How Sony Was Hacked
March 15, 2016
Remember when Sony was gearing up to release the controversial flick The Interview starring James Franco and Seth Rogen and how the CIA recruited them to kill Kim Jong-un, when suddenly their system was hacked? The people who hacked Sony called themselves “God’sApstls” and demanded the production company pay them an undisclosed amount of money or else they would “be bombarded as a whole.” Sony Pictures ignored the threat and the studio was taken offline for weeks, resulting in $35 million IT damages.
Motherboard investigated the current status of the Sony attack, it took place in 2014, which the company is still reeling from, “These Are The Cyberweapons Used To Hack Sony.” The FBI officially stated that the hackers were on the North Korean pay roll and still going about their business. A security researcher coalition thinks they can expose the hackers’ extensive malware arsenal.
“Andre Ludwig, the senior technical director at Novetta Research and Interdiction Group, said that the investigation started from four hashes (values that uniquely identify a file) that the Department of Homeland security published after the attack. With those few identifying strings, and after months of sleuthing, the researchers found 2,000 malware samples, both from online malware portal VirusTotal, as well as from antivirus companies. Of those, they manually reviewed and catalogued 1,000, and were able to identify 45 unique malware strains, revealing that the Sony hackers had an arsenal more sophisticated and varied than previously thought.”
The goal is to disrupt the hacker group often enough that they have to use their time, resources, and energy to rebuild their defenses and even lose some of their capabilities. They also might lose access to their past victims. There is good suspicion, however, to believe the hackers were not North Koreans:
“As it turns out, the hackers’ arsenal contains not only malware capable of wiping and destroying files on a hard disk like the Sony hack, but also Distributed Denial of Service (DDoS) tools, tools that allow for remotely eavesdropping on a victim’s computer, and more, according to the report. The researchers tracked some of this tools in cyberattacks and espionage operations that go as far as back as 2009, perhaps even 2007, showing the hackers that hit Sony have a long history.”
What the data reveals is that the hackers have been around for a long, long time (perhaps the North Korean government simply hired them?) and have had years to build up their arsenal. The counteroffensive, however, has built up its own and learned from the Sony hack job, pitting the hackers’ tools against them in hopes they will not be as effective in the future.
Warriors…er…coders, hackers, developers, etc. learn from each other to build stronger and better tools. The old adage, “the enemy of my enemy is my friend,” so who is the hackers’ enemy-other than the obvious USA?
Whitney Grace, March 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Fighting the Academic Publishers Gets You Fired
September 11, 2015
Academic publishers, such as Springer and Elsevier, have a monopoly on academic publishing and they do not want to lose their grasp. In the Slashdot science forum, a report from The Guardian was posted “Paywalled Science Journals Under Fire Again” describing how the academic publishers won a battle in Australia.
The Medical Journal of Australia (MJA) fired their editor Professor Stephen Leeder, when he expressed his displeasure over the journal outsourcing its functions to Elsevier. Leeder might have lost his job, but he will speak at a symposium at the State Library of NSW about ways academic communities can fight against the commoditization of knowledge.
What is concerning is that academic publishers are more interested in turning a profit than expanding humanity’s knowledge base:
“Alex Holcombe, an associate professor of psychology who will also be presenting at the symposium, said the business model of some of the major academic publishers was more profitable than owning a gold mine. Some of the 1,600 titles published by Elsevier charged institutions more than $19,000 for an annual subscription to just one journal. The Springer group, which publishes more than 2,000 titles, charges more than $21,000 for access to some of its titles. ‘The mining giant Rio Tinto has a profit margin of about 23%,’ Holcombe said. ‘Elsevier consistently comes in at around 37%. Open access publishing is catching on, but it requires researchers to pay up to $3000 to get a single open access article published.’”
Where does the pursuit of knowledge actually take place if researchers are at the mercy of academic publishers? One might say that researchers could publish their work for free on the Web, but remember that anyone can do that. Being published under a reputable banner adds to study’s authenticity and also helps it get used to support other research. The problem lies in the fact that big academic publishers limit who accesses their content to subscription holders and often those subscriptions are too expensive for the average researcher to afford on their own. Researchers want to have access to more academic content, but it is being locked down.
Whitney Grace, September 11, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Monopoly On Scientific Papers
August 31, 2015
If you work in the academic community this headline from Your News Wire shouldn’t come as a surprise: “Nearly All Scientific Papers Controlled By Same Six Corporations.” A group of researchers studied scientific papers published between 1973-2013 and discovered that six major publishers ruled the industry: Wiley-Blackwell, Springer, Taylor & Francis, Sage, Reed Elsevier, and ACS. During the specified time period, it was found that the larger ones absorbed smaller publishers. Another, more startling, fact came to light as well: academic research groups must rely more and more on the main six publishers’ interests if they want to get their research published.
