Daily Tech Digest - October 11, 2018

No company seems to safe anymore. In 2018 alone, we have seen the social media giant Facebook reporting data breaches twice affecting millions of users each time. As if this wasn’t enough, a couple of days ago Google reported exposing the data of more than 500K users of its social network Google+ between 2015 & March 2018. The ironical part is that Google reported no misuse of data but in response to this incident has decided to completely shut down the portal, Huh? Apparently, Google didn’t disclose this earlier citing fear of regulatory scrutiny. Wondering if we should still trust these tech giants with our personal data? European Data regulation like the GDPR is a step in the right direction in protecting customers’ data & these tech companies are now facing multi billion dollar lawsuits. On the side note, the Crypto industry is facing a similar situation with more than $927 million worth of digital money stolen to date this year — 3.5 times more than 2017.


The benefits of IAM processes, strategies for digitized companies


"Companies are using more and more systems than they ever have before. They're collecting more data, [and] the employees' job roles are changing faster," he said, adding that identity access management sits at the nexus of all those dynamics. Consider how an employee may require access to specific data or certain applications to work on a project, but will not need that access on an ongoing basis, he said. IT should be capable of changing access rights of not just that employee, but dozens, hundreds or even thousands of employees, as needed. However, not all organizations are maturing their IAM practices, Maxim said. "There are still a lot of companies that are doing very little with IAM -- they're working on spreadsheets, or they've reached a limit to what they could do with their homegrown systems," he said. However, he noted that many of them are "actively looking to find ways to streamline what they're doing."


Successful data-driven companies must balance human and machine roles

The anticipated redistribution of work between humans and machines may displace 75 million jobs, but it’s likely to create as many as 133 million new ones, too, according to the report. This major shift in jobs may not reassure those of you who believe technology is a threat to your role. But the reality is that smarter technologies provide an amazing opportunity to focus on the ways that we create the most value for our organizations. Creativity and strategic thinking remain distinctly human advantages. When paired with the increased processing capacity of machines, there is plenty of room to be optimistic about the future. Understanding the strengths of people vs. machines We are far from a reality where we can trust machines to make business decisions with human-like judgment and contextual understanding. Today, we trust machines to automate tasks and analysis in areas that are heavily parameterized and minimally risky. 


Disaster Recovery: Data Center or Host Infrastructure Reroute


Regardless of which approach you take, even if everything works flawlessly, you still need to address the ‘brownout’ phenomenon or the time it takes for services to be restored at the primary or to a secondary location. It is even more important to automatically send people to a different location if performance is impaired. Several people have heard of GSLB, and while many use it today, it is not part of their comprehensive DoS approach. But it should be. If your goal with your DDoS mitigation solution is to ensure an uninterrupted service in addition to meeting your approved performance SLA; then dynamic GSLB or infrastructure based performance load balancing has to be an integral part of any design. We can deploy this technology purely defensively, as we have traditionally done with all DoS investments or we change the paradigm and deploy the technology to help us exceed expectations. This allows us to give each individual user the best experience possible.


Suspected NASA Hacker Busted After Boasting About Exploits

The suspect was identified after a year-long investigation by the Polizia Postale - Italy's postal police - via its CNAIPIC group, which since 2008 has served as the national anti-crime computer center for the protection of critical infrastructure. It regularly investigates cybercrime. After identifying the suspect, police say they executed a search that resulted in the seizure of computing devices, which have tied the suspect to attacks against at least 60 Italian websites. In addition, rather than just being a member of the "Master Italian Hackers," the suspect appears to have been one of its leaders, authorities say. The Italian suspect is the latest in a long list of admitted hackers whose "too much information sharing" habits got them in trouble. To pick just one example: Last year, Russian-born Alexander Konstantinovich Tverdokhlebov, who emigrated to the U.S. in 2007, later becoming a naturalized citizen, pleaded guilty in U.S. federal court to having been "an active member of several highly exclusive Russian-speaking cybercrime forums."


