jerryking + vulnerabilities   47

US declining interest in history presents risk to democracy
May 2, 2019 | Financial Times | by Edward Luce.

America today has found a less bloodthirsty way of erasing its memory by losing interest in its past. From an already low base, the number of American students majoring in history has dropped by more than a third since 2008. Barely one in two hundred American undergraduates now specialise in history......Donald Trump is a fitting leader for such times. He had to be told who Andrew Jackson was.....He also seems to think that Frederick Douglass, the escaped slave and 19th century abolitionist, is among us still.....But America’s 45th president can hardly be blamed for history’s unpopularity. Culpability for that precedes Mr Trump and is spread evenly between liberals, conservatives, faculty and parents........Courses on intellectual, diplomatic and political history are being replaced at some of America’s best universities by culture studies that highlight grievances at the expense of breadth.......Then there is the drumbeat of STEM — science, technology, engineering and mathematics. Most US states now mandate tests only in maths and English, at the expense of history and civic education...... In a recent survey, only 26 per cent of Americans could identify all three branches of government. More than half could not name a single justice on the US Supreme Court.....
the biggest culprit is the widespread belief that “soft skills” — such as philosophy and English, which are both in similar decline to history — do not lead to well-paid jobs.....folk prejudice against history is hard to shake. In an ever more algorithmic world, people believe that humanities are irrelevant. The spread of automation should put a greater premium on qualities that computers lack, such as intuitive intelligence, management skills and critical reasoning. Properly taught that is what a humanities education provides.......People ought to be able to grasp the basic features of their democracy. [Abiding] Faith in a historic theory only fuels a false sense of certainty....What may work for individual careers poses a collective risk to US democracy. The demise of strong civics coincides with waning voter turnout, a decline in joining associations, fewer citizen’s initiatives — and other qualities once associated with American vigour......There is no scientific metric for gullibility. Nor can we quantitatively prove that civic ignorance imposes a political cost on society. These are questions of judgment. But if America’s origins tell us anything it is that a well-informed citizenry creates a stronger society.
=============================================
here is what robots can't do -- create art, deep meaning, move our souls, help us to understand and thus operate in the world, inspire deeper thought, care for one another, help the environment where we live.......The role of the human is not to be dispassionate, depersonalized or neutral. It is precisely the emotive traits that are rewarded: the voracious lust for understanding, the enthusiasm for work, the ability to grasp the gist, the empathetic sensitivity to what will attract attention and linger in the mind. Unable to compete when it comes to calculation, the best workers will come with heart in hand.
========================================================================
algorithms  automation  citizen_engagement  civics  Colleges_&_Universities  critical_thinking  democracy  Donald_Trump  Edward_Luce  empathy  engaged_citizenry  false_sense_of_certainty  foundational  historians  history  historical_amnesia  humanities  ignorance  political_literacy  sense-making  soft_skills  STEM  threats  U.S.  vulnerabilities 
may 2019 by jerryking
Japan gears up for mega hack of its own citizens
February 5, 2019 | Financial Times | by Leo Lewis.

Yoshitaka Sakurada, Japan’s 68-year-old minister for cyber security, stands ready to press the button next week on an unprecedented hack of 200m internet enabled devices across Japan — a genuinely imaginative, epically-scaled and highly controversial government cyber attack on homes and businesses designed as an empirical test of the nation’s vulnerability. A new law, fraught with public contention over constitutionally-guaranteed privacy, was passed last May and has just come into effect to give the government the right to perform the hack and make this experiment possible. The scope for government over-reach, say critics, cannot be overstated. Webcams, routers and other devices will be targeted in the attacks, which will primarily establish what proportion have no password protection at all, or one that can be easily guessed. At best, say cyber security experts at FireEye, the experiment could rip through corporate Japan’s complacency and elevate security planning from the IT department to the C-suite.

The experiment, which will run for five years and is being administered through the Ministry of Internal Affairs and Communications, is intended to focus on devices that fall into the broadly-defined category of “internet of things” (IoT) — anything from a yoga mat that informs a smartphone of your contortions, to remotely controlled factory robots. And while cyber experts say IoT security may not be the very top priority in the fight against cyber crime and cyber warfare, they see good reasons why Japan has chosen to make its stand here.....warnings that the rise of IoT will create a vast new front of vulnerability unless the security of, for example, a web-enabled yoga mat is taken as seriously by both manufacturers and users as the security of a banking website. The big cyber security consultancies, along with various governments, have historically relied on a range of gauges to calculate the scale of the problem. The Japanese government’s own National Institute of Information and Communications Technology (NICT) uses scans of the dark web to estimate that, of the cyber attacks it detected in 2017, 54 per cent targeted IoT devices.
C-suite  cyberattacks  cyber_security  cyber_warfare  dark_web  experimentation  hacks  Industrial_Internet  Japan  overreach  preparation  privacy  readiness  testing  vulnerabilities  white_hats 
february 2019 by jerryking
Listening In: cyber security in an insecure age, by Susan Landau
April 8, 2018 | Financial Times | Kadhim Shubber 10 HOURS AG

Review of [Listening In: cyber security in an insecure age, by Susan Landau, Yale University Press, $25]

....so Landau’s latest work leaves the reader wishing for a deeper reckoning with these complex issues.

Landau is a respected expert in cryptography and computer security, with a long career both studying and working in the field. She was an engineer at Sun Microsystems for over a decade and is currently a professor in cyber security at Tufts University. Her clean, knowledgeable writing reflects the depth of her expertise — with just a trace of jargon at times — as she traces the tug of war that has played out between law enforcement and cryptographers in recent decades.....Landau persuasively argues that the increasingly digital and interconnected society and economy we inhabit creates vulnerabilities that we ignore at our peril.......Landau is an advocate for strong computer security, and uses this book to reject calls for “back doors” that would allow law enforcement access to encrypted hardware, like iPhones, or messaging apps, such as WhatsApp. But she also encourages governments to become better at proactive “front door” hacking. In the process, she warns, they should not rush to disclose security weaknesses they discover, which inevitably leaves them open for others to exploit......Yet we have seen that the government’s toolbox can also fall into the wrong hands. In 2016 and 2017, a powerful set of hacking tools built by the NSA were leaked by hackers.
Apple  back_doors  books  book_reviews  cryptography  cyber_security  FBI  hacking  nonfiction  Stuxnet  Tim_Cook  vulnerabilities 
april 2018 by jerryking
Cyberattacks Put Russian Fingers on the Switch at Power Plants, U.S. Says
MARCH 15, 2018 | The New York Times | By NICOLE PERLROTH and DAVID E. SANGER.

The Trump administration accused Russia on Thursday of engineering a series of cyberattacks that targeted American and European nuclear power plants and water and electric systems, and could have sabotaged or shut power plants off at will.....Russian hacks had taken an aggressive turn. The attacks were no longer aimed at intelligence gathering, but at potentially sabotaging or shutting down plant operations.....Though a major step toward deterrence, publicly naming countries accused of cyberattacks still is unlikely to shame them into stopping. The United States is struggling to come up with proportionate responses to the wide variety of cyberespionage, vandalism and outright attacks.
Russia  security_&_intelligence  cyberattacks  vandalism  cyber_security  power_grid  infrastructure  NSA  vulnerabilities  hackers  U.S._Cyber_Command  David_Sanger  cyberphysical  physical_world 
march 2018 by jerryking
Security Breach and Spilled Secrets Have Shaken the N.S.A. to Its Core
NOV. 12, 2017 | The New York Times | By SCOTT SHANE, NICOLE PERLROTH and DAVID E. SANGER.

