Category Archives: Online Security

United States Gets Ready to Fight Cyber Threat

When people think of cyber threats, they usually think of financial accounts being hacked. Unfortunately, there are much more dangerous threats that are possible through cyber strikes. Whether it’s a derailed train loaded with explosives or an affected power grid in a large city, these threats are not to be overlooked. With American lives on the line, the United States is making changes to how they will handle these threats. In other words, the cyber-strike force can find hackers who threaten Americans and will have the power to take them out.

You may be reading this and scoffing at the idea of a cyber threat doing much more than disrupting your internet access. This is because many people fail to realize how reliant Americans have become on technology and how much of that technology is reliant on computer systems and the internet. It’s not just your internet that could be affected. It could be a nuclear power plant that is attacked and goes into meltdown. It could a city water supply that is poisoned. It could even be satellites that are disrupted and prevent access to bank account funds. The damage could be small or it could be devastating. That’s why our country is preparing for the worst.

Our cyber-strike force is making changes that will allow the military to take defensive action when a threat that could kill Americans is detected. The President would still need to okay these actions, but it’s clear that we’re getting a better idea of how dangerous cyber threats could be. And, while those that attempt these attacks may think they are safe, the United States has the ability to track down attackers and hold them accountable.

It’s a scary world we live in. While technology has certainly made our lives easier, it has also opened a new way for our lives to be threatened. Do we rely too heavily on technology? Should some things continue to be protected by a physical staff, rather than digital passwords? Who knows. The simple truth is America needs to take its level of security into account when it comes to cyber technology. There should be multiple levels of security protecting the most dangerous areas. It’s only through serious protection that we can hope to protect the lives of Americans and this means taking cyber threats seriously. If we learned anything from September 11, it was that threats should never be ignored.

Digital Assets and Death

Chances are you have a will and other paper documents that have been prepared in the event of your death. What you may not have is information on how family members can access your digital assets upon your death. It’s something that many never think to disclose. However, if family members don’t have access to this information, it can be difficult to follow the instructions in your will. Not only that, but family members may also have trouble accessing important files, such as family photos. The following explains the importance of giving access to digital assets to your family upon your death and how to do it.

Many people rely on online financial institutions for a number of services. You may have your IRA account, life insurance, and at least one bank account through an online company that doesn’t have physical offices. Without passwords, it can be impossible for family members to access this information. This means that it may be impossible for them to pay for a proper funeral or carry out your final wishes. If you work online, you may also have quite a bit of money in a PayPal account and have clients that need to be notified. All of which your family will need to know about.

It’s not only financial accounts that your family will want to access. Chances are you also have a number of family photos stored digitally. These photos should be passed down and cherished by your family, not be erased because no one knew they were on the hard drive.

There are actually a number of ways you can help your family access your digital assets. When it comes to passwords, you never want to have a file in your home that contains this information. However, what you can do is create a list of accounts and log-in information and put it in a safe deposit box at the bank. The key could then be placed with your will along with instructions on where the deposit box is located. You could also have a trusted family member keep the file. When it comes to family photos, you could also make a note in your will about their location.

Digital assets are often overlooked, but this can really hurt your family. If you want to make sure your family accesses all your accounts upon your death, you need to find a way to share this information. Whether you share your passwords before your death or leave clues on where to find the information in your will, you can make it easier for your family to move forward.

Biometric databases: Cause for concern or helpful tool?

Consider this, a database that is so big that it will require 10 times the memory storage capacity of Facebook (and considering how Facebook interacts that’s a whole lot of memory)  and this database doesn’t plan on stopping there. It plans to collect the biometic data of India’s approximately 1.2 billion residents.  While India’s biometic database may currently be the largest plan to date, it is not without  competition.

The National Identity Management Commission (NIMC) of Nigeria announced a proposal to register 100 million Nigerians in its recently introduced biometric database system within a period of 30 months. This database would require Nigerians, aged 16 years and older to register their information, which is to be used to “harmonize” services and other databases such as Driver’s license, voter registration and online banking.

“Nigeria lacks a comprehensive database for its citizens as 75 percent of the available identity documents are fake or self-issued and they are sectoral silos without a common key,” Onyemenam said. “With a reliable national identity database in place, challenges of security and fraud would be dealt with because it would checkmate security threats.’’

