Study Opportunities' Blog
We all take a lot of time and effort to teach our learners about Phishing - and about the more specialised, targeted "Spear Phishing" version of this type of attack. Well, it's time we added "Whaling" to that repertoire.
The term 'Whale' is often used in IT - and in business in general. A 'Whale' is generally a big spending customer - for example in all those 'free' games that you find available on mobile devices you are able to buy 'coins' or 'stars' or 'points' or something that will make it easier to progress through the game faster. Most people do not spend real money on these in game currencies - but there is a select group of users that do buy them - and they buy large. They are usually called 'Whales' - and they are where these companies make their money. Before science was sufficiently advanced whales were simply regarded as another type of fish - the biggest fish in the sea. So they are the biggest Phish for Phishers to focus their attention on as well. In the world of cybercrime a whale is typically a high level business person (CEO, COO, CFO, CTO = 'C' level executive, someone with 'Chief' in their title), politicians or celebrities.
The Whale phisher typically sends an urgent e-mail from a trusted colleague / business partner requesting urgent payment for some critical aspect of the business. The CEO then gives the order that payment be made, short-circuiting the usual paperwork... The phisher scores big. In May this year an Austrian aircraft company lost nearly € 41 Million (more than R 645 000 000) to a Whaling attack. The CEO and CFO lost their jobs. Read about it here.
MyBroadband.co.za has a story on Whaling and some tips from the FBI about how to avoid such attacks, whilst Social-Engineer.com asks 'Why go after minnows when you can catch a Big Phish?'. Finally CSOonline.com has got some examples of scams that CEOs could fall for (especially the spoofed 'from' addresses that rely on similar looking mis-spellings to seem as if they are from a valid source) - if you can stand their irritating multi-page slideshow format.
Fighting back against RansomWare
A great resource for learning about, identifying and fighting Ransomware is nomoreransom.org. They even have tools that will decrypt certain types of Ransomware attacks. A great resource for teaching about this type of malware.
Watch out for that cheap wireless keyboard
You better watch out, you better beware, Keysniffer is already in town.
Armed with a bit of smarts and a wireless dongle that costs less than R200 a hacker can not only intercept whatever you type on your keyboard (without even having to install key logging malware on your computer) from up to 70 m away, but they can also insert their own keystrokes to change whatever you are typing.
How is this possible? Well, makers of cheap wireless keyboards (those that use their own wi-fi dongle instead of Bluetooth) let the communication between the keyboard and the computer take place without encryption (or with poor encryption). Why? Because its cheaper and cheaper = lower price or more profits or both. Wired magazine has the lowdown on this new hacking exploit.
There is no such thing as anonymity or privacy on the web
Keep on telling your learners this fact. Repeat it until they think you are a stuck record. For those that say that they are savvy and have the skillz and the toolz to keep private - point out to them that the TOR browser and account they are using is probably compromised. Researchers recently found over 100 TOR nodes that were spying on their users... Tell them to read the article at The Hacker News. Then point out that the web is a large, wild, ungoverned place which is about as tough and secure as a bag made of wet toilet paper. They need to always assume that most of what you do, create, store, collect, download electronically is traceable and watchable and has probably been intercepted by someone somewhere.
A general Resource for all
The World Digital Library is a resource created by the US Library of Congress with support from UNESCO. It contains many digitised images, texts and maps that are interesting to browse through but could also be valuable resources for the History / Geography teachers at your school.
Building at 225 bricks per hour
3DPrint.com has an article about an Australian company which has created a robot that can lay 225 bricks in an hour - as much as a human does in half a day. Basically a truck loaded with bricks arrives at the building site, extends a robotic arm and starts laying the bricks according to the design programmed into it from a CAD model. There's a time lapse video of the robot at work near the end of the article.
That's it for this week.
The UK started including Cyber Crime in its crime survey for the first time last year. Surveys do not include the whole population - so the statisticians who run them make projections from the data that they do receive from the survey. The Office of National Statistics (ONS) "estimated that there were 2.46 million cyber incidents and 2.11 million victims of cyber crime in the U.K. in 2015”.