“These leaks have been incredibly damaging to our intelligence and cyber capabilities,” said Leon E. Panetta, the former defense secretary and director of the Central Intelligence Agency. “The fundamental purpose of intelligence is to be able to effectively penetrate our adversaries in order to gather vital intelligence. By its very nature, that only works if secrecy is maintained and our codes are protected.”
adversaries  data_breaches  hacking  vulnerabilities  counterintelligence  counterespionage  moles  malware  ransomware  Fedex  Mondelez  Edward_Snowden  security_&_intelligence  Russia  Leon_Panetta  NSA  cyber_security  cyber_warfare  cyberweapons  tools  David_Sanger  SecDef  CIA 
november 2017 by jerryking
Pentagon Turns to High-Speed Traders to Fortify Markets Against Cyberattack
Oct. 15, 2017 7| WSJ | By Alexander Osipovich.

"What it would be like if a malicious actor wanted to cause havoc on U.S. financial markets?".....Dozens of high-speed traders and others from Wall Street are helping the Pentagon study how hackers could unleash chaos in the U.S. financial system. The Department of Defense’s research arm, DARPA, over the past year and a half has consulted executives at high-frequency trading firms and quantitative hedge funds, and people from exchanges and other financial companies, participants in the discussions said. Officials described the effort, the Financial Markets Vulnerabilities Project, as an early-stage pilot project aimed at identifying market vulnerabilities.

Among the potential scenarios: Hackers could cripple a widely used payroll system; they could inject false information into stock-data feeds, sending trading algorithms out of whack; or they could flood the stock market with fake sell orders and trigger a market crash......Among potential targets that could appeal to hackers given their broad reach are credit-card companies, payment processors and payroll companies such as ADP, which handles the paychecks for one in six U.S. workers, participants said.....The goal of Darpa’s project is to develop a simulation of U.S. markets, which could be used to test scenarios, Such software would need to model complex, interrelated markets—not just stocks but also markets such as futures—as well as the behavior of automated trading systems operating within them....Many quantitative trading firms already do something similar.......
In 2009, military experts took part in a two-day war game exploring a “global financial war” involving China and Russia, according to “Currency Wars: The Making of the Next Global Crisis,” a 2011 book by James Rickards. ....“Our charge at Darpa is to think far out,” he said. “It’s not ‘What is the attack today?’ but ‘What are the vectors of attack 20 years from now?’”
Pentagon  financial_markets  financial_system  vulnerabilities  DARPA  traders  hedge_funds  Wall_Street  hackers  books  rogue_actors  scenario-planning  cyber_security  cyber_warfare  cyberattacks  high-frequency_trading  pilot_programs  contagions 
october 2017 by jerryking
Tornado-Ravaged Hospital Took Storm-Smart Approach During Rebuild - Risk & Compliance Journal.
Aug 30, 2017 | WSJ | By Ben DiPietro.

...................“Preparation for what these events can be–and belief they can actually happen–is important so you make sure you are preparing for them,” ....trying to undertake whatever is your organizational mission in the midst of a tornado or other devastating event is much harder, given the high emotions and stress that manifests itself at such moments.

“Understand the possibilities and pre-planning will make that go a lot better,”

===============================
As Hurricane Harvey has shown, extreme weather events can devastate a region’s infrastructure. Hospital operator Mercy had its own experience of this in 2011 when a tornado ripped through Joplin, Mo., killing 161 people and destroying its hospital.

Hospital operator Mercy took the lessons it learned from that tornado experience and incorporated them into the design of the new hospital–and also changed the way it plans and prepares for disasters. The new facility reflects a careful risk assessment, as Mercy took into account not only the physical risk of tornadoes but the risks to power supplies and medical supplies.

“We always prepare, always have drills for emergencies, but you never quite can prepare for losing an entire campus,” ....“Now we are preparing for that…it definitely changed the way we look at emergency management.”

** Protecting What Matters Most **
Mercy took the lessons it learned from that devastating weather event and applied them when it was time to build its latest hospital, which was constructed in a way to better withstand tornadoes while providing more secure systems infrastructure and adding backup systems to ensure operations continued unimpeded, ......Even the way medical supplies were stored was changed; instead of storing supplies in the basement, where they were inaccessible in the immediate aftermath of the tornado, they now are kept on each floor so staff don’t need to go hunting around for things they need during an emergency.....“The first priority is to save lives, the second is to minimize damage to the facility,”

** Focus on the Worst **
many companies worry about low-severity, high-frequency events–those things that happen a lot. They instead need to focus more on high-severity events that can cause a company to impair its resilience. “....identify and work on a worst-case scenario and make sure it is understood and the company is financially prepared for it,”

work with its key vendors and suppliers to know what each will do in the face of a disaster or unexpected disruption. “...large companies [should] know their key vendors prior to any major incidents,” ...“Vendors become partners at that time and you need to know people will do what you need them to do.”

A company needs to assess what is most important to its operations, map who their vendors are in those areas and engage them in various loss scenarios .... It should review its insurance policy language against possible weather events, identify any gaps and either revise policies to fill those holes or to at least make sure executives understand what the risks are of leaving those gaps unattended.
==================================
See also :
What to Do Before Disaster Strikes - WSJ.com ☑
September 27, 2005 | WSJ | By GEORGE ANDERS.
start by cataloging what could go wrong. GM, for example, has created "vulnerability maps" that identify more than 100 hazards, ranging from wind damage to embezzlement. Such maps make it easier for managers to focus on areas of greatest risk or gravest peril.
low_probability  disasters  Hurricane_Harvey  extreme_weather_events  hospitals  tornadoes  design  rebuilding  preparation  emergencies  lessons_learned  worst-case  natural_calamities  anticipating  insurance  vulnerabilities  large_companies  redundancies  business-continuity  thinking_tragically  high-risk  risk-management  isolation  compounded  network_risk  black_swan  beforemath  frequency_and_severity  resilience  improbables  George_Anders  hazards  disaster_preparedness  what_really_matters 
september 2017 by jerryking
Chinks emerge in the armour of prized malls
22 July/23 July 2017 | Financial Times | Miles Johnson.

A defining feature of the financial crisis was a group of hedge funds making vast sums by wagering against supposedly AAA-rated mortgage debt well before markets imploded in 2008.

Now some believe a similar story will play out for US shopping malls — that the most risky investments will end up being those that investors now believe to be the safest. Central to their premise is the idea that too much faith may be being placed in a classification system used for shopping malls that is little known outside of the real estate sector.....investors are also actively leaving the office and conducting field research.

In April researchers from a large US hedge fund travelled to the outer boroughs of New York to a shopping mall that is home to Apple and Armani among other retailers....To their surprise the researchers quickly came across a pop-up shop selling cheaply manufactured stuffed teddy bears and plastic toys. Two months later the store had disappeared....
The stock market has until recently appeared to believe that prime “A” malls are largely insulated from the pain being felt across a US retail sector being shaken by e-commerce.

Shares in Washington Prime, an operator of lower quality B and C classed malls, are down by half since the start of 2015. However, until recently shares in “prime” mall operators Simon Property Group and GGP had held up, underpinned by the belief that their A-quality malls in prime locations were safe from the challenge of online shopping.......Yet there is growing evidence to suggest that these prime malls, which have been treated by investors and lenders alike as rock solid bets in the face of the internet headwinds, are not as protected as once thought.

Shares in Simon Property, the largest Reit in America with a market value of $50bn, are down by almost 30 per cent over the past 12 months, having held up strongly to the middle of 2016. Short interest in Simon, which tracks the amount of shares hedge funds have borrowed to bet that its value will fall, rose to the highest level since the financial crisis last month, with bets worth more than $1bn.....The hedge funds wagering against the highest quality malls believe that the wider market will come to believe these A-quality malls are far more similar to lesser ranked ones. “This idea that there are these magic malls in America that are immune to secular change is a myth,” the US-based hedge fund manager says.

