World-Check Database Leaked by Third Party
October 4, 2016
This is the problem with sensitive data—it likes to wander from its confines. Motherboard reports, “Terrorism Database Used by Governments and Banks Leaked Online.” Security researcher Chris Vickery reported stumbling upon a copy of the World-Check intelligence database from mid-2014 that was made available by a third party. The database maintained by Thomson Reuters for use by governments, intelligence agencies, banks, and law firms to guard against risks. Reporter Joseph Cox specifies:
Described by Thomson Reuters as a ‘global screening solution,’ the World-Check service, which relies on information from all over the world, is designed to give deep insight into financial crime and the people potentially behind it.
We monitor over 530 sanctions, including watch and regulatory law and enforcement lists, and hundreds of thousands of information sources, often identifying heightened-risk entities months or years before they are listed. In fact, in 2012 alone we identified more than 180 entities before they appeared on the US Treasury Office of Foreign Assets Control (OFAC) list based on reputable sources identifying relevant risks,’ the Thomson Reuters website reads.
A compilation of sensitive data like the World-Check database, though built on publicly available info, is subject to strict European privacy laws. As a result, it is (normally) only used by carefully vetted organizations. The article notes that much the U.S.’s No Fly List, World-Check has been known to flag the innocent on occasion.
Though Vickery remained mum on just how and where he found the data, he did characterize it as a third-party leak, not a hack. Thomson Reuters reports that the leak is now plugged, and they have secured a promise from that party to never leak the database again.
Cynthia Murrell, October 4, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Revolving Door Hires at Google
September 7, 2016
It looks like Google has determined the best way to address its legal challenges in Europe is to infiltrate and influence its governments. The Guardian reports, “Google: New Concerns Raised About Political Influence by Senior ‘Revolving Door’ Jobs.” The personnel-based tactic has apparently worked so well in the U.S. that Google is applying it to the European arena. Writer Jamie Doward cites research by the the Google Transparency Project, a venture of the Campaign for Accountability (CfA), when she writes:
New concerns have been raised about the political influence of Google after research found at least 80 ‘revolving door’ moves in the past decade – instances where the online giant took on government employees and European governments employed Google staff. … The CfA has suggested that the moves are a result of Google seeking to boost its influence in Europe as the company seeks to head off antitrust action and moves to tighten up on online privacy.
The article gets into specifics on who was hired where and when; navigate to it for those details. In sum, Doward writes:
Overall, the research suggests that Google, now part of parent company Alphabet Inc, has hired at least 65 former government officials from within the European Union since 2005.
During the same period, 15 Google employees were appointed to government positions in Europe, gaining what the CfA claims are ‘valuable contacts at the heart of the decision-making process’.
Anne Weisemann, CfA executive director, points to Google’s success influencing the U.S. government as a driving factor in its EU choices. She notes Google spends more to lobby our federal government than any other company, and that Google execs grace the White House more than once a week, on average. Also, CfA points to more than 250 of these “revolving door” appointments Google has made in the U.S.
For its part, Google claims it is just hiring experts who can answer government officials’ many questions about the Internet, about their own business model, and the “opportunity for European businesses to grow online.” There’s no way that could give Google an unfair advantage, right?
The article concludes with a call to reevaluate how government officials view Google—it is now much more than a search engine, it is a major political actor. Caution is warranted as the company works its way into government-run programs like the UK’s National Health Service and school systems. Such choices, ones that can affect the public on a grand scale, should be fully informed. Listening to Google lobbyists, who excel at playing on politicians’ technical ignorance, does not count.
Cynthia Murrell, September 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/
A Snapshot of American Innovation Today
May 23, 2016
Who exactly are today’s innovators? The Information Technology & Innovation Foundation (ITIF) performed a survey to find out, and shares a summary of their results in, “The Demographics of Innovation in the United States.” The write-up sets the context before getting into the findings:
“Behind every technological innovation is an individual or a team of individuals responsible for the hard scientific or engineering work. And behind each of them is an education and a set of experiences that impart the requisite knowledge, expertise, and opportunity. These scientists and engineers drive technological progress by creating innovative new products and services that raise incomes and improve quality of life for everyone….
“This study surveys people who are responsible for some of the most important innovations in America. These include people who have won national awards for their inventions, people who have filed for international, triadic patents for their innovative ideas in three technology areas (information technology, life sciences, and materials sciences), and innovators who have filed triadic patents for large advanced-technology companies. In total, 6,418 innovators were contacted for this report, and 923 provided viable responses. This diverse, yet focused sampling approach enables a broad, yet nuanced examination of individuals driving innovation in the United States.”
See the summary for results, including a helpful graphic. Here are some highlights: Unsurprisingly to anyone who has been paying attention, women and U.S.-born minorities are woefully underrepresented. Many of those surveyed are immigrants. The majority of survey-takers have at least one advanced degree (many from MIT), and nearly all majored in STEM subject as undergrads. Large companies contribute more than small businesses do while innovations are clustered in California, the Northeast, and close to sources of public research funding. And take heart, anyone over 30, for despite the popular image of 20-somethings reinventing the world, the median age of those surveyed is 47.
The piece concludes with some recommendations: We should encourage both women and minorities to study STEM subjects from elementary school on, especially in disadvantaged neighborhoods. We should also lend more support to talented immigrants who wish to stay in the U.S. after they attend college here. The researchers conclude that, with targeted action from the government on education, funding, technology transfer, and immigration policy, our nation can tap into a much wider pool of innovation.
