Daily Tech Digest - September 29, 2020

The rise of remote work can be unexpectedly liberating

Employees could become increasingly mercenary, no longer swayed by the strong social bonds and physical-world perks of the office of the past. For their part, employers could increasingly view their staffs as little more than interchangeable work units. As a manager, no matter how objective I think I may be, I would probably find it easier to fire an employee with whom I had little personal connection. That difficult conversation would be reduced to a few minutes on a screen, with no chance of running into the person later in the coffee room. All of this may sound dismal, but this change in employee psychology and loyalty may come with an unexpected liberation, encouraging workers to look beyond the workplace to build friendships and identity. In our previous office lives, some of us had access to free food, coffee rooms or other on-site perks. We might have enjoyed them, but they also helped keep us in the office for long hours. Likewise, the presence of co-workers and bosses made us more compliant, less likely to take a proper lunch hour or make the effort to attend a child’s school event. With our offices gone, our days have now opened up. Why not make that doctor’s appointment for 4 p.m.? Why not pick the kids up at day care rather than find a babysitter?

Hardware security: Emerging attacks and protection mechanisms

Every hardware device has firmware – a tempting attack vector for many hackers. And though the industry has been making advancements in firmware security solutions, many organizations are still challenged by it and don’t know how to adequately protect their systems and data, she says. She advises IT security specialists to be aware of firmware’s importance as an asset to their organization’s threat model, to make sure that the firmware on company devices is consistently updated, and to set up automated security validation tools that can scan for configuration anomalies within their platform and evaluate security-sensitive bits within their firmware. “Additionally, Confidential Computing has emerged as a key strategy for helping to secure data in use,” she noted. “It uses hardware memory protections to better isolate sensitive data payloads. This represents a fundamental shift in how computation is done at the hardware level and will change how vendors can structure their application programs.” Finally, the COVID-19 pandemic has somewhat disrupted the hardware supply chain and has brought to the fore another challenge.

Still not dead: The mainframe hangs on, sustained by Linux and hybrid cloud

Others say technologies such as machine learning and artificial intelligence will also drive future mainframe development. “Data insights help drive actionable and profitable results—-but the pool of data is growing at astronomical rates. That’s where AI can make a difference, especially when it’s on a mainframe. Consider the amount of data that resides on a mainframe for an organization in the banking, manufacturing, healthcare, or insurance sectors. You’d never be able to make sense of it all without AI,” said Deloitte’s Cobb. As an example, Cobb said core banking operations can do more than simply execute large volumes of transactions. “Banks need deep insights about customer needs, preferences, and intentions to compete effectively, along with speed and agility in sharing and acting on those insights. That’s easier said than done when data is constantly changing. Now if you can analyze data directly on the mainframe, you can get near real-time insights and action. That makes the mainframe an important participant in the AI/ML revolution,” Cobb said.The mainframe environment isn’t without challenges going forward.

How AI can transform finance departments to help Covid-19 recovery

The modern world has made company spending less centralised than ever before, with employees spending money across so many expense categories and using more payment methods than ever before. This growth in the volume of financial data leads to an increase in the risk of fraud and noncompliance. This is a risk few businesses can take, especially when cash flow needs to be conserved. A study by the Association of Certified Fraud Examiners (ACFE) found that the average organisation loses 5% of its annual revenue to internal fraud. During an economic downturn, this is simply unsustainable. Much of this is accidental, with employees often mistakenly duplicating expense claims or invoices. Businesses are only able to audit around 10% of expense reports manually, so much potential fraud goes undetected. AI provides a solution to this problem, enabling the auditing of every single spend report. It can predict patterns and detect any anomalies that appear in financial data. Covid-19 has made it more important than ever that businesses are identifying any fraudulent activity and preventing it. Invoice fraud is one example that has seen an increase during the pandemic. 

Universal Health Services' IT Network Crippled

According to a post on Reddit by an individual who claims to work at a UHS facility in the Southeastern U.S., on Sunday at approximately 2 a.m., systems in the facility's emergency department "just began shutting down." The individual says: "I was sitting at my computer charting when all of this started. It was surreal and definitely seemed to propagate over the network. All machines in my department are Dell Win10 boxes." Anti-virus programs were disabled by the attack, and hard drives "just lit up with activity," the individual writes. "After one minute or so of this, the computers logged out and shutdown. When you try to power back on the computers they automatically just shut down. We have no access to anything computer based including old labs, EKGs, or radiology studies. We have no access to our PACS radiology system." Media outlet Bleeping Computer reports that an UHS insider says that during the incident, files were being renamed to include the .ryk extension. This extension is used by the Ryuk ransomware. Likewise, citing "people familiar with the incident," the Wall Street Journal reports that the attack did indeed involve ransomware.