Biometic databases are nothing new. The Washington Post reported in 2007 “The FBI is embarking on a $1 billion effort to build the world’s largest computer database of peoples’ physical characteristics, a project that would give the government unprecedented abilities to identify individuals in the United States and abroad.”   However, what you may not know is that according to this same article,

  • The Defense Department has been storing in a database images of fingerprints, irises and faces of more than 1.5 million Iraqi and Afghan detainees, Iraqi citizens and foreigners who need access to U.S. military bases.
  • The Pentagon also collects DNA samples from some Iraqi detainees, which are stored separately.
  • The Department of Homeland Security has been using iris scans at some airports to verify the identity of travelers who have passed background checks and who want to move through lines quickly.
  •  The DHS already has a database of millions of sets of fingerprints, which includes records collected from U.S. and foreign travelers stopped at borders for criminal violations, from U.S.

(Quoted for accuracy).

Nandan Nilekani, “father” of India’s Unique Identity (UID) program calls this “the biggest social project on the planet,”  and that the current system of identification (or lack thereof) actually “hampers economic growth and emboldens corrupt bureaucrats.”

Not everyone agrees,“Skeptics see a threat of state intrusions, or detect patriotic vanity.”  Nine million Israeli’s found out exactly how much concern a biometic database could cause when their government database was part of the country’s primary national biometric database was stolen.   This database contained the name, date of birth, national identification number, and family members of nine million living and dead Israelis, detailed health information, and information on birth parents of hundreds of thousands of adopted Israelis.

So, what would someone do with all this information?  Sell it of course.  Or cause all sorts of trouble by simply uploading it to the Internet, so that this information was freely downloadable.

The “thief” was caught, but not before the damage was done.

In the U.S. the new system came under scrutiny as it raised a number of privacy and security concerns.  The ACLU wondered if all the information gathered should be easily accessible, and what happens if it is incorrect?  Concerns regarding constitutional rights were also raised.

Other concerns about biometric data systems in the US were expressed by Paul Saffo, a Silicon Valley technology forecaster,   “Unlike say, a credit card number, biometric data is forever. If someone steals and spoofs your iris image, you can’t just get a new eyeball,” Saffo said.

India and Nigeria are not the only one’s planning upgrades.  The FBI plans to make a “Bigger — Better — Faster,” program  with it’s plans for Next Generation Identification (NGI). This program would be a  billion-dollar upgrade to a database that will then contain: iris scans, photos searchable with face recognition technology, palm prints, and measures of gait and voice recordings alongside records of fingerprints, scars, and tattoos.

Proponents of biometric databases claim that these types of programs can help with everything from making shopping easier (as you pay with a thumbprint or iris scan and have it deducted from your account) to fighting fraud for public services and even protection against terrorist.  However, not everyone is convinced of the positive attributes citing privacy concerns and security breaches (as I found out with the recent Yahoo breach).  The Electronic Frontier Foundation offers this opinion,

“A biometric data collection program of this scale, particularly in the absence of an existing data protection law, presents serious risks to individuals’ privacy. Rather than improving people’s lives, Aadhaar could place their highly sensitive personal information at risk.”

 

Was the GoDaddy Outage Really Due to a Hacker?

GoDaddy had an outage on Monday that lasted for close to six hours, leaving those with GoDaddy hosted websites and email out of service. It’s a huge inconvenience to business owners and those who depend on regular traffic to their websites. Page views were down across all of my sites and once my email did come back up, there were major delays and what appears to be lost messages between clients. In short, it was a major hassle for anyone who depended on GoDaddy services, which was millions of people.

Shortly after the outage, an alleged member of the hacker group Anonymous took credit for the outage. GoDaddy would later deny this hack, claiming their own mistake for the outage. It was not actually the full hacker group who was claiming to have done this deed but just one member who goes by the name “Anonymous Own3r” and says that he acted alone to prove GoDaddy’s vulnerabilities.

Anonymous Own3r says on Twitter: @godaddy how do you explain that a router can compromise services through e-mail hosting and other things? it’s time to you assume my hack — Anonymous Own3r (@AnonymousOwn3r) September 13, 2012

Anonymous Own3r” seemed very stuck on making it known that he had done this hacking but really there is no proof ether way. It’s quite possible he just wanted the fame. If it’s true, he has completed one of the largest successful hacks in history. In the days that followed, he also received many shoutouts and ‘thank yous’ via Twitter for what he had done. He followed up later with a post that GoDaddy is “government owned”:

While some may have seen this as an act of vigilantism, there are many of us who were severely affected and don’t appreciate being made the target just so some hacker can prove a point to a company. Who are they really hurting when they do this? Continue reading Was the GoDaddy Outage Really Due to a Hacker?