Some argue that the market under-appreciates that A class mall operators and B and C class mall operators all have very similar tenant bases, in spite of being in different locations. L Brands, the owner of lingerie chain Victoria’s Secret, is the largest single tenant for prime operator GGP, according to company filings.....it is also the biggest tenant for the lesser ranked CBL and second largest for Washington Prime.....Russell Clark of Horseman Capital notes the vulnerability malls have to the loss of single big brands, known as anchor tenants, with their departure often triggering a wave of rent loss with other tenants.

“Many tenants have a clause in their lease to reduce rents should an anchor close a store. Thus, even though the loss of rent due to an anchor closing is minimal, the knock-on effect of reduced rents from the remaining tenants is a serious concern,” he noted.....the hunt for opportunities to bet against quality malls outside the US. The share prices of Intu Properties and Hammerson, the UK’s largest publicly listed shopping centre operators, have not yet followed the falls seen in the shares of their largest tenants.
shopping_malls  commercial_real_estate  real_estate  MappedIn  mapping  hedge_funds  primary_field_research  pop-ups  store_closings  pretense_of_knowledge  illusions  under_appreciated  retailers  vulnerabilities  anchor_tenants  REITs  L_Brands  A-class  B-class  C-class  Victoria's_Secret 
july 2017 by jerryking
Hacks Raise Fear Over N.S.A.’s Hold on Cyberweapons - The New York Times
By NICOLE PERLROTH and DAVID E. SANGER JUNE 28, 2017

The Petya ransomware attack....was built on cyberweapons (i.e. hacking tools that exploited vulnerabilities in Microsoft software) stolen from the NSA in 2016 by Shadow Brokers and made public in April 2017. Now those weapons are being deployed against various U.S. partners include the United Kingdom and Ukraine.....there is growing concern that United States intelligence agencies have rushed to create digital weapons that they cannot keep safe from adversaries or disable once they fall into the wrong hands..... the government “employs a disciplined, high-level interagency decision-making process for disclosure of known vulnerabilities” in software, “unlike any other country in the world.”....Officials fret that the potential damage from the Shadow Brokers leaks could go much further, and the agency’s own weaponry could be used to destroy critical infrastructure in allied nations or in the United States.

“Whether it’s North Korea, Russia, China, Iran or ISIS, almost all of the flash points out there now involve a cyber element,” Leon E. Panetta, the former defense secretary and Central Intelligence Agency chief.....viruses can suddenly mutate into other areas you didn’t intend, more and more,” Mr. Panetta said. “That’s the threat we’re going to face in the near future.”..... ransomware that recently gained the most attention in the Ukraine attack is believed to have been a smoke screen for a deeper assault aimed at destroying victims’ computers entirely. .....Mr. Panetta was among the officials warning years ago of a “cyber Pearl Harbor” that could bring down the American power grid. But he and others never imagined that those same enemies might use the N.S.A.’s own cyberweapons.....rogue actors actors, like North Korea and segments of the Islamic State, who have access to N.S.A. tools who don’t care about economic and other ties between nation states,”.....So long as flaws in computer code exist to create openings for digital weapons and spy tools, security experts say, the N.S.A. is not likely to stop hoarding software vulnerabilities any time soon.
adversaries  CIA  computer_viruses  cyberattacks  cyberthreats  cyberweapons  David_Sanger  exploits  hackers  Leon_Panetta  malware  NSA  North_Korea  Pentagon  power_grid  ransomware  rogue_actors  security_&_intelligence  SecDef  vulnerabilities 
june 2017 by jerryking
U.S. Cyberweapons, Used Against Iran and North Korea, Are a Disappointment Against ISIS - The New York Times
By DAVID E. SANGER and ERIC SCHMITT JUNE 12, 2017.

In 2016, U.S. cyberwarriors began training their arsenal of cyberweapons on a more elusive target, internet use by the Islamic State. Thus far, the results have been a consistent disappointment......The effectiveness of the nation’s arsenal of cyberweapons hit its limits against an enemy that exploits the internet largely to recruit, spread propaganda and use encrypted communications, all of which can be quickly reconstituted after American “mission teams” freeze their computers or manipulate their data..... the U.S. is rethinking how cyberwarfare techniques, first designed for fixed targets like nuclear facilities, must be refashioned to fight terrorist groups that are becoming more adept at turning the web into a weapon......one of the rare successes against the Islamic State belongs at least in part to Israel, which was America’s partner in the attacks against Iran’s nuclear facilities. Top Israeli cyberoperators penetrated a small cell of extremist bombmakers in Syria months ago, the officials said. That was how the United States learned that the terrorist group was working to make explosives that fooled airport X-ray machines and other screening by looking exactly like batteries for laptop computers......ISIS' agenda and tactics make it a particularly tough foe for cyberwarfare. The jihadists use computers and social media not to develop or launch weapons systems but to recruit, raise money and coordinate future attacks.

Such activity is not tied to a single place, as Iran’s centrifuges were, and the militants can take advantage of remarkably advanced, low-cost encryption technologies. The Islamic State, officials said, has made tremendous use of Telegram, an encrypted messaging system developed largely in Germany......disruptions often require fighters to move to less secure communications, making them more vulnerable. Yet because the Islamic State fighters are so mobile, and their equipment relatively commonplace, reconstituting communications and putting material up on new servers are not difficult.
ISIS  NSA  security_&_intelligence  disappointment  Israel  encryption  disruption  London  London_Bridge  tools  cyber_security  cyberweapons  vulnerabilities  terrorism  Pentagon  U.S._Cyber_Command  campaigns  David_Sanger 
june 2017 by jerryking
Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool
MAY 12, 2017 | - The New York Times | By NICOLE PERLROTH and DAVID E. SANGER.

Hackers exploiting malicious software stolen from the National Security Agency executed damaging cyberattacks on Friday that hit dozens of countries worldwide, forcing Britain’s public health system to send patients away, freezing computers at Russia’s Interior Ministry and wreaking havoc on tens of thousands of computers elsewhere.....The attacks appeared to be the largest ransomware assault on record, but the scope of the damage was hard to measure. It was not clear if victims were paying the ransom, which began at about $300 to unlock individual computers, or even if those who did pay would regain access to their data.

Security experts described the attacks as the digital equivalent of a perfect storm. They began with a simple phishing email, similar to the one Russian hackers used in the attacks on the Democratic National Committee and other targets last year. They then quickly spread through victims’ systems using a hacking method that the N.S.A. is believed to have developed as part of its arsenal of cyberweapons. And finally they encrypted the computer systems of the victims, locking them out of critical data, including patient records in Britain.
tools  cyber_security  cyberweapons  cyberattacks  vulnerabilities  malware  Microsoft  ransomware  hackers  NSA  exploits  blackmail  David_Sanger 
may 2017 by jerryking
Cyber Heroes | Ivey Alumni | Ivey Business School
Craig believes that businesses and individuals, even countries, must accept that we live in an “era of compromise.” “You have to understand that somebody already has your sensitive data, likely a former employee,” he says. “Have you rehearsed roles for when that becomes public? Does the CEO know what she needs to say? Does the IT team know what they need to do? Being prepared with an appropriate response to data loss is a leading practice that helps maintain, or even build, an organization’s reputation.”
Ivey  alumni  cyber_security  vulnerabilities  insurance  data_breaches  risks  business-continuity 
march 2017 by jerryking
Sree Sreenivasan: The Met ousted one of its top executives, so he used Facebook to show them what they lost — Quartz
June 23, 2016 | QUARTZ| Jenni Avins

(1) Build your network before you need it.“You need an incredible support group, and people who understand.” said Sreenivasan. “You have to build it when you don’t need it.” keep your resumé and LinkedIn profile fresh, maintain your professional contacts, and be generous with your time and advice. “Join LinkedIn today, when you don’t need a job,” said Sreenivasan. “Desperation does not work on LinkedIn.”
(2) Go public as soon as you can. Sreenivasan realized that at his level, offers wouldn’t immediately pile up—especially in the summer. So the same day the Met sent a company-wide memo about Sreenivasan’s departure, he went ahead and posted the aforementioned note on Facebook. be open and free. See what happens. Let the universe help.’”
(3) It’s okay to be vulnerable. be willing to be vulnerable,” said Jarvis. “And you have to trust your friends.”
(4) Control the narrative by setting it free. Sharing vulnerability doesn’t necessarily worsen it, Jarvis explained. Quite the contrary: The benefits of sharing—and thereby controlling—one’s own story far outweigh the risks
(5) Be open to meetings and advice. “I’m meeting everybody,” said Sreenivasan. (Indeed, when I asked him if we could take a walk to discuss his strategy on a Monday afternoon, he was booked through the evening; hence our morning commute through the park.) There’s no shame in taking tons of meetings—especially when one’s calendar is suddenly open. You never know which one might lead somewhere.
Sree_Sreenivasan  job_search  Managing_Your_Career  companywide  lessons_learned  digital_media  museums  meetings  networking  vulnerabilities  narratives 
december 2016 by jerryking
Software as Weaponry in a Computer-Connected World - The New York Times
JUNE 7, 2016 | NYT | By NICOLE PERLROTH.

