There are bad bugs, and there are worse bugs. But until this week, there had never been a bug that killed a social network. Then the Wall Street Journal reported that a glitch had exposed private Google+ profile information to third-party developers between 2015 until earlier this year. A few hours later, the network — which once claimed 135 million users — was dead. For most of its seven years, Google’s effort to build a Facebook-style social network served mostly as a punchline. The company regularly touted suspiciously massive user numbers, but aside from a few pockets of enthusiasts, Google+ never managed to find a place in people’s lives the way Gmail, YouTube, or other Google services did. Google attempted to reinvent Plus several times, most recently as a kind of modern spin on message boards. And one part of Plus, which focused on helping you organize your photos, thrived once it spun out into a separate service. But mostly it was a wild goose chase … [Read more...] about Google has a big advantage over Facebook in a crisis
Crisis action hack
Sections Skip to content Skip to site index Feature As the midterms approach, America’s electronic voting systems are more vulnerable than ever. Why isn’t anyone trying to fix them? Credit Credit Photo illustration by Javier Jaén. Source photograph: Getty Images Supported by ByKim Zetter Sept. 26, 2018 It was mid-July 2016 when Neil Jenkins learned that someone had hacked the Illinois Board of Elections. Jenkins was a director in the Office of Cybersecurity and Communications at the Department of Homeland Security, the domestic agency with a congressional mandate to protect “critical infrastructure.” Although election systems were not yet formally designated as such — that wouldn’t happen until January 2017 — it was increasingly clear that the presidential election was becoming a national-security issue. Just a month before, Americans had been confronted with the blockbuster revelation that Russian … [Read more...] about The Crisis of Election Security
Barack Obama's cybersecurity czar, Michael Daniel, acknowledges this much: The Trump administration is doing a lot for cybersecurity. But it's not in spite of the former president's administration, Daniel said in an interview Thursday. It's because of what Obama's team accomplished, he said."Every administration has built on the successes and lessons from previous administrations," said Daniel, who was the White House cybersecurity coordinator during Obama's last four years in office. He now serves as the head of the Cyber Threat Alliance, a collective of security experts and researchers dedicated to protecting the world from hacks, vulnerabilities and online exploits. The White House did not respond to a request for comment. Daniel's assessment comes two days after Vice President Mike Pence blasted the Obama administration for, in his words, failing on cybersecurity issues. At the Department of Homeland Security's National Cybersecurity Summit in New York, Pence said that the … [Read more...] about Trump did not ‘inherit a cyber crisis,’ Obama’s cybersecurity czar says
As the threat of cyberattacks on the United States launched by foreign adversaries grows, the federal government has been slow to respond. But changes announced Tuesday at the Department of Homeland Security, along with a new bipartisan bill aimed at shoring up DHS cybersecurity initiatives, could give newfound purpose to defenses against critical infrastructure hacking. At a cybersecurity summit Tuesday, Homeland Security secretary Kirstjen Nielsen announced the creation of the National Risk Management Center, which will focus on evaluating threats and defending US critical infrastructure against hacking. The center will focus on the energy, finance, and telecommunications sectors to start, and DHS will conduct a number of 90-day “sprints” throughout 2018 in an attempt to rapidly build out the center’s processes and capabilities. "We are reorganizing ourselves for a new fight," Nielsen said on Tuesday, who described the new center as a “focal point” for … [Read more...] about A New DHS Cybersecurity Center Will Combat Infrastructure Hacks
It's been a year since the gigantic WannaCry ransomware cyber attack caused chaos across the world, hitting more than 230,000 computers in total.The hard drive encrypting malware spread so fast because the group behind it had combined normal malware with EternalBlue, a leaked NSA hacking tool which allowed WannaCry to use worm-like capabilities to self-propagate on vulnerable Windows systems.While there was some initial speculation that WannaCry was spread in an email spam campaign, the ransomware didn't in fact require any user interaction at all. Combining EternalBlue and another leaked exploit in the form of DoublePulsar, the worm looked for vulnerable public facing SMB ports it could establish a connection to.Once these were located, the leaked SMB exploits were harnessed to not only deploy WannaCry on that particular system, but to spread to all other vulnerable machines on the connected network. In essence, even just one open, vulnerable SMB port could lead to a whole network … [Read more...] about WannaCry ransomware crisis, one year on: Are we ready for the next global cyber attack?