The Doomsday Clock Is Still Ticking

Standard

This was originally published in yesterday’s Foster’s and Seacoast Sunday.

doomsday-clock-animatedDo you remember the Doomsday Clock? I’m sure lifelong Seacoast residents are all too familiar with it, given our proximity to the former Pease Air Force Base and Portsmouth Naval Shipyard. I have friends who grew up in Portsmouth who remember having school drills where they would duck under their desks in preparation for a possible attack on the area. Not that this would have helped, but that’s a different story line entirely.

For those who may not know about the Doomsday Clock, this is a Cold War relic developed by scientists to represent the threat nuclear weapons and the Cold War represented to humanity. It’s a stark analogy. The premise of the Doomsday Clock is this: It is a reminder of the existential threat to the human race we created for ourselves. It was founded by scientists who worked on the Manhattan Project, which built the world’s first nuclear weapon during World War II. Realizing what they had created, they then created the Doomsday Clock as a stark warning to humanity that nuclear weapons should never be used, lest we destroy the entire human race, by our own hand.

In 1953, the Doomsday Clock sat at two minutes before midnight, indicating in theory, we were minutes away from destroying ourselves. Not a pleasant place to be. The Doomsday Clock has moved around since its inception. Our best place in history was in 1991, when we stood at 17 minutes before midnight. Over the last 28 years, we have steadily moved to the precarious place we now sit. There are several reasons for this, mostly what the Bulletin of the Atomic Scientists now calls our “new abnormal.”

Our new abnormal is driven by several factors, not the least of which is the United States eroding leadership position on the world stage. Historically, our nation has been looked at as the barometer for global stability. Our current policies, highlighted by withdrawals from nuclear weapons and climate change agreements have accelerated this state of affairs. The Bulletin of the Atomic Scientists relies on science and rational debate to form its position. In the case of climate change, the science is clear. In the case of nuclear arms agreements, this is as much about politics as anything else and that is truly a topic for a different type of article.

As it relates to cybersecurity, the Bulletin of the Atomic Scientists argues we have come to a point in our technological evolution where cybersecurity risks represent an existential threat to the survival of our species. Think about that. Technology could be a threat to our existence. I would argue most people look at technology as an enabler of a better future existence. So how could this be?

There are now more threats that intersect and in some cases magnify one another. Technology is a cornerstone of nuclear power and weapons and was heavily leveraged in a clandestine operation to disrupt the Iranian nuclear program before diplomatic efforts were accelerated. Technology has brought the age of information warfare upon us. From events in the Ukraine to our own elections, information warfare should not be a surprise and many feel we are at the tip of the iceberg.

Cybersecurity attacks are a threat to our financial, utility, health care, communication, food supply networks and more. Imagine the devastation that could be caused by taking down any one of these critical infrastructure networks, let along multiple events at the same time. Financial losses and physical damage would be the least concerning outcome. Loss of life could be significant, some argue as significant as a nuclear detonation. We must understand the magnitude of the threat to have rational conversations to not only mitigate the threat, but prevent it.

Two minutes to midnight is not a good place to be. We, as a global, interdependent advanced human race, need to recognize the risks that come with each new development. Most importantly, we need to render these risks inert, lest we condemn our future generations to a fate we never intended. This article unfolded more darkly than I intended. Perhaps that’s a good thing, to make the point clear. At the end of the day, it’s up to us, as individuals, as part of a larger family and society, as stewards of our past and our future, to ensure our advances improve the future, not unreasonably threaten it. What will you do to help move the Doomsday Clock back from its present time of two minutes before midnight?

Keep Calm…

Standard

I’ve always been a fan of the Keep Calm sayings.  I’ve had this coaster on my desk for almost 10 years now…

IMG_1884

Now, I have a new one to add to my collection of favorites.  It’s not a coaster, but it’s still great…

Keep Calm and Go Pats!.jpg

It’s an incredible time to be a New England sports fan.  A little over 90 days ago, we were celebrating a World Series victory for the Boston Red Sox.  Yesterday, the Boston Celtics won, the Boston Bruins won a gritty game against the Stanley Cup champion Washington Capitals, beating them after the losing the preceeding 14 meetings.  With that win, Bruin’s goalie Tuuka Rask became the winningest goalie in Bruin’s history and last night, the New England Patriots won the Super Bowl for the 6th time with several more records to show for it.

These are times to be cherished.

Industry IT Outlook Is Strong For 2019

Standard

The following was published in today’s Foster’s and Seacoast Sunday.

The Computing Technology Industry Association recently released its annual IT Industry Outlook. While many things are in motion, as they always are, the key message of this report is the industry outlook for 2019 is quite diverse and healthy.