On average, there are 15 to 50 defects per 1,000 lines of code in delivered software, according to Steve McConnell, the author of “Code Complete.” Today, most of the applications we rely on — Google Chrome, Microsoft, Firefox and Android — contain millions of lines of code. And the complexity of technology is increasing, and with it the potential for defects.

The motivation to find exploitable defects in widely used code has never been higher. Governments big and small are stockpiling vulnerabilities and exploits in hardware, software, applications, algorithms and even security defenses like firewalls and antivirus software.

They are using these holes to monitor their perceived enemies, and many governments are storing them for a rainy day, when they might just have to drop a payload that disrupts or degrades an adversary’s transportation, energy or financial system.

They are willing to pay anyone who can find and exploit these weaknesses top dollar to hand them over, and never speak a word to the companies whose programmers inadvertently wrote them into software in the first place.
adversaries  software  hackers  books  coding  vulnerabilities  exploits  software_bugs  bounties  black_markets  arms_race  cyber_warfare  cyber_security  Stuxnet  espionage  Iran  security_&_intelligence  malware  cyberweapons  weaponry  stockpiles  financial_system 
june 2016 by jerryking
U.S. Directs Cyberweapons at ISIS for First Time - The New York Times
APRIL 24, 2016 | NYT | By DAVID E. SANGER.

The United States has opened a new line of combat against the Islamic State, directing the military’s six-year-old Cyber Command for the first time to mount computer-network attacks that are now being used alongside more traditional weapons....The NSA, which specializes in electronic surveillance, has for years listened intensely to the militants of the Islamic State, and those reports are often part of the president’s daily intelligence briefing. But the N.S.A.’s military counterpart, Cyber Command, was focused largely on Russia, China, Iran and North Korea — where cyberattacks on the United States most frequently originate — and had run virtually no operations against what has become the most dangerous terrorist organization in the world...The goal of the new campaign is to disrupt the ability of the Islamic State to spread its message, attract new adherents, circulate orders from commanders and carry out day-to-day functions, like paying its fighters....The N.S.A. has spent years penetrating foreign networks — the Chinese military, Russian submarine communications, Internet traffic and other targets — placing thousands of “implants” in those networks to allow it to listen in.

But those implants can be used to manipulate data or to shut a network down. That frequently leads to a battle between the N.S.A. civilians — who know that to make use of an implant is to blow its cover — and the military operators who want to strike back. N.S.A. officials complained that once the implants were used to attack, the Islamic State militants would stop the use of a communications channel and perhaps start one that was harder to find, penetrate or de-encrypt.
ISIS  cyber_warfare  NSA  security_&_intelligence  terrorism  cyberweapons  exploits  hackers  software_bugs  vulnerabilities  Pentagon  U.S._Cyber_Command  campaigns  David_Sanger 
april 2016 by jerryking
F.B.I. Director Suggests Bill for iPhone Hacking Topped $1.3 Million - The New York Times
APRIL 21, 2016 | NYT | By ERIC LICHTBLAU and KATIE BENNER

The F.B.I. declined to confirm or deny Thursday whether the bureau had in fact paid at least $1.3 million for the hacking, and it declined to elaborate on Mr. Comey’s suggestive remarks.

But that price tag, if confirmed, appears in line with what other companies have offered for identifying iOS vulnerabilities.

Zerodium, a security firm in Washington that collects and then sells such bugs, said last fall that it would pay $1 million for weaknesses in Apple’s iOS 9 operating system. Hackers eventually claimed that bounty. The iPhone used by the San Bernardino gunman ran iOS 9.

“A number of factors go into pricing these bounties,” said Alex Rice, the co-founder of the security start-up HackerOne CTO, who also started Facebook’s bug bounty program. Mr. Rice said that the highest premiums were paid when the buyer didn’t intend to disclose the flaw to a party that could fix it.
bounties  FBI  hacking  encryption  James_Comey  iPhone  cyber_security  Apple  hackers  software_bugs  vulnerabilities  cryptography  exploits 
april 2016 by jerryking
Apple Policy on Bugs May Explain Why Hackers Would Help F.B.I. - The New York Times
MARCH 22, 2016 | NYT | By NICOLE PERLROTH and KATIE BENNER.

As Apple’s desktops and mobile phones have gained more market share, and as customers began to entrust more and more of their personal data to their iPhones, Apple products have become far more valuable marks for criminals and spies.....Exploits in Apple’s code have become increasingly coveted over time, especially as its mobile devices have become ubiquitous, with an underground ecosystem of brokers and contractors willing to pay top dollar for them (flaws in Apple’s mobile devices can typically fetch $1 million.)....Unlike firms like Google, Microsoft, Facebook, Twitter, Mozilla, Uber and other tech companies which all pay outside hackers, via bug bounty programs, to turn over bugs in their products and systems, Apple doesn't do this. So it's not surprising that a third party approached the F.B.I. with claims of being able to unlock an iPhone--and not Apple.
black_markets  exploits  arms_race  FBI  bounties  cyber_security  Apple  hackers  software_bugs  vulnerabilities  cryptography  encryption 
march 2016 by jerryking
Successful people act quickly when things go wrong - The Globe and Mail
HARVEY SCHACHTER
Special to The Globe and Mail
Published Sunday, Aug. 02, 2015

Productivity

Pivot quickly to maximize success
Airplanes are off course 90 per cent of the time but incessantly correct their direction, . Similarly, successful people correct their course quickly when off-kilter. They also set short timelines, have small daily to-do lists and drop stuff that isn’t working. Lifehack.org

Branding

Learn from but don’t live in the past
It’s great to know your company history but senseless to live in the past,Your company’s history is valuable only if customers and prospective clients believe it defines your brand and success, and differentiates you from competitors. If it doesn’t, build a new history.

Leadership

Pre-empt attacks with regular audits
To pre-empt an activist investor’s attack, eliminate financial and operational underperformance. Conduct regular vulnerability audits, looking at factors such as how earnings per share, profit and price-to-earnings ratios in the past 18 months compare with peers. If necessary, create an aggressive turnaround plan. ChiefExecutive.net

Human resources

Ask potential hires where they’ll go next
It sounds weird, but LinkedIn asks potential employees what job they want to have next after they leave the company. Founder Reid Hoffman says it signals the intent to have a huge impact on the individual’s career, helping to develop them for whatever they choose, and invites honesty. Vox.com

Tech tip

Use phone’s camera as portable copier
Productivity blogger Mark Shead recommends using your phone’s camera as a portable copy machine/scanner when on the road, photographing paperwork, train schedules or other information. Many new camera phones have the resolution to provide readable copies. Productivity 501.com
branding  productivity  human_resources  leadership  Harvey_Schachter  character_traits  habits  pre-emption  course_correction  Reid_Hoffman  career_paths  beforemath  overachievers  affirmations  pivots  audits  signals  vulnerabilities  hiring  interviews  high-achieving 
august 2015 by jerryking
Water Data Deluge: Addressing the California Drought Requires Access to Accurate Data - The CIO Report - WSJ
April 22, 2015| WSJ | By KIM S. NASH.

