Showing posts with label Cybercrime. Show all posts
Showing posts with label Cybercrime. Show all posts

Wednesday, 1 January 2025

Y2K Reminder

   


   At the start of a new year, I was reminded of how we all feared the start of the one at the beginning of this century. We were very uncertain as to whether moving from 19... to 20... might bring down everything. The reminder came in the form of this headline: "More Frequent -- And Disruptive --Tech Outages Are On the Way". It was in an article that recalled the big crash many of us experienced in July when a "routine software update containing a bug that crashed 8.5 computers. It was the largest IT outage in history, grounding 17,000 flights, preventing doctors from accessing medical records, interrupting 911 services and plunging broadcasters into blackouts. Such massive outages are rare, but here's why smaller outages and data breaches will happen more often in 2025."
   Some crashes will happen because of accidents or mistakes. The author points out that:
   "The logic is simple: more complex systems contain more vulnerabilities. For example, software engineers today often rely on open-source code, which performs simple tasks like calculating time zone differences. The code is free and saves time. But it can also be buggy and plagued with compatibility problems, leading to accidental disruptions. This past March, a misconfiguration in OpenSSL—an open-source software library that encrypts a large volume of internet traffic—triggered crashes in web services and databases. It took days to patch the issue."
  Another author, just yesterday, wrote about giving out "Good Tech Awards", 
  "To Andres Freund, and every open-source software maintainer saving us from doom. The most fun column I wrote this year was about a Microsoft database engineer, Andres Freund, who got some odd errors while doing routine maintenance on an obscure open-source software package called xz Utils. While investigating, Mr. Freund inadvertently discovered a huge security vulnerability in the Linux operating system, which could have allowed a hacker to take control of hundreds of millions of computers and bring the world to its knees.It turns out that much of our digital infrastructure rests on similar acts of nerdy heroism."
   That sentence indicates that some crashes will be intentional or deliberate. The day after reading the first article, I was having breakfast with friends, and one of them asked another why he had not been responding to his emails and the answer turned out to be that they had been sent to the company for which he worked and that company had been the victim of a cybercrime. The company has since paid the criminals.
  There have been many articles about such attacks, which bring down systems if a ransom is not paid. Even systems in hospitals, or libraries like those in Calgary, Toronto and the British Library. 
  If you search for examples involving cybercrime or ransomware they are easy to find and attacks are found daily in many different publications that focus on these subjects. The illustration above, came from one, Cybercrime Magazine. In it, under "Latest Security and Privacy News", one finds many and here are just a few recent, Canadian cases:
Auto parts giant LKQ says cyberattack disrupted Canadian business unit.
Cyberattack hits third-party service provider that collects Manitoba court fines.
Outage at Winnipeg schools confirmed as cyberattack.
 LifeLabs data breach report released after firm loses four-year bid to keep it quiet.
Canada Arrests Man Suspected of Hacks of Snowflake Customers.
Chinese state-backed hackers breached 20 Canadian government networks over four years, agency warns.

   Even if you are someone who doesn't rely on computers and the Internet, you are reading this. Even a pure Luddite these days would be surprised by how much could not be done if systems go down. A major internet crash could be worse than a stock market meltdown. We are lucky every day when the power comes on, water pours from the faucet and the computer and TV work.
Sources: 
"More Frequent—and Disruptive—Tech Outages Are on the Way: As companies offload tech systems to third-party suppliers, their supply chains will become vulnerable," Kami Vaniea, Maclean's, Dec. 17, 2024.
"The 2024 Good Tech Awards," Kevin Roose, NYT, Dec. 30, 2024.  

Posted by at No comments:
Labels: , , , , ,

Wednesday, 25 April 2018

Cybercrime & Cyberwarfare

Ransomware Again

   
 
      By now you are very much aware of this subject and I was reminded of it because of another recent attack. It appears that even small islands are not safe from the extortionists. (See: “P.E.I. Government Website Down for Several Hours After Ransomware Attack,” Toronto Star (CP), April 23, 2018). The growing problems associated with Internet use sent me looking for the following article which I remembered and noted. It points out that although the Internet is not as important as many earlier discoveries, we are now all more vulnerable because of it. While we may overstate the importance of the Internet, we surely underestimate the damage that will be done when it goes down.

      “If I could, I would repeal the Internet. It is the technological marvel of the age, but it is not — as most people imagine — a symbol of progress. Just the opposite. We would be better off without it. I grant its astonishing capabilities: the instant access to vast amounts of information, the pleasures of YouTube and iTunes, the convenience of GPS and much more.   
     But the Internet’s benefits are relatively modest compared with previous transformative technologies, and it brings with it a terrifying danger: cyberwar. Amid the controversy over leaks from the National Security Agency, this looms as an even bigger downside.
     By cyberwarfare, I mean the capacity of groups — whether nations or not — to attack, disrupt and possibly destroy the institutions and networks that underpin everyday life. These would be power grids, pipelines, communication and financial systems, business record-keeping and supply-chain operations, railroads and airlines, databases of all types (from hospitals to government agencies). The list runs on. So much depends on the Internet that its vulnerability to sabotage invites doomsday visions of the breakdown of order and trust...."
     All this qualifies our view of the Internet. Granted, it’s relentless. New uses spread rapidly. Already, 56 percent of U.S. adults own smartphones and 34 percent have tablets, says the Pew Internet & American Life Project. But the Internet’s social impact is shallow. Imagine life without it. Would the loss of e-mail, Facebook or Wikipedia inflict fundamental change? Now imagine life without some earlier breakthroughs: electricity, cars, antibiotics. Life would be radically different. 
     The Internet’s virtues are overstated, its vices understated. It’s a mixed blessing — and the mix may be moving against us.”

Source: Robert Samuelson, "Of Internet Threats and Cyberattacks,"Washington Post,  June 30, 2013.
P.S. (P.E.I. was able to resolve the problem -this time.)
Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)