Policing, especially in cyberspace, is no longer the exclusive preserve of law enforcement. The private sector, academia, and citizens themselves all need to be involved’
INTERPOL 22 January 2016
The National Crime Agency report can be found here and is very interesting reading. Particularly useful is the differentiation between Cyber dependant and Cyber Enabled crime:
Krebs On Security reports the article as follows: According to the NCA, cybercrime emerged as the largest proportion of total crime in the U.K., with “cyber enabled fraud” making up 36 percent of all crime reported, and “computer misuse” accounting for 17 percent. I am unable to find those figures in the document, but if correct then computer related crime adds up to 53% OF UK CRIME.
Bratwurst Bot - The Independent Robot Chef
A robot that takes orders then cooks and serves the required sausages independently recently performed flawlessly at a German Government event - delivering over 200 perfectly grilled Bratwurst! Take a look at the video of it in action over at Engadget,
New Graphics from nVidia and storage from Seagate.
nVidia's new TitanX graphics card includes 128 Gb of Ram includes 3 584 cores running at 1.5 Ghz delivering 11 teraflops of computing power. It costs $1200 (around R17 000).
Seagate has a new desktop drive with a 10 Tb capacity - that will cost you $535 (around R 7 600). For comparison the first 1Terabyte drive became available in 2007 and cost $399.
Referencing tool for Creative Commons images
We always have a problem getting our learners to reference properly. ImageCodr.org is a useful tool that will help them to generate correct references for Creative Commons images found on Flikr.
That's it for this week - happy teaching!
So, Monday is back to school - time for a quick catch up on what has happened in the world of tech during the holidays:
Augmented Reality (AR): When virtual data / information / images are projected over a live view of the world around us. It is the great promise behind products such as Google Glass. Other examples include apps which allow you to view a city through the lens of your smartphone camera and add labels / icons to the image to show points of interest. Last week saw the launch of a new AR game that has taken the world by storm: Pokemon Go. In the game you walk around the real world hunting virtual Pokemon monsters that you find superimposed on the view of the world seen through the lens of your smartphone camera. It's an internet sensation and has featured widely in the news. The game is not available in SA (yet) but it's a great way to teach your kids about the concept of augmented reality.
Killing by Robot: The Police shootings in Dallas ended when the attacker was cornered in a parking garage where, after a long standoff during which the attacker made threats about bombs and explosives, the police attached an explosive to a remotely controlled robot, drove the robot up to the attackers location and detonated the explosion. The attacker was killed. This is the first incident of a robot being used this way in a criminal incident (Americans have used robots in this way in war zones before). Both CNN and Readwrite.com have articles discussing the ethics of this action.
Robots in Accidents: Tesla's electric cars have an 'autopilot' mode where the car actually takes care of the driving, though the company requires drivers to remain alert with their hands on the wheels at all times when the autopilot is engaged. There have been several recent reports of accidents taking place whilst a Tesla car was in autopilot mode - one of which resulted in the death of the driver (read it here at Engadget). Google's self driving car also recently had its first accident which was caused by the car (and not the other person involved in the accident).
AI better than the best: This time it's not computer AI beating people at games such as Chess, Go or even the TV quiz program Jeopardy. No. This is computer AI beating the best Top Gun pilots in aerial combat simulations - 100% of the time. Read its at the Dailymail.co.uk, Popular Science and at Engadget (the last paragraph here is pretty impressive).
Unemployed by Robots: It's always easy to generalise and say how robots and IT can cost jobs. This is a concrete example of extreme labour reduction made possible by tech. Hostess (the company that makes American baked sweets such as Twinkies) has gone from a workforce of 9 000 employed in 14 bakeries across America to 1 170 in 3 bakeries. Well over 80% of its staff lost their jobs to automation. Read about it in themoneystreet.com and in the Washington Post (you need to enter your email for access).
More 3D Printed medical marvels: A man lost his jaw to cancer and its treatment. Thanks to 3D printing he can at least look like a normal human again. Article and video at Engadget.com.
Small snippets: KiloCore: A team at University of California has designed a processor with 1000 cores. Read it at ScienceDaily.com. A Nascar race team was hit by Ransomware in April and nearly lost $2 million in files (but paid the ransom). Softpedia.com has the details. Great article on Social Engineering at Geektime.com.
Welcome back to the new term, good luck and happy teaching!
086 293 2702
012 565 6469
Copyright Study Opportunities 2016 - 2021. All rights reserved.