California, now in its fourth year of drought, is collecting more data than ever from utilities, municipalities and other water providers about just how much water flows through their pipes....The data-collection process, built on monthly self-reporting and spreadsheets, is critical to informing such policy decisions, which affect California’s businesses and 38.8 million residents. Some say the process, with a built-in lag time of two weeks between data collection and actionable reports, could be better, allowing for more effective, fine-tuned management of water.

“More data and better data will allow for more nuanced approaches and potentially allow the water system to function more efficiently,”...“Right now, there are inefficiencies in the system and they don’t know exactly where, so they have to resort to blanket policy responses.”...the State Water Resources Control Board imports the data into a spreadsheet to tabulate and compare with prior months. Researchers then cleanse the data, find and resolve anomalies and create graphics to show what’s happened with water in the last month. The process takes about 2 weeks....accuracy is an issue in any self-reporting scenario...while data management could be improved by installing smart meters to feed information directly to the Control Board automatically... there are drawbacks to any technology. Smart meters can fail, for example. “The nice thing about spreadsheets is anyone can open it up and immediately see everything there,”
lag_time  water  California  data  spreadsheets  inefficiencies  municipalities  utilities  bureaucracies  droughts  vulnerabilities  self-reporting  decision_making  Industrial_Internet  SPOF  bottlenecks  data_management  data_quality  data_capture  data_collection 
april 2015 by jerryking
Holman Jenkins: Sony Lesson: Don’t Get Hacked - WSJ
By HOLMAN W. JENKINS, JR.
Dec. 19, 2014

What we want to know, the FBI is unlikely to find out: What exactly North Korea’s role was and how it may have stimulated others to act on its behalf. North Korean hackers stand on the shoulders of giants—Russian content thieves, Chinese business-secret spies, the politically minded hacktivsts who’ve been strafing Sony for a decade. Hacking is a swarm effort. Participants often don’t even know each other’s real names and nationalities. Don’t be surprised if hacker networks are also full of U.S. agents working for various government departments. Arrests might not have been made in the PlayStation case if a key participant hadn’t been an FBI informant....How Sony’s data security, given this history, could have been so third-rate is a mystery for a future business-school case study....
Holman_Jenkins  lessons_learned  hackers  cyber_security  North_Korea  cyber_warfare  Sony  vulnerabilities  blackmail  cyberattacks 
december 2014 by jerryking
‘The Director,’ by David Ignatius, a Novel About the C.I.A.
June 3, 2014 | NYTimes.com |By MICHIKO KAKUTANI.

Mr. Ignatius writes that “The Director” is “ultimately about American intelligence in the age of WikiLeaks, and whether it can adapt to a more open digital world and still do the hard work of espionage.” And the novel does provide a harrowing sense of the vulnerability of governments and ordinary people alike to cybercrime, surveillance and digital warfare in this day when almost anything and everything can be stolen or destroyed with some malicious pieces of code and a couple clicks of a mouse.....giving an intimate sense of American intelligence operations in a post-Sept. 11 world, and puts them in historical perspective with operations from the World War II and Cold War eras. He also provides a detailed, energetically researched account of how hackers inside and outside the government operate: how malware and back doors and worms actually work, how easily security and privacy shields can be breached, how relatively defenseless many financial networks are.
back_doors  books  book_reviews  CIA  cyber_security  cyber_warfare  David_Ignatius  espionage  exploits  fiction  hackers  hard_work  malware  security_&_intelligence  software_bugs  vulnerabilities  WikiLeaks 
june 2014 by jerryking
Bloomberg Outlines $20 Billion Storm Protection Plan - NYTimes.com
By MARC SANTORA and KIA GREGORY
Published: June 11, 2013
Mayor Michael R. Bloomberg outlined a far-reaching plan on Tuesday to protect New York from the threat of rising sea levels and powerful storm surges by building an extensive network of flood walls, levees and bulkheads to guard much of the city’s 520 miles of coastline.
The cost of fortifying critical infrastructure like the power grid, retrofitting older buildings to withstand powerful storms, and defending the coastline was estimated to be $20 billion, according to a 430-page report outlining the proposals.
New_York_City  Michael_Bloomberg  floods  climate_change  power_grid  infrastructure  vulnerabilities  business-continuity  sea-level_rise 
june 2013 by jerryking
Cyberattacks to threat to U.S., intelligence chief says - Google Drive
March 13,2013 | NYT | Mark Mazzetti and Scott Shane.

"The nation’s top intelligence official warned Congress on Tuesday that a cyberattack could cripple America’s infrastructure and economy and suggested that such attacks pose the most dangerous immediate threat to the United States, more pressing than an attack by global terrorist networks. James R. Clapper Jr., the director of national intelligence, said in prepared testimony to the Senate Intelligence Committee that American spy agencies saw only a 'remote chance' in the next two years of a major cyberattack — what he defined as an operation that 'would result in long-term, wide-scale disruption of services, such as a regional power outage.' Still, it was the first time that Mr. Clapper has listed cyberattacks first in his annual presentation to Congress about the various threats facing the United States, and the rare occasion since 2001 that intelligence officials have not listed international terrorism first in the catalog of dangers facing the United States."
cyber_warfare  China  Iran  security_&_intelligence  spymasters  infrastructure  power_grid  vulnerabilities  James_Clapper  cyberattacks  cyberthreats 
march 2013 by jerryking
Uniting for Cyberdefense - NYTimes.com
By RENÉ OBERMANN
Published: February 19, 2013

A set of basic and accepted rules-of-the-road protects our physical highways and traffic, and we have to have similar, internationally recognized rules for the information highway. We must define standards and functionalities in order to ensure a safe and coherent digital architecture. A good example is the German security standard for “smart meters” that monitor and bill power consumption.

This will not be easy for the I.T. industry. In Europe, the sheer number of Internet providers makes it difficult to find a common position. Again, transparency and information sharing is essential: Every sound effort to implement such rules and standards relies on feedback about vulnerabilities, as well as data on the quantity, quality and origin of attacks. One cannot manage a problem until one can measure it.
collaboration  metrics  cyber_security  Deutsche_Telekom  frequency_and_severity  vulnerabilities  transparency  information_sharing  smart_meters  defensive_tactics  forensics 
february 2013 by jerryking
Business continuity: Making it through the storm
Nov 10th 2012 | The Economist |Anonymous.

Hurricane Sandy was another test of how well businesses can keep going when disaster strikes...GOLDMAN SACHS’S latest shrewd investment was in sandbags and back-up electricity generators. As Hurricane Sandy approached New York, the bags were stacked around its headquarters. It was one of the few offices in downtown Manhattan to remain dry and well-illuminated as “Frankenstorm” battered the city.

Meanwhile, a block farther down West Street, the headquarters of Verizon were awash with salty flood water, soaking cables delivering phone and internet services to millions of customers. The firm was able to reroute much of the traffic through other parts of its network, but local service was disrupted....Sandy is the latest catastrophic event to test the readiness of the world’s leading firms to cope with disaster. Most firms have improved “business continuity” preparations over the years. The Y2K scare at the turn of the century moved IT risk high up the list of worries. The attacks of September 11th 2001 warned firms of the danger of putting all their computers (and staff) in the same place (jk: concentration risk)....“Firms are increasingly reliant on networks, but often fail to understand the risks that networks bring,” says Don Tapscott, a management guru. Global supply chains, just-in-time and shifting to the “cloud” tend to bind once unrelated activities ever closer together, making them more prone to failing at the same time. The current fad for moving data to the “cloud” may appear to reduce risk because there is so much spare capacity in the web. Yet some firms offering cloud services have more concentrated operations than (jk: concentration risk).