Cynthia Murrell, May 23, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
More Hacked US Voter Data Appears on the Dark Web
February 25, 2016
From HackRead comes a piece called More US Voters Data Circulating on the Dark Net, which points to the lack of protection surrounding data on US voters. This data was leaked on the site The Hell on Dark Web. No reports yet suggest how this data was hacked. While no social security numbers or highly sensitive information was released, records include name, date of birth, voter registration dates, voting records, political affiliation and address. Continuing the explanation of implications, the article’s author writes,
“However, it provides any professional hacker substantial information to initiate and plan a phishing attack in the next election which takes place in the US. Recent discoveries, news and speculations have exposed the role of nation-state actors and cyber criminals in planning, instigating and initiating hacking attacks aimed at maligning the upcoming US elections. While social media has emerged as one of the leading platforms adopted by politicians when they wish to spread a certain message or image, cyber criminals and non-state actors are also utilizing the online platform to plan and initiate their hacking attacks on the US election.”
As the article reminds us, this is the not first instance of voter records leaking. Such leaks call into question how this keeps happening and makes us wonder about any preventative measures. The last thing needed surrounding public perception of voting is that it puts one at risk for cyber attacks. Aren’t there already enough barriers in place to keep individuals from voting?
Megan Feil, February 25, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
monograph
The UK Government Invests in Secure Startups
February 15, 2016
The UK has been criticized as being one of the most invasive countries when it comes to monitoring individuals and having security cameras everywhere, even on garbage cans. While the question, “how much is too much?” runs around people’s heads, there is also a concern about the lax of security developments. The UK is much like its former colony the United States in that is interested in beefing up security technology InfoSecurity says in the article, “Government Start-up Support Creates A ‘Very Exciting Time.’”
Government support for UK security tech start-ups is one of the main driving forces in the industry. It demonstrates that the UK government is invested in advancing new ideas and help new companies get the leg up they need to develop the best possibly product before it is delivered to a bigger market. It also proves that the government is taking cybersecurity as a very serious risk that needs bolstering to counteract actions taken by terrorists and rogue nations.
“This week, the UK government announced a £250,000 Early Stage Accelerator Programme to help start-ups in the space get advice, support and funding to develop their products and services and bring them to market. It will be run by Cyber London—described as “Europe’s first cybersecurity accelerator and incubator space”—and the Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast.”
While venture corporations are usually the first place start-ups turn to for investments, the government plays a crucial role in regulating the technology and helping companies grow beyond their initial roots. It also allows the new security start-ups to make important connections with the right government officials to build strategic relationships.
It is wonderful that western governments are taking cyber threats more seriously and take preemptive action against dangerous threats. It would be even better if smaller law enforcement agencies at the city and state level in the US were more capable of handling cyber attacks.
Whitney Grace, February 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
When the Data Cannot Be Trusted
December 22, 2015
A post at Foreign Policy, “Cyber Spying Is Out, Cyber Lying Is In,” reveals that it may be more important now than ever before to check the source, facts, and provenance of digital information. Unfortunately, search and content processing systems do not do a great job of separating baloney from prime rib.
Journalist Elias Groll tells us that the experts are concerned about hacking’s new approach:
“In public appearances and congressional testimony in recent months, America’s top intelligence officials have repeatedly warned of what they describe as the next great threat in cyberspace: hackers not just stealing data but altering it, threatening military operations, key infrastructure, and broad swaths of corporate America. It’s the kind of attack they say would be difficult to detect and capable of seriously damaging public trust in the most basic aspects of both military systems and a broader economy in which tens of millions of people conduct financial and health-related transactions online….
“Drones could beam back images of an empty battlefield that is actually full of enemy fighters. Assembly robots could put together cars using dimensions that have been subtly altered, ruining the vehicles. Government personnel records could be modified by a foreign intelligence service to cast suspicion on a skilled operative.”
Though such attacks have not yet become commonplace, there are several examples to cite. Groll first points to the Stuxnet worm, which fooled Iranian engineers into thinking their centrifuges were a-okay when it had actually sabotaged them into over-pressurizing. (That was a little joint project by the U.S. and Israel.) See the article for more examples, real and hypothesized. Not all experts agree that this is a growing threat, but I, for one, am glad our intelligence agencies are treating it like one.
Cynthia Murrell, December 22, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Search Data from Bing for 2015 Yields Few Surprises
December 11, 2015
The article on Search Engine Watch titled Bing Reveals the Top US and UK Searches of 2015 in the extremely intellectual categories of Celebs, News, Sport(s), Music, and Film. Starting with the last category, guess what franchise involving wookies and Carrie Fisher took the top place? For Celebrity searches, Taylor Swift took first in the UK, and Caitlyn Jenner in the US, followed closely by Miley Cyrus (and let’s all take a moment to savor the seething rage this data must have caused in Kim Kardashian’s heart.) What does this trivia matter? Ravleen Beeston, UK Sales Director of Bing, is quoted in the article with her two cents,
“Understanding the interests and motivations driving search behaviour online provides invaluable insight for marketers into the audiences they care about. This intelligence allows us to empower marketers to create meaningful connections that deliver more value for both consumers and brands alike. By reflecting back on the key searches over the past 12 months, we can begin to anticipate what will inspire and how to create the right experience in the right context during the year to come.”
Some of the more heartening statistics were related to searches for women’s sports news, which increased from last year. Serena Williams was searched more often than the top five male tennis players combined. And saving the best for last, in spite of the dehumanizing and often racially biased rhetoric we’ve all heard involving Syrian refugees, there was a high volume of searches in the US asking how to provide support and aid for refugees, especially children.
Chelsea Kerwin, December 11, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