2019Outlook

CompTIA identified twelve significant areas of industry advancement this year. The following are the 12 trends CompTIA identified.

  1. Cloud, Edge and 5G. These three areas of technology encompass the rapid adoption of Cloud technology to move applications and services to data centers to provide greater reliability. Edge computing brings the Cloud together with the devices used by workers to do their work and 5G is the latest enhancement to the wireless network capabilities that pushes technology further in to the field where the workers are.
  2. Internet of Things, IoT and artificial intelligence. AI opens all kinds of new possibilities. Computing used to be tied to computers. Today, many devices that are not traditionally thought of as computers have more computing power than the first PCs of the 1980s. Taken together with AI, automation is reaching a new pinnacle that will continue to drive innovation.
  3. Distributed technology models. Blockchain and Cyrpto currencies have garnered a lot of press over the last year. These innovations depend on distributed technology to provide the computing power needed to support these new innovations.
  4. Stackable technologies are just like what they sound like – technologies able to be stacked together, like Lego blocks, to build the outcome needed to support the business model.
  5. Channel reinvention refers to the new ways in which technology is consumed. This applies to consumer and business technology. Technology no longer comes to market only through traditional sales channels and this is driving changes across the entire ecosystem.
  6. Hyper-personalization is a new buzz in the industry that takes the user experience to new levels of ease and customization to enable maximum productivity.
  7. Partnerships bridge gaps. Partnerships between technology companies breed innovation and capability. Take any technology available today and rarely does it stand alone. Integration with other hardware and software brings out the full capabilities of any given technology.
  8. Skills shortage. If you have anything to do with technology, you know the skills gap and high employment demands of the industry are a serious issue. Many companies no longer require a college degree. This creates tremendous opportunity for today’s youth to pursue technical training through their high school years and other avenues aside from a four-year college, while still leading to a rewarding and well-paying career.
  9. Digital-human models shape the workplace. This sounds eerie. It refers to the intersection of technology with the human who does a job. Some estimates suggest up to 30 percent of what a person does can be automated, freeing that person to perform more productive work.
  10. Technology professionals anticipate unintended consequences. As we saw in the 2016 election cycle, social networks were taken advantage of to negatively impact our country. As a result of this and other unintended outcomes from technical innovation, the profession has a keen sensitivity toward understanding its unintended consequences, much like any other applied science.
  11. High-tech improves low tech. Technology is everywhere. Consider that you can order fast food on your phone and it’s ready when you get there, dramatically decreasing your wait time. What was considered a low-tech experience, benefits from high-tech innovation.
  12. Global tech hubs spur innovation. Just about everywhere you look you seem to find a high-tech hub of some form. Once one company comes on scene, others seem to follow, bringing increased collaboration and innovation and driving local economies. We have seen this here on the Seacoast.

The global IT industry is estimated to reach $5 trillion in 2019. The United States represents roughly 31 percent of this market, which is a huge number. It’s no wonder we now see technology impacting literally every aspect of our lives. 2019 should prove to be an exciting year for the tech industry. I look forward to sharing updates with you throughout the year.

Top 5 Cybersecurity Threats From Onepath

Standard

Top 5 Cybersecurity Threats

Courtesy of Onepath.


Retail

3 out of 5 Retailers Blame Cybersecurity Fears for Delay in Digital Transformation

CIO.co

A Frost & Sullivan study comissioned by Microsoft reveals that fear of cyberattacks has forced 60% of retailers to put their digital transformation programs on hold.


This Is How YouTube Influencer Scam Artists Are OperatingYouTube

ZDNet.com

A scam striking the followers of YouTube influencers which offers free gifts from their favorite star has been in operation for longer than first thought.


HeadphonesApple Disables Group FaceTime Following Major Privacy Glitch

Threatpost

The bug allows iPhone users to FaceTime other iOS users and eavesdrop on their conversations—even if the other person doesn’t pick up.


Q4 2018 Top-clicked Phishing Email Subject LinesLaptop

KnowBe4

Watch out for phishing emails that use these common subject lines.


SunsetWhy Sunsetting Windows 7 and Server 2008 Is a Good Thing 

1path.com

Still using Microsoft Windows 7 and Server 2008? You’ve probably heard that support ends January 2020 but let us tell you why this is a good thing.

Data Privacy Day is TODAY!

Standard

2019 DPD.png

Data Privacy Day is an international effort to empower individuals and business to respect privacy, safeguard data and enable trust.  It takes place annually and helps to drive awareness and participation.