Firms are starting to recognise their vulnerability to cyber-attack, but few have much idea what they would do if it happened. Mr Tapscott thinks boards should have a committee explicitly focused on understanding IT and network risks and ensuring they are properly managed....Dutch Leonard, a risk expert at Harvard Business School, says that the best-prepared firms use a combination of planning for specific events and planning to cope with specific consequences, such as a loss of a building or supplier, regardless of the cause. He also recommends copying an approach used by the armed forces: using a group of insiders to figure out how the firm could be brought down [ jk: white hats]....Firms should make lobbying government to invest heavily in upgrading that infrastructure a core part of their risk-management strategy, argues Irwin Redlener of the National Centre for Disaster Preparedness at Columbia University.

Goldman Sachs has long been a leader in disaster planning because it understands that the situations in which it might not be able to function are exactly the sort of events when very large changes in the value of its investments could occur, says Mr Leonard. Yet too many firms underinvest in planning for disaster because they don’t think it will pay, at least within the short-term timeline by which many now operate, reckons Yossi Sheffi of MIT.
Goldman_Sachs  Hurricane_Sandy  disasters  New_York_City  supply_chains  Don_Tapscott  business-continuity  boards_&_directors_&_governance  disaster_preparedness  vulnerabilities  resilience  red_teams  SPOF  cyber_security  surprises  valuations  step_change  networks  risks  natural_calamities  crisis  isolation  compounded  network_risk  underinvestments  catastrophes  risk-management  short-term  optimism_bias  beforemath  cyberattacks  preparation  readiness  concentration_risk  white_hats 
november 2012 by jerryking
Ottawa set to ban Chinese firm from telecommunications bid - The Globe and Mail
STEVEN CHASE

OTTAWA — The Globe and Mail

Last updated Wednesday, Oct. 10 2012

One presentation, which discusses the damage foreign adversaries can inflict on computer systems, mentions the "Farewell dossier" incident. That was a Cold War episode in which the Central Intelligence Agency was reported to have deliberately transferred faulty technology to the Soviets – including a computer virus that triggered a major pipeline explosion.
adversaries  cyber_security  Huawei  malware  software_bugs  vulnerabilities 
october 2012 by jerryking
It’s Mitt’s World - NYTimes.com
September 4, 2012 | NYT | By THOMAS L. FRIEDMAN.

Since the end of the cold war, the world has become not just more interconnected but more interdependent, and this new structural reality requires a new kind of American leadership. Why?

In this increasingly interdependent world, your “allies” can hurt you as much as your “enemies.” After all, the biggest threats to President Obama’s re-election are whether little Greece pulls out of the euro zone and triggers a global economic meltdown or whether Israel attacks Iran and does the same.

In this increasingly interdependent world, your rivals can threaten you as much by collapsing as by rising. Think of what would happen to U.S. markets and jobs if China’s growth slowed to a crawl and there was internal instability there?

In this increasingly interdependent world, we have few pure “enemies” anymore: Iran, North Korea, Cuba, Al Qaeda, the Taliban. But we have many “frenemies,” or half friends/half foes. While the Pentagon worries about a war with China, the Commerce Department is trying to get China to buy more Boeing planes and every American university worth its salt is opening a campus in Beijing; meanwhile, the Chinese are investing in American companies left and right. President Hugo Chávez of Venezuela is the biggest thorn in America’s side in Latin America and a vital source of our imported oil. The U.S. and Russia are on opposing sides in Syria, but the U.S. supported Russia joining the World Trade Organization and American businesses are lobbying Congress to lift cold war trade restrictions on Russia so they can take advantage of its more open market....The best way for an American president to forge healthy interdependencies is, first, to get our own house in order and gain the leverage — in terms of resources and moral authority — that come from leading by example. For instance, Romney is right: there are unhealthy aspects to the U.S.-China interdependency that need working on, but they are not all China’s fault. We would have more leverage to build a more healthy relationship if we saved more, consumed less, studied harder and got our own banks to behave less recklessly.
Mitt_Romney  U.S.foreign_policy  interdependence  leadership  leverage  interconnections  networks  vulnerabilities  frenemies  Tom_Friedman 
september 2012 by jerryking
Barack Obama: Taking the Cyberattack Threat Seriously - WSJ.com
July 19, 2012 | WSJ| Barack Obama

In a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home.
adversaries  cyber_security  cyber_warfare  Obama  simulations  vulnerabilities  asymmetrical  cyberattacks 
july 2012 by jerryking
The Weakest Link
November 30, 2006 |Strategy + Business | by Nicholas G. Carr.

A product’s vulnerabilities can point the way to lucrative new business opportunities.

As John Campbell pointed out in a 1996 article in the journal of the Federal Reserve Bank of Boston, the landing gear of the early 1930s, before the O-ring was introduced, is an example of a “reverse salient.” That odd term has its origins in descriptions of warfare, where it refers to a section of an advancing military force that has fallen behind the rest of the front. This section is typically the point of weakness in an attack, the lagging element that prevents the rest of the force from accomplishing its mission. Until the reverse salient is corrected, an army’s progress comes to a halt.

Historian Thomas P. Hughes was the first to apply the term to the realm of technological innovation. As described in his book Networks of Power: Electrification in Western Society, 1880–1930 (Johns Hopkins University Press, 1983), a reverse salient often forms as a complex technological system advances: “As the system evolves toward a goal, some components fall behind or out of line. As a result of the reverse salient, growth of the entire enterprise is hampered, or thwarted, and thus remedial action is required.” In technological advance as in warfare, the reverse salient is the weak link that impedes progress.
Nicholas_Carr  problem_solving  unintended_consequences  shortcomings  limitations  vulnerabilities  revenge_effects  new_businesses  weak_links 
july 2012 by jerryking
What to Do Before Disaster Strikes - WSJ.com
September 27, 2005 | WSJ | By GEORGE ANDERS.

What's missing is a systematic way of approaching corporate self-defense. Each potential calamity is treated in isolation....Sheffi believes that companies need to start by cataloging what could go wrong. General Motors Corp., for example, has created "vulnerability maps" that identify more than 100 hazards, ranging from wind damage to embezzlement. Such maps make it easier for managers to focus on areas of greatest risk or gravest peril. He implies that normal budgeting -- which matches the cost of doing something against the risk-adjusted cost of doing nothing -- can determine which battles against vulnerability are worth fighting....Mr. Sheffi nods approvingly at some ingenious ways to mobilize for trouble before it arrives. Federal Express Corp., he says, puts two empty planes in the air each night, just so they can swoop into any airport with a grounded plane and take over delivery services as fast as possible. Wall Street firms have recently added similar redundancy with multiple data centers, so that a New York City crisis won't imperil their record-keeping.