The Shared Irresponsibility Model in the Cloud Is Putting You at Risk

The Shared Responsibility Model is pretty well understood now to mean: "If you configure, architect, or code it, you own the responsibility for doing that properly." While the relationship between the customer and the cloud is well understood, our experience working with software teams indicates the organization and architectural security responsibilities within organizations are not. And that is where the Shared Irresponsibility Model comes into play. When something goes wrong in the cloud — some form of security issue or incident —corporate management inevitably will come looking for the most senior person in the IT organization to blame. The IT organization and development teams might not have gone line by line through the various cloud providers' Shared Responsibility Models to entirely understand what is and isn't something they have to deal with. Developers are focused on developing and getting code running, typically with high rates of change. With the cloud, pushing code into production doesn't have many hurdles. The cloud provider is not responsible for an organization's own compliance, and, by default, it typically will not alert on misconfigurations that could introduce risk, either. 

Identity theft explained: Why businesses make tempting targets

Identity theft is most often associated with the act of stealing an individual's identity. But as Mitt Romney once famously said, "corporations are people, my friend," and businesses have all the sorts of "personal" data — tax ID numbers and bank accounts, for instance — that individuals have, which can be stolen and abused. We're not talking about security breaches or employees misusing corporate assets here; we're talking about an identity thief pretending to be someone within a company who has the authority to make financial transactions, just like they might pretend to be another individual. In fact, a business may be an even more tempting target for an identity thief than an individual because businesses have high credit limits, substantial bank accounts, and make big payments to vendors on a regular basis. The consequences can be dire, particularly for small businesses where the founder's or owner's finances are deeply entangled with the company's. Before we move on, we should take note of a couple of ways that even the theft of individuals' identities can affect businesses. For instance, one of the most pernicious effects of identity theft is just how much time victims have to spend calling credit agencies and financial institutions to resolve the issue; a recent study found that victims can take up to 175 hours to set everything straight

Using Nginx to Customize Control of Your Hosted App

Nginx is an open-source web server that is a world leader in load balancing and traffic proxying. It comes with a plethora of plugins and capabilities that can customize an application’s behavior using a lightweight and easy-to-understand package. According to Netcraft and W3Techs, Nginx serves approximately 31-36% of active websites, putting it neck and neck with Apache as the world’s preferred web server. This means that not only is it well-respected, trusted, performant enough for a large portion of production systems, and compatible with just about any architecture, it also has a loyal following of engineers and developers supporting the project. These are key factors in considering the longevity of your application, how portable it can be, and where it can be hosted. Let's look at a situation when you might need Nginx. In our example, you've created an app and deployed it on a Platform as a Service (PaaS)—in our case, Heroku. With PaaS, your life is easier, as decisions about the infrastructure, monitoring, and supportability have already been made for you, guaranteeing a clean environment for you to run your applications with ease.

The future of retail isn’t what it used to be

Appointment-based shopping is one key area of immediate opportunity. Initially seen in luxury and higher-end stores, appointment-based shopping balances safety, capacity, and personalized service. It can also serve two needs at once. For example, Best Buy uses appointments for more guided shopping with an advisor. For clothing retailers, appointment-based shopping can help customers schedule dressing room visits with the specific items they want to try. With the right digital capabilities, consumers can shop online, select items in various sizes, and schedule a time and room to visit a retailer to experience a personalized trial and fitting. Making the in-store shopping experience better should include planograms and the ability to look up assortments and stock in a store. Assortment differences from store-to-store mean that shoppers may go into a store looking for a product that a particular location does not stock. Home Depot and Target both do well in indicating if a product is in stock and where it’s located within the store. Contactless shopping is another area worth further focus. Self-checkout in retail has been available and increasing its footprint for some time.

Microsoft: Some ransomware attacks take less than 45 minutes

Per Microsoft, the most targeted accounts in BEC scams were the ones for C-suites and accounting and payroll employees. But Microsoft also says that phishing isn't the only way into these accounts. Hackers are also starting to adopt password reuse and password spray attacks against legacy email protocols such as IMAP and SMTP. These attacks have been particularly popular in recent months as it allows attackers to also bypass multi-factor authentication (MFA) solutions, as logging in via IMAP and SMTP doesn't support this feature. Furthermore, Microsoft says it's also seeing cybercrime groups that are increasingly abusing public cloud-based services to store artifacts used in their attacks, rather than using their own servers. Further, groups are also changing domains and servers much faster nowadays, primarily to avoid detection and remain under the radar. But, by far, the most disruptive cybercrime threat of the past year have been ransomware gangs. Microsoft said that ransomware infections had been the most common reason behind the company's incident response (IR) engagements from October 2019 through July 2020.

Quote for the day:

"Leadership is unlocking people's potential to become better." -- Bill Bradley

No comments:

Post a Comment