2019DPDBusiness

The 5 Ways to Help Employees be #PrivacyAware tip sheet has excellent ideas for promoting awareness about the importance of respecting privacy, safeguarding data and enabling trust throughout the workplace.

2019DPDHome.png

In today’s world, everyone is digitally connected and must think about safety and security both online and offline. These privacy tips can help you, your family and friends be privacy-savvy and stay safer online.

There is also a live streaming event today at 2 PM PST, 5 PM EST.  Don’t miss top privacy experts from Amazon Web Services, LinkedIn, Microsoft, Verizon, Visa and more for discussions on artificial intelligence and other breakthrough technologies, GDPR, the California Privacy Act and how your business can emerge as a leader in privacy.

Click Here to Watch

 

CISA-A Force For Good

Standard

Following up on my posts from the last two days, DHS Emergency Directive For DNS Management and More Information on DNS Hijacking Campaign, I want to share a great blog post from the Director of the Cybersecurity and Infrastructure Security Agency (CISA).

CISA has come on the scene as a force for good in the Chris-Krebs-Official-Bio-Photocybersecurity space.  Director Christopher Krebs released a blog today that explains his agency and why he took the step of issuing its first ever Emergency Directive.  It also talks about the importance of Team Internet and the private/public collaboration that will be critical to keeping our cyber infrastructure safe.

You may read Director Krebs blog here.

 

More Information on DNS Hijacking Campaign

Standard

I just received the following broadcase from the United States Computer Emergency Readiness Team and wanted to share as a follow-up to my post DHS Emergency Directive For DNS Management from yesterday.  There are additional details and recommendations worth noting in this document.

US-CERT

National Cyber Awareness System:

AA19-024A: DNS Infrastructure Hijacking Campaign

01/24/2019 03:01 PM EST

Original release date: January 24, 2019

Summary

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a global Domain Name System (DNS) infrastructure hijacking campaign. Using compromised credentials, an attacker can modify the location to which an organization’s domain name resources resolve. This enables the attacker to redirect user traffic to attacker-controlled infrastructure and obtain valid encryption certificates for an organization’s domain names, enabling man-in-the-middle attacks.

See the following links for downloadable copies of open-source indicators of compromise (IOCs) from the sources listed in the References section below:

These files will be updated as information becomes available.

Technical Details

Using the following techniques, attackers have redirected and intercepted web and mail traffic, and could do so for other networked services.

  1. The attacker begins by compromising user credentials, or obtaining them through alternate means, of an account that can make changes to DNS records.
  2. Next, the attacker alters DNS records, like Address (A), Mail Exchanger (MX), or Name Server (NS) records, replacing the legitimate address of a service with an address the attacker controls. This enables them to direct user traffic to their own infrastructure for manipulation or inspection before passing it on to the legitimate service, should they choose. This creates a risk that persists beyond the period of traffic redirection.
  3. Because the attacker can set DNS record values, they can also obtain valid encryption certificates for an organization’s domain names. This allows the redirected traffic to be decrypted, exposing any user-submitted data. Since the certificate is valid for the domain, end users receive no error warnings.

Mitigations

NCCIC recommends the following best practices to help safeguard networks against this threat:

  • Update the passwords for all accounts that can change organizations’ DNS records.
  • Implement multifactor authentication on domain registrar accounts, or on other systems used to modify DNS records.
  • Audit public DNS records to verify they are resolving to the intended location.
  • Search for encryption certificates related to domains and revoke any fraudulently requested certificates.

References

Revisions

  • January 24, 2019: Initial version

DHS Emergency Directive For DNS Management

Standard

DHS-CISAThe Department of Homeland Security has issued an emergency directive regarding the management of DNS files in response to what is believed to be aggressive hacking originating in Iran.

Malicious actors tracked to that country have been aggressively targeting DNS management sites, obtaining user credentials and then editing DNS records to point unsuspecting web site visitors to a malicious web site.  Here is what takes place:

  • Hackers gain access to the site that manages a company’s DNS records.  These are the records that translate IP addresses to more common text.  For example, www.company.com correlates to an IP address on the Internet where that web site lives.  The hackers repoint www to another IP address, where they are hosting a malicous site that looks like the original site.  This allows the hackers to steal your identity or other information, depending what details you enter in to that site.
  • Once the hackers have done their work, the revert the DNS record back to the original web site and move on.  It’s possible you may not even know this has taken place.

The DHS emergency directive recommends putting two factor authentication (2FA) in front of the account through which you manage your DNS records.  2FA requires an additional step, in addition to entering your username and password to login to the site.  Most will offer a few options, the most common being a text message with a one time code that you need to enter, or the use of an authenticator app like Google Authenticator or Microsoft Authenticator, which generate random codes you have to enter to complete the login process.  Both of these are available in your app store.