Intel Corp. (post-Heathrow) gets a thumbs-up, too, for finding a sly way of outwitting airport thieves. It couldn't control every aspect of security in transit -- but it could change its box design. Rather than boast about "Intel inside," the company switched to drab, unmarked packaging that gave no hint of $6 million cargoes. The name for this approach: "Security through obscurity." (jk: security consciousness)
disaster_preparedness  risk-management  book_reviews  mapping  security_&_intelligence  redundancies  vulnerabilities  rate-limiting_steps  business-continuity  thinking_tragically  obscurity  cost_of_inaction  base_rates  isolated  GM  Fedex  Intel  risk-adjusted  self-defense  Wall_Street  high-risk  budgeting  disasters  beforemath  risks  George_Anders  catastrophes  natural_calamities  systematic_approaches  security_consciousness  record-keeping  hazards 
may 2012 by jerryking
The 6 Habits of True Strategic Thinkers
Mar 20, 2012 | | Inc.com | Paul J. H. Schoemaker.
Adaptive strategic leaders--the kind who thrive in today’s uncertain environment--do six things well:

1. Anticipate. Hone your “peripheral vision.” Reduce vulnerabilities to rivals who detect and act on ambiguous signals. ... Build wide external networks to help you scan the horizon better
2. Think Critically. Critical thinkers question everything. To master this skill, you must force yourself to reframe problems to get to the bottom of things, in terms of root causes. Challenge current beliefs and mindsets, including your own Uncover hypocrisy, manipulation, and bias in organizational decisions.
3. Interpret. Ambiguity is unsettling. Faced with it, you are tempted to reach for a fast (potentially wrongheaded) solution. A good strategic leader holds steady, synthesizing information from many sources before developing a viewpoint. To get good at this, you have to:Seek patterns in multiple sources of data; Question prevailing assumptions and test multiple hypotheses simultaneously.
4. Decide. Many leaders fall prey to “analysis paralysis.” Develop processes and enforce them, so that you arrive at a “good enough” position. To do that well, you have to: Carefully frame the decision to get to the crux of the matter, Balance speed, rigor, quality, and agility. Leave perfection to higher powers. Take a stand even with incomplete information and amid diverse views
5. Align. Consensus is rare. Foster open dialogue, build trust, and engage key stakeholders, especially when views diverge. To pull that off, you need to: Understand what drives other people's agendas, including what remains hidden. Bring tough issues to the surface, even when it's uncomfortable
Assess risk tolerance and follow through to build the necessary support
6. Learn.

As your company grows, honest feedback is harder and harder to come by. You have to do what you can to keep it coming.
Encourage and exemplify honest, rigorous debriefs to extract lessons
Shift course quickly if you realize you're off track
Celebrate both successes and (well-intentioned) failures that provide insight
Do you have what it takes?
tips  leadership  habits  strategic_thinking  anticipating  critical_thinking  networks  biases  conventional_wisdom  decision_making  empathy  feedback  thinking  failure  lessons_learned  leaders  interpretation  ambiguities  root_cause  insights  paralyze  peripheral_vision  analysis_paralysis  reframing  course_correction  vulnerabilities  good_enough  debriefs  post-mortems  problem_framing  discomforts  wide-framing  outward_looking  assumptions  game_changers 
march 2012 by jerryking
Lunch with the FT: Zbigniew Brzezinski
January 13, 2012 | FT.com | By Edward Luce.

Strategic Vision: America and the Crisis of Global Power.

“We [Americans] are too obsessed with today,” Brzezinski continues. “If we slide into a pattern of just thinking about today, we’ll end up reacting to yesterday instead of shaping something more constructive in the world.” By contrast, he says, the Chinese are thinking decades ahead. Alas, Brzezinski says, Obama has so far failed to move into a strategic habit of mind. To a far greater extent than the Chinese, he concedes, Obama has to respond to shifts in public mood. Brzezinski is not very complimentary about American public opinion.

“Americans don’t learn about the world, they don’t study world history, other than American history in a very one-sided fashion, and they don’t study geography,” Brzezinski says. “In that context of widespread ignorance, the ongoing and deliberately fanned fear about the outside world, which is connected with this grandiose war on jihadi terrorism, makes the American public extremely susceptible to extremist appeals.” But surely most Americans are tired of overseas adventures, I say. “There is more scepticism,” Brzezinski concedes. “But the susceptibility to demagoguery is still there.”....Brzezinski lists "Ignorance", as one of America’s six “key vulnerabilities” alongside “mounting debt’, a “flawed financial system”, “decaying national infrastructure”, “widening income inequality”, and “increasingly gridlocked politics”.
Zbigniew_Brzezinski  security_&_intelligence  strategic_thinking  China_rising  China  diplomacy  princelings  America_in_Decline?  threats  vulnerabilities  infrastructure  income_inequality  debt  political_polarization  long-term  partisan_politics  fractured_internally  NSC  ignorance  public_opinion  books  Chinese  instant_gratification  demagoguery  APNSA  gridlocked_politics  Edward_Luce  incurious  financial_system  historical_amnesia 
january 2012 by jerryking
Lost in Space | Hoover Institution
January 25, 2007 | WSJ | by Bruce Berkowitz.

First, it is not especially difficult to make a “killer satellite.” If a country can build a satellite, it can easily build one that can approach another satellite and destroy it. Modern guidance technology is widely available and more accurate than ever. Conversely, it is impossible to ban killer satellites without banning all satellites. Even if a country did not build a dedicated killer and train its operators, the skills for nonmilitary space rendezvous, docking, and refueling are the same.

Second, because these technologies and skills are interchangeable, it is impossible to verify a ban on killer satellites. Unverifiable treaties are worse than no treaties at all because they offer the illusion of control where none exists.

Third, the Chinese test is not a major step in “militarizing space.” Space is already heavily militarized. Most major military powers use satellite-based systems for communications, navigation, and imagery. It’s all available from commercial vendors. The United States may operate more satellites than any other country, but it is not uniquely dependent on them.

Fourth, even if one were to somehow ban killer satellites, there are many other ways to deny an adversary the use of space—for example, by bombing an enemy’s ground stations or jamming the radio links used to command satellites. So, even if a ban on killer satellites were possible, it would not solve the vulnerability problem.
adversaries  China  space  space_warfare  vulnerabilities 
october 2011 by jerryking
Executive Learns From Hack - WSJ.com
JUNE 21, 2011 By EVAN RAMSTAD.

• Trust the authorities.
• Stay open and transparent."
• Learn IT and know where vulnerabilities are. "These days, the CEO
should understand the basic structure of hacking even though he cannot
do programming. A CEO has to make tradeoffs and organizational
decisions.
• Create a philosophy that drives IT decisions. "Up to a few years ago,
the hacking route was very simple. But these days, there are so many
holes. Smartphone applications, so many websites … so the CEO has many
decisions to make.
• Reassess plans for products and services. Understand that each
application creates a new route for hacking. The real cost is not the
development cost. It's also the cost of hacking exposure.
Hyundai  South_Korea  blackmail  consumer_finance  IT  lessons_learned  cyber_security  product_development  product_management  hacks  data_breaches  vulnerabilities  new_products  hidden  latent  tradeoffs  CEOs 
june 2011 by jerryking
U.K. Warns of Cyber Crime Risk - WSJ.com
OCT. 12, 2010 | Wall Street Journal | By STEPHEN FIDLER. U.K.
Seeks Private Industry Help in Averting Cyber Attacks
The head of Britain's communications intelligence agency, GCHQ , said
that it may need to receive direct feeds of information from private
companies in key economic sectors in order to better protect the U.K.
economy from the threat from cyber attacks...New approaches may be
needed to deal with attacks on Britain's critical national
infrastructure—industries such as gas, electricity supply and banking
networks. "We need to consider the value of receiving in return a direct
feed of information from the operators with that same sort of
timeliness so that we are aware of the attacks that they are seeing on
their systems as they happen." This points to a different sort of
partnership between the national security agencies and key
industries--systems that are more interconnected and new financial
models to underpin a national capability which is both public and
private,"
cyberattacks  United_Kingdom  cyber_security  cyber_warfare  security_&_intelligence  GCHQ  organized_crime  infrastructure  vulnerabilities  real-time  network_risk  interconnections  power_grid 
october 2010 by jerryking
Off the Shelf - ‘Fault Lines’ Concludes Global Economy Remains Vulnerable - NYTimes.com
July 31, 2010 | NYT | By NANCY F. KOEHN reviews “Fault Lines:
How Hidden Fractures Still Threaten the World Economy” by Raghuram G.
Rajan who concludes that the financial crisis erupted “because in an
integrated economy and in an integrated world, what is best for the
individual actor or institution is not always best for the system.” Like
geological fault lines, the fissures in the world economic sys. are
more hidden and widespread than many realize. And they are potentially
more destructive than other culprits, e.g greedy bankers, sleepy
regulators and irresponsible borrowers. Rajan, a finance prof at the U.
of Chicago and former chief economist at the IMF argues that the
actions of these players (and others) unfolded on a larger worldwide
stage, that is subject to the imperatives of political economies. He
cites 3 fault lines: domestic political stresses; trade imbalances among
countries; and the tensions produced when financial sys. with very
different structures interact.
book_reviews  economic_downturn  financial_crises  crisis  threats  interconnections  interdependence  books  systemic_risks  vulnerabilities  fault_lines  hidden  latent  regulators  uChicago  global_economy  imbalances 
august 2010 by jerryking
Patrick Lencioni: The Most Important Leadership Trait You Shun - WSJ.com
JUNE 22, 2010 | Wall Street Journal | By PATRICK LENCIONI.
Writes about vulnerability, the ability to be genuinely honest about
one's weaknesses, mistakes and needs for help. Whether we're talking
about leadership, teamwork or client service, nothing inspires trust in
another human being as much as vulnerability . There is just something
immensely attractive and inspiring about humility and graciousness.
leadership  Patrick_Lencioni  personal_growth  life_skills  humility  weaknesses  authenticity  trustworthiness  grace  vulnerabilities 
june 2010 by jerryking
Cyber Warriors
March 2010 | The Atlantic Online | James Fallows
Click here to find out more!