SoftBank has a lot to worry about if it strikes this deal with WeWork


It’s very possible that the talks for SoftBank Vision Fund to invest up to $20 billion into WeWork will fail, Recode was told. Here are some of the hazards that could trip up either side over the next few weeks. The Vision Fund’s single biggest outside investor, the Saudi government, which holds a 45 percent stake, is under increasing political scrutiny after allegations it is behind the disappearance of U.S.-based Washington Post journalist, Jamal Khashoggi. Backing from foreign governments has always loomed as a major liability for venture capital investors. The SoftBank-Saudi ties are not new. But the Khashoggi revelations make it particularly bad timing for a deal, as WeWork could face reputational risk for taking money from a government that’s embroiled in such a high-profile human rights case. “If all that’s alleged is true, WeWork will be in bed with a regime that has expressed brazen disregard for virtually any norm of international politics,” said Chris Meserole, a foreign policy fellow at The Brookings Institution.


3 things you should do to prevent cyber attacks

The threat landscape is constantly evolving, with cyber criminals always looking for new exploits and studying one another’s tactics. As soon as a particular exploit proves successful, crooks the world over will adopt and refine it.  The majority of successful attacks come in the immediate aftermath of the popularisation of a particular attack method. That’s because its success is predicated on the fact that many organisations are vulnerable to it. Once the trend becomes common knowledge, organisations learn how it works and address it.  You can greatly minimise your chances of coming under attack by staying informed about growing trends. There are many ISACs (Information Sharing and Analysis Centres) that you can use to gather real-time threat intelligence.   When it comes to addressing new attack methods, processes and policies are relatively resilient and will perhaps only need to be tweaked. You are much more likely to need to update your software and web applications.


Automate everything or get left behind

Automate everything or get left behind image
Discovery and auto-monitoring. Sophisticated monitoring solutions use an increasing range of methods, including direct access to hosts via SSH and indirect access via configuration repositories like ActiveDirectory and services like Windows Discovery, to extract facts from existing infrastructure and speed up monitoring configuration by operators. Leading-edge products are now moving towards automating the process completely: creating comprehensive maps of infrastructure, apps, and complete business services and monitoring these things without the need for any manual intervention or direction. Alert processing, notification, escalation, integration. Alerting is, of course, a powerful form of automation. It entails decision-making, which may be simple or significantly more complex (e.g., several metrics, from separate systems, have entered states predictive of a particular kind of known failure for a critical business service). It involves sophisticated assignment and escalation based on issue, team rotas, time/date and other variables.


SD-WAN Adolescence Is About Interoperability and Scalability

SD-WAN-Adolescence-Is-About-Interoperability-Scalability
Almost everyone (enterprises, CSPs, standards bodies, vendors) I spoke with acknowledges that data-plane interoperability in SD-WAN is unlikely in the near future. Enterprises and CSPs are telling me they don’t need it yet. This brings back memories of the old IPsec interoperability wars. Trying to create interoperable meshes of nodes from disparate vendors today is really putting the cart before the horse because we need to start from the control plane. CSPs that are in the process of building or customizing their orchestration systems to integrate with SD-WAN offerings say that having interoperability at the control and management level allows for coordination between multiple SD-WAN domains. It also makes switching vendors feasible with much less pain. The present efforts focus on interoperability at the northbound API level. They govern the APIs used to provision and control SD-WAN deployments.


Security warning: Attackers are using these five hacking tools to target you

Perhaps the most potentially damaging of the dangers detailed in the report are remote access trojans - malware which is secretly installed onto an infected system providing a backdoor to observe all activity and enabling the attacker to carry out commands which lead to data being stolen. The particular example given in the report is JBiFrost, a trojan typically employed by low-skilled cyber criminals but with the capability to be exploited by state actors. What makes JBiFrost so potent is that it is cross-platform, with the ability to operate on Windows, Linux, MAC OS X and Android. Often delivered via a phishing email, it allows attackers to move across networks and install additional software. This particular RAT is publicly available and the cyber security agencies said they have observed it being used in targeted attacks against critical national infrastructure owners and their supply chain operators.



Quote for the day:


"The level of morale is a good barometer of how each of your people is experiencing your leadership." -- Danny Cox