“Much of the independence that was once cherished within the scientific community, in other words, has gone by the wayside as these major publishers have taken control and now dictate what types of content get published. The result is a publishing oligopoly in which scientists are muzzled by and overarching trend toward politically correct, and industry-favoring, ‘science.’”
The six publishers publish subjects that benefit their profit margin and as a direct result they influence major scientific fields. Fields concerning chemistry, social sciences, and psychology are the most influenced by the publishers. This leads to corruption in the above disciplines and researchers are limited by studies that will deliver the most profits to the publishers. The main six publishers can also publish the papers digitally for a 40% profit margin.
There is good news. The study did find that publishing a paper via a smaller venue does not affect its reach. It also has the added benefit of the smaller venue not pushing a special interest agenda. The real question is are big publishers even needed in a digital age anymore?
Whitney Grace, August 31, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
The Girl with the Advert Tattoo
August 10, 2015
It looks like real publishing companies are now into tattoos or, at least, into leveraging ink’s growing popularity. The Verge reports, “The Desperate Book Industry and ‘Tatvertising’ are a Perfect, Tragic Match.” Reporter Kaitlyn Tiffany tells us that Hachette Austrailia put out the call for a model willing to be tattooed and photographed as part of a promotion for the next Steig Larsson book, “The Girl in the Spider’s Web.” Tiffany likens the effort to a practice, widely considered predatory, that was common just after the turn of the millennium: websites paying those desperate for cash to have ads tattooed on them, (sometimes on their faces!) But, hey, at least those people were paid good money; apparently the reward for this scheme was meant to be the tattoo itself. The article elaborates:
“But why the [heck] does it need to be a real tattoo? When reached for comment, a representative from Razor & JOY, the advertising agency in charge of the campaign, told me, ‘The character of Lisbeth doesn’t do things in half measures — and so we wanted our marketing to capture this passion.’ The representative also explained that the compensation for the woman who is cast would be something… less than monetary: ‘This campaign is an opportunity to give a truly passionate fan a free tattoo that is unique to a strong literary character.’ And a new type of degrading, unpaid labor in the publishing industry was born.”
I’m not sure I’d personally consider this scheme “predatory,” but apparently Tiffany was not alone in her outrage. I visited the link she supplies in her article, and was greeted with a take-back notice; it reads, in part, “The campaign was conceived with good intentions … but some people have been offended. As this was never our intention, we have listened and we have decided we will not continue with the tattoo element of the campaign.” At least the company was wise enough to make a change in response to criticism. I wonder, though, what they will come up with next.
Cynthia Murrell, August 10, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Facebook Program May Disintermediate Google
June 5, 2015
Soon, Facebook users may not have to navigate to Google for relevant links then copy-and-paste them into posts and comments. TechCrunch reports, “Skip Googling with Facebook’s New ‘Add a Link’ Mobile Status Search Engine.” If this program currently being tested on a sample group makes it to all users, you can impress your “friends” a few seconds faster, and with fewer clicks. Actually reading what you find before you share the link is up to you. The article describes:
“Alongside buttons to add photos or locations, some iOS users are seeing a new ‘Add A Link’ option. Just punch in a query, and Facebook will show a list of matching links you might want to share, allow you to preview what’s on those sites, and let you tap one to add it to your status with a caption or share statement. Results seem to be sorted by what users are most likely to share, highlighting recently published sites that have been posted by lots of people. …
“If rolled out to all users, it would let them avoid Googling or digging through Facebook’s News Feed to find a link to share. The ‘Add A Link’ button could get users sharing more news and other publisher-made content. Not only does that fill the News Feed with posts that Facebook can put ads next to. It also gives it structured data about what kind of news and publishers you care about, as well as the interests of your friends depending on if they click or Like your story.”
Writers Josh Constine and Kyle Russell observe that, as of last year, Facebook drives nearly 25 percent of “social” clicks, and publishers are becoming dependent on those clicks. Facebook stands to benefit if their Add A Link button enhances that dependency. Then there is the boost to ad revenue the site is likely to realize by keeping users inside their Facebook sessions, instead of wandering into the rest of the Web. A move that will both please users and the bottom line– well played, Facebook.
Cynthia Murrell, June 5, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