As an example, GoDaddy is a very popular company that hosts DNS records for their customers.  GoDaddy allows 2FA to be enabled on your login that you use to manage DNS if you host it with them.  If you do, you should enable this immediately as it is the best defense against this threat.  Other popular organizations that host DNS are companies like Network Solutions, Rackspace, Web.com and more.  You should enable 2FA where ever your DNS is hosted and if the company you host with does not support 2FA, you should move your domain to company that does.

If you would like to read the emergency directive, click here for a PDF of the directive or click here for the online directive.

The Clock Starts Ticking Today

Standard

As I posted a few days ago, Windows 7/Server 2008 End of Support happens one year from today on January 14, 2020.

2020EOLDon’t sit back and relax, thinking you’ve got a year.  You don’t.  If you are like many companies, you may still have a substantial number of computers running Windows 7 and some servers running Server 2008 and 2008R2.  It takes time to plan for widescale replacements like this and if you don’t start planning now, you will be in a pinch come this time next year, scrambling to get your replacements done.  Don’t be that company.

Start planning now and make a plan to methodically replace the necessary systems throughout 2019 so come this time next year, your users will be well settled in with the new operating systems.  Most importantly, you will be safe from the hackers who will be waiting at the gates to exploit any organization who has not completed these necessary upgrades.

What 2019 May Hold For Tech

Standard

The following was published in today’s Foster’s and Seacoast Sunday.

2019TechIn my last column, I wrote about how technology evolved and influenced our lives in 2018. Now that we are in the New Year, it’s time to look forward to what 2019 may have in store for us.

Cybersecurity will remain one of, if not the most active area of technology in 2019. Some are predicting a distinct increase in cyberattacks. There is no question cyberattacks are happening more frequently than ever and penetrating further than they ever have. The rise of state-sponsored attacks is alarming, as is the number of groups attributed to attacks being funded by governments.

As we move deeper in to 2019 and the 2020 election draws closer, concerns about cyberattacks on campaigns, voting and social media platforms are expected to reach unprecedented levels. The development and deployment of proactive defenses against these anticipated attacks will be closely watched to insure the integrity of this election cycle.

Come January 2020, both Windows 7 and Windows Server 2008 will be out of support, meaning they will no longer receive security updates and become vulnerable to hackers. Many businesses are still running both operating systems extensively and the time to plan for replacement is now. Before you know it, we will be deep into the New Year and there will not be sufficient time to plan for and implement necessary upgrades or replacements to be sure these are not in place at this time next year. Hackers will be ready to attack systems still in place. If you are not already planning to replace all systems running these versions, you are putting yourself at unnecessary risk.

Artificial intelligence, AI, will continue to evolve and become more ubiquitous this year. From monitoring financial networks to combating cyberthreats, AI will become an important aspect of how we leverage technology for good. As an example, most security operations centers, the mission control like centers that monitor massive amounts of security logs for threats, can’t function without AI. AI allows security analysts to sift through massive amounts of data to identity patters of activity that could represent a real-time risk to a network. Once identified, the risk can be clearly communicated to appropriate resources for response. AI represents perhaps the only way we can effectively develop cyberdefenses to keep ourselves safely connected.

Smarthome technology will become even more pervasive in 2019. Walk in to any electronics or home improvement store and you will see ever larger displays of smarthome technology. From video doorbells, to garage door control to temperature sensors, alarm systems, lighting control and more the connected home is here. As is voice control. Alexa is everywhere and Google and others are nipping at her heels. The ability to talk to your home and have it intelligently respond is here. There are a lot of privacy concerns around this technology, but the benefits have so far outweighed the risk.

Speaking of privacy, privacy will remain a hot topic due to the amount of personal and sensitive information that lives within our technical infrastructures. From legislation, to technical controls to auditing capabilities to monitor the flow of data in real time, concerns about privacy will remain front and center in 2019.

Personal health technology will also become more prevalent this year. As an example, the latest version of the Apple Watch allows you to take on demand ECG’s and detect heart anomalies. While this is innovative and potential transformation, it’s not without concern. Some medical professionals have expressed concern that people will place too much faith in personal health technology and put themselves at unnecessary risk. The concern is that someone may not seek out professional medical assistance and instead rely on technology to self-diagnose and treat.

Technology is a wonderful enabler of our human evolution. Like any significant progress throughout history, it’s not without risk and tradeoffs. Being in the business, I obviously favor the positive over the negative, but not without proper understanding and respect for the concerns. It’s up to all of us to use technology wisely and for good. Really not much different from any other aspects of our lives. Happy New Year.