Daily Tech Digest - June 30, 2017

What is Docker? Linux containers explained

Containers decouple applications from operating systems, which means that users can have a clean and minimal Linux operating system and run everything else in one or more isolated container. Also, because the operating system is abstracted away from containers, you can move a container across any Linux server that supports the container runtime environment. Docker, which started as a project to build single-application LXC containers, introduced several significant changes to LXC that make containers more portable and flexible to use. Using Docker containers, you can deploy, replicate, move, and back up a workload even more quickly and easily than you can do so using virtual machines. Basically, Docker brings cloudlike flexibility to any infrastructure capable of running containers. Thus, Docker is often credited for the surging popularity of modern-day containers.

Teardown of 'NotPetya' Malware: Here's What We Know

The malware can spread by using two attack tools built by the "Equation Group" - likely the National Security Agency - and leaked by the Shadow Brokers. The tools generate packets that attempt to exploit an SMB flaw in prior versions of Windows. "The new ransomware can spread using an exploit for the Server Message Block (SMB) vulnerability CVE-2017-0144 (also known as EternalBlue), which was fixed in security update MS17-010 and was also exploited by WannaCrypt to spread to out-of-date machines," Microsoft says. "In addition, this ransomware also uses a second exploit for CVE-2017-0145(also known as EternalRomance, and fixed by the same bulletin). "Machines that are patched against these exploits (with security update MS17-010) or have disabled SMBv1 are not affected by this particular spreading mechanism."

Eight obstacles to overcome in your digital transformation journey

"Digital transformation involves a significant change, and usually changes to people's jobs, compensation, bosses, and the type of work they do," said Marc Cecere, vice president and principal analyst on Forrester's CIO role team. "Making that kind of change is difficult, and is something where there is not a lot of science. Make sure you have someone on board who knows how people's minds are changed, and how to adapt to new business models." Organizational siloes are one of the biggest impediments to digital transformation efforts, in terms of understanding the customer journey, said Gianni Giacomelli, chief innovation officer at Genpact, and head of its Genpact Research Institute. Often either the IT group or the business lines try to solve it, and do not work together deeply, Giacomelli said.

Critical Infrastructure Protection: Security Problems exist despite compilance

The electronic security perimeter (ESP) is the control systems, server room, telecom room and so on. The critical cyber-assets will fall under this section of CIP. For the most part, entities covered by CIP will spend a good deal of time and energy constructing a hard exterior (the ESP), but assets contained within – the guts – are soft. "We're talking fairytale darkness here, all of the stuff you see on television when the power grid goes down, that's going to happen when the ESP is successfully breached," Grimes said. You would think that the ESP would be the ultimate hard point, but it isn't in most cases. physical access controls (PACs) are not covered under the ESP section. For example, video cameras are a weak point, as they're not considered when it comes to the ESP.

Global shipping feels fallout from Maersk cyber attack

The impact of the attack on the company has reverberated across the industry given its position as the world's biggest container shipping line and also operator of 76 ports via its APM Terminals division. Container ships transport much of the world's consumer goods and food, while dry bulk ships haul commodities including coal and grain and tankers carry vital oil and gas supplies. "As Maersk is about 18 percent of all container trade, can you imagine the panic this must be causing in the logistic chain of all those cargo owners all over the world?" said Khalid Hashim, managing director of Precious Shipping (PSL.BK), one of Thailand's largest dry cargo ship owners. "Right now none of them know where any of their cargoes (or)containers are. And this 'black hole' of lack of knowledge will continue till Maersk are able to bring back their systems on line."

How to write event-driven IoT microservices that don’t break

One concept that jumped out at me was the notion of a “heisenbug,” which the article defines as “timing-related bugs that often disappear during an investigation of it.” The term “heisenbug” stems from the analogy of physics’ Heisenberg Uncertainty Principle, under which the attempt to observe a system inevitably alters its state. Where computing environments are concerned, heisenbugs are equivalent to probe effects, in which attaching a test probe—or simply sending an asynchronous test ping—to a system changes its behavior. What that implies is that the very act of trying to isolate, analyze, and debug some systemic glitches will alter the underlying systemic behavior of interest—perhaps causing the bugs in question not to recur. One of the chief causes of heisenbugs are race conditions, under which a system behaves erratically when asynchronous input events don’t take place in the specific order expected by that system’s controlling program.

Blockchain remains a work in progress for use in healthcare

Blockchain has inherent qualities that provide trust and security, but it is not a technological panacea for all that ails healthcare when it comes to cybersecurity, believes Debbie Bucci, an IT architect in ONC’s Office of Standards and Technology. “When I look across other industries, I don’t see any of them really aggressively adopting it,” says Bucci, whose primary focus is on the privacy and security aspects of health information exchange. “There’s a lot of proof of concepts, pilots and use cases being defined. But, I have yet to see major companies stepping up to support blockchain—beyond Bitcoin, of course.” According to Bucci, ONC continues to keep a close watch on what develops in the marketplace when it comes to blockchain, which is still evolving and maturing, especially with respect to its applicability to healthcare.

The 360 degree approach to cyber security

In order to take the right security measures, you need to understand where to direct your attention. A good start is to assess who the potential adversaries are, and what damages a security compromise can cause – a risk analysis if you will. Getting a full view of the attack surface is an integral part of this, but it’s not easy. Many companies don’t even know their digital footprint, leaving them unaware of potential entry points for attackers and threats. Plus, the IT systems in many companies have grown organically, resulting in intertwined systems, outsourced infrastructure, and 3rdparties that are digitally connected and integrated with business processes. Keeping all of this under rigid control is virtually impossible. And while there are technical solutions that provide the visibility you need, just mapping your digital footprint isn’t enough.

Five DevOps principles to apply to enterprise architecture

Because DevOps breaks down barriers that traditionally separate various teams within an IT organization, individual roles need to be malleable. For example, someone whose job title is "developer" should have the organizational flexibility to participate in IT operations work when needed. DevOps is about cultural practices, not specific technologies or tools. Still, DevOps works best when the IT team has modern, agile tool sets and frameworks at its disposal. For example, migrating from virtual machines to containers can help your organization manage DevOps more effectively. When designing your enterprise architecture, controlling access to sensitive information about the infrastructure or the data stored on it is important. But this need should be balanced against the importance of maximizing visibility across the organization.

Medical Device Cybersecurity: A Long Way to Go

In a statement provided to ISMG, the FDA says it generally does not comment on specific studies, "but evaluates them as part of the body of evidence to further our understanding about a particular issue and assist in our mission to protect public health. The FDA is carefully reviewing the findings of the report. The FDA takes medical device cybersecurity seriously , and we look forward to engaging directly with the sponsor of the report so we can have a better understanding of the report's data, methodologies of information collection and conclusions." The FDA also notes: "Medical device manufacturers must comply with federal regulations. Part of those regulations, called quality system regulations, require that medical device manufacturers address all risks, including cybersecurity risk.

Quote for the day:

"Do not be concerned that no one recognizes your merits; be concerned that you may not recognize others." -- Confucius