advantage, law enforcement and government officials are left to devise alternative strategies to learn more about all aspects of these modern criminal patterns and behavior, to preserve the safety of society, and to ensure that proper justice is served. Regrettably, the lack of adequate research findings on these modern criminal activities is limiting everyone’s abilities to devise effective strategies and programs to combat these modern technology-related criminal activities.
In an effort to compile the most current research on this topic, a new major reference work titled Encyclopedia of Criminal Activities and the Deep Web is currently being developed. This comprehensive Encyclopedia is projected to encompass expert insights about the nature of these criminal activities, how they are conducted, and societal and technological limitations. It will also explore new methods and processes for monitoring and regulating the use of these tools, such as social media, online forums, and online ads, as well as hidden areas of the internet including the deep and dark web. Additionally, this Encyclopedia seeks to offer strategies for predicting and preventing criminals from using technology as a means to track, stalk, and lure their victims.
You are cordially invited to share your research to be featured in this Encyclopedia by submitting a chapter proposal/abstract using the link on the formal call for papers page here. If your chapter proposal is accepted, guidelines for preparing your full chapter submission (which should be between 5,000-7,500 total words in length) can be accessed at: http://www.igi-global.com/publish/contributor-resources/ (under the “For Authors” heading – “Encyclopedia Chapter Organization and Formatting”).
Recommended topics for papers include, but are not limited to:
Bitcoin and Crime
Botnets and Crime
Dark Web Vendors
Dating Websites and Crime
Fraud and Internet
Gaming and Crime
Government Regulations of the Dark Web
Hacking and Crime
International Regulations of the Dark Web
Internet Safety & Crime
Online Advertisement Websites and Crime
Online Forums and Crime
Online Hate Crimes
Social Media Deception
Social Networking Traps
Undercover Dark Web Busts
Virtual Currencies & Crime
IMPORTANT DATES: Chapter Proposal Submission Deadline: October 15, 2018; Full Chapters Due: December 15, 2018
Note: There are no publication fees, however, contributors will be requested to provide a courtesy to their fellow colleagues by serving as a peer reviewer for this project for at least 2-3 articles. This will ensure the highest level of integrity and quality for the publication.
James Dixon, the CTO of Pentaho is credited with naming the concept of a data lake. He uses the following analogy:
“If you think of a datamart as a store of bottled water – cleansed and packaged and structured for easy consumption – the data lake is a large body of water in a more natural state. The contents of the data lake stream in from a source to fill the lake, and various users of the lake can come to examine, dive in, or take samples.”
A data lake holds data in an unstructured way and there is no hierarchy or organization among the individual pieces of data. It holds data in its rawest form—it’s not processed or analyzed. Additionally, a data lakes accepts and retains all data from all data sources, supports all data types and schemas (the way the data is stored in a database) are applied only when the data is ready to be used.
What is a data warehouse?
A data warehouse stores data in an organized manner with everything archived and ordered in a defined way. When a data warehouse is developed, a significant amount of effort occurs during the initial stages to analyze data sources and understand business processes.
Data lakes retain all data—structured, semi-structured and unstructured/raw data. It’s possible that some of the data in a data lake will never be used. Data lakes keep all data as well. A data warehouse only includes data that is processed (structured) and only the data that is necessary to use for reporting or to answer specific business questions.
Since a data lake lacks structure, it’s relatively easy to make changes to models and queries.
Data scientists are typically the ones who access the data in data lakes because they have the skill-set to do deep analysis.
Since data warehouses are more mature than data lakes, the security for data warehouses is also more mature.
Far too often, cybersecurity awareness-raising training fails to account for how people learn and proven ways to change behaviors. The cybersecurity community too easily falls into the trap of thinking that “humans are the weakest link.” In this talk, Dr. Jessica Barker will argue that, if humans are the weakest link, then they are our weakest link as an industry. With reference to sociology, psychology, and behavioral economics, as well as lessons from her professional experience, Jessica will discuss why a better understanding of human nature needs to be a greater priority for the cybersecurity community.
Outcomes: Explore how we can apply knowledge from other disciplines to improve cybersecurity awareness-raising training and communications * Understand where the cybersecurity industry can improve with regards to awareness, behavior, and culture * Develop ideas to improve how you communicate cybersecurity messages and conduct awareness-raising training
Researchers at the University of California, Irvine, are able to recover user passwords by way of thermal imaging. The tech is pretty straightforward, but it’s interesting to think about the types of scenarios in which it might be pulled off.
“They do plan,” said a senior Obama-administration official. “They’re not stupid at all. But the idea that they have this all perfectly planned and that Putin is an amazing chess player—that’s not quite it. He knows where he wants to end up, he plans the first few moves, and then he figures out the rest later. People ask if he plays chess or checkers. It’s neither: He plays blackjack. He has a higher acceptance of risk. Think about it. The election interference—that was pretty risky, what he did. If Hillary Clinton had won, there would’ve been hell to pay.”
Even the manner of the Russian attack was risky. The fact that the Russians didn’t really bother hiding their fingerprints is a testament to the change in Russia’s intent toward the U.S., Robert Hannigan, a former head of the Government Communications Headquarters, the British analogue to the National Security Agency, said at the Aspen Forum. “The brazen recklessness of it … the fact that they don’t seem to care that it’s attributed to them very publicly, is the biggest change.”