When will China emerge as a military threat to the U.S.? In most
respects the answer is: not anytime soon—China doesn’t even contemplate a
time it might challenge America directly. But one significant threat
already exists: cyberwar. Attacks—not just from China but from Russia
and elsewhere—on America’s electronic networks cost millions of dollars
and could in the extreme cause the collapse of financial life, the halt
of most manufacturing systems, and the evaporation of all the data and
knowledge stored on the Internet.

by James Fallows
China  cyber_warfare  security_&_intelligence  James_Fallows  infrastructure  sigint  vulnerabilities  asymmetrical 
february 2010 by jerryking

related tags

5G  9/11  A-class  Achilles’_heel  adversaries  affirmations  algorithms  alumni  Amazon  Amazon_Prime  ambiguities  America_in_Decline?  analysis_paralysis  anchor_tenants  anticipating  APNSA  Apple  arms_race  assumptions  asymmetrical  attacks  auctions  audits  authenticity  automation  B-class  back_doors  Bank_of_Canada  barcodes  base_rates  beforemath  biases  blackmail  black_markets  black_swan  blowback  boards_&_directors_&_governance  books  book_reviews  bottlenecks  bounties  branding  budgeting  bureaucracies  business-continuity  C-class  C-suite  California  campaigns  career_paths  catastrophes  CEOs  character_traits  China  China_rising  Chinese  CIA  citizen_engagement  civics  climate_change  coding  collaboration  Colleges_&_Universities  commercial_real_estate  commingling  companywide  compounded  computer_viruses  concentration_risk  consumer_finance  contagions  contamination  control_systems  conventional_wisdom  cost_of_inaction  counterespionage  counterfeits  counterintelligence  course_correction  crisis  critical_thinking  cryptography  customer_satisfaction  cyberattacks  cyberespionage  cyberphysical  cyberthreats  cyberweapons  cyber_security  cyber_warfare  dark_side  dark_web  DARPA  data  data_breaches  data_capture  data_collection  data_management  data_quality  David_Ignatius  David_Sanger  debriefs  debt  decision_making  defensive_tactics  delivery_times  demagoguery  democracy  design  Deutsche_Telekom  digitalization  digital_media  diplomacy  disappointment  disasters  disaster_preparedness  discomforts  disruption  Donald_Trump  Don_Tapscott  drones  droughts  e-commerce  economic_downturn  Edward_Luce  Edward_Snowden  emergencies  empathy  encryption  engaged_citizenry  espionage  experimentation  exploits  extreme_weather_events  failure  false_sense_of_certainty  fault_lines  FBI  Fedex  feedback  fiction  financial_crises  financial_institutions  financial_markets  financial_system  Five_Eyes  floods  forensics  foundational  fractured_internally  frenemies  frequency_and_severity  fulfillment  game_changers  GCHQ  geopolitics  George_Anders  Germany  global_economy  GM  Goldman_Sachs  good_enough  grace  gridlocked_politics  habits  hackers  hacking  hacks  hard_work  Harvey_Schachter  hazards  hedge_funds  hidden  high-achieving  high-frequency_trading  high-risk  hiring  historians  historical_amnesia  history  Holman_Jenkins  hospitals  Huawei  humanities  human_resources  humility  Hurricane_Harvey  Hurricane_Sandy  Hyundai  ignorance  illusions  imbalances  improbables  income_inequality  incurious  Industrial_Internet  inefficiencies  information_flows  information_sharing  infrastructure  insights  instant_gratification  insurance  Intel  interconnections  interdependence  interpretation  interviews  inventory  iPhone  Iran  ISIS  isolated  isolation  Israel  IT  Ivey  James_Clapper  James_Comey  James_Fallows  Japan  job_search  knockoffs  L._Gordon_Crovtiz  lag_time  large_companies  latent  leaders  leadership  Leon_Panetta  lessons_learned  leverage  life_skills  limitations  logistics  London  London_Bridge  long-term  low_probability  L_Brands  malware  Managing_Your_Career  MappedIn  mapping  meetings  metrics  Michael_Bloomberg  Michael_Hayden  Microsoft  miscalculations  Mitt_Romney  moles  Mondelez  municipalities  museums  narratives  natural_calamities  networking  networks  network_risk  new_businesses  new_products  New_York_City  Nicholas_Carr  nonfiction  North_Korea  NSA  NSC  Obama  obscurity  on-demand  optimism_bias  op_ed  organized_crime  outward_looking  overachievers  overreach  paralyze  partisan_politics  Patrick_Lencioni  Pentagon  peripheral_vision  personal_growth  physical_world  pilot_programs  pivots  Poland  political_literacy  political_polarization  pop-ups  post-mortems  power_grid  pre-emption  preparation  pretense_of_knowledge  primary_field_research  princelings  privacy  problem_framing  problem_solving  productivity  product_development  product_management  product_returns  product_reviews  public_opinion  quality  ransomware  rate-limiting_steps  readiness  real-time  real_estate  rebuilding  record-keeping  redundancies  red_teams  reframing  regulators  Reid_Hoffman  REITs  remote_monitoring  resilience  retailers  revenge_effects  risk-adjusted  risk-management  risks  rogue_actors  root_cause  Russia  scenario-planning  sea-level_rise  SecDef  security_&_intelligence  security_consciousness  self-defense  self-reporting  sense-making  shipping  shopping_malls  short-term  shortcomings  sigint  signals  Silicon_Valley  simulations  smart_meters  software  software_bugs  soft_skills  Sony  South_Korea  space  space_warfare  spectrum  speed  SPOF  spreadsheets  spymasters  Sree_Sreenivasan  STEM  step_change  stockpiles  store_closings  strategic_thinking  Stuxnet  supply_chains  surprises  systematic_approaches  systemic_risks  telecommunications  terrorism  testing  thinking  thinking_tragically  third-party  threats  Tim_Cook  tips  Tom_Friedman  tools  tornadoes  tradeoffs  traders  transparency  trustworthiness  U.S.  U.S.foreign_policy  U.S._Cyber_Command  uChicago  underinvestments  under_appreciated  unintended_consequences  United_Kingdom  utilities  valuations  vandalism  Victoria's_Secret  vulnerabilities  Wall_Street  warehouses  water  weaknesses  weak_links  weaponry  what_really_matters  white_hats  wide-framing  WikiLeaks  worst-case  WWI  Zbigniew_Brzezinski 

Copy this bookmark:



description:


tags: