Indictment Charges Iranian Nationals With Creating Fake Videos of Democrats Manipulating the 2020 Election Results, and Then Sending Them to Republican Leadership

Show Notes November 29 – December 5, 2021

Russian actors are not the only ones behind cyber-enabled disinformation campaigns.

Other charges against them include allegedly sending threatening email messages to voters in an apparent bid to intimidate them; creating and distributing video containing false information about vulnerabilities in the election infrastructure; and accessing a media company’s network and attempting to use it to spread false information. In addition, Kazemi and Zamani are accused of attempting to illegally access voting-relating websites of multiple states.

“This indictment details how two Iran-based actors waged a targeted, coordinated campaign to erode confidence in the integrity of the U.S. electoral system and to sow discord among Americans,” Assistant Attorney General Matthew Olsen of the Justice Department’s National Security Division said in a statement. “The allegations illustrate how foreign disinformation campaigns operate and seek to influence the American public.”

Other election-related disinformation campaigns that had previously been attributed to the Russians, were just this week attributed to Belarus.


Why the ‘Basement Hacker’ Stereotype Is Wrong — and Dangerous

“It could be Russia but it could be China, it could be lots of people. It could be somebody that sits on their bed that weighs 400 pounds,” Donald Trump, 2016 Presidential Debates.

At its core, the Basement Hacker represents a fundamental and ongoing misunderstanding of the modern cyber adversary. 

But the Basement Hacker stereotype is damaging in more subtle ways as well. Consider the perennial debate over the value of certifications and educational programs taking place among the large, vibrant, and forever-expanding community of aspiring cybersecurity professionals and the established industry players who market educational services and thought leadership to them. Industry veterans, emerging professionals, and cyber educators debate at length whether certifications are worth it, which ones to go for, and how to gain sought-after skills in the most economical way possible.

“Why do you need a certification/degree to work in cybersecurity? The people who are exploiting your networks and applications don’t have certifications or degrees.” The result? Perpetuation of the myth, as well as emerging professionals uninformed or under-informed of the true nature of the threat.

Our most dangerous adversaries are organized, well-funded, and highly trained.


Apple sues Israeli spyware group NSO for Hacking iPhones

The iPhone maker’s lawsuit, filed on Tuesday in federal court in California, alleged that NSO, the largest known Israeli cyber warfare company, had spied on and targeted Apple users. It is seeking damages as well as an order stopping NSO from using any Apple software, device, or services.

NSO develops and sells its spyware, known as Pegasus, which exploits vulnerabilities in iPhones and Android smartphones and allows those who deploy it to infiltrate a target’s device unnoticed.

Apple’s suit provided new details about a recently patched vulnerability, nicknamed FORCEDENTRY, that was used by NSO’s clients for about eight months to deliver code to an unspecified number of targets.

NSO said its software had saved “thousands of lives . . . around the world” and that its technology helped governments “catch paedophiles and terrorists.”


“NFT” picked as word of the year

Now, dictionary-maker Collins has picked NFT as its “word of the year” for 2021, mostly because people are making SRS $$$ from blockchain-based tech. One of those people is of course the artist who goes by “Beeple”; his collection of 5,000+ everyday digital art pieces went for $69 million earlier this year, which every subsequent article on NFTs has been required to mention. This sale made Beeple one of the best-paid artists on earth. The New York Times did not love this, arguing that the gross-out and meme-based imagery of much of Beeple’s work was puerile. Also, Beeple “struggles with flesh; as in many video games, the skins appear waxy and desiccated. It’s as if every remaining human in this cryptouniverse has scurvy, though maybe that is what happens when you subordinate your flesh to the screen.” Yikes. While I agree that this was a pretty dumb way to spend $69 million, NFTs definitely have utility; for instance, just imagine how much fun it would be to buy this critic an NFT of a high-quality “OK Boomer” meme?

Collins defines [NFT] as “a unique digital certificate, registered in a blockchain, that is used to record ownership of an asset such as an artwork or a collectible.” In other words, it’s a chunk of digital data that records who a piece of digital work belongs to. “Unique” is important here — it’s a one-off, not “fungible” or replaceable by any other piece of data. And what’s really captured the public’s imagination around NFTs is the use of this technology to sell art. For example, the rights to a work by the surrealist digital artist Beeple sold at Christie’s in March for $69m. Called EVERYDAYS: THE FIRST 5000 DAYS, it was a collage of all the images he’d created since he committed in 2007 to making one every day.


Fairphone beats the entire Android ecosystem with six years of support vs three years from others

[This might actually be an android phone that I can support… Craig.]

Six years of major updates is unheard of in the Android market. Most Android companies charge iPhone-level prices but don’t offer iPhone-level support, which is six years of major updates. The best you can get from more mainstream Android OEMs like Google and Samsung are three years of major OS updates. Fairphone is a dramatically smaller company than its competition, but it is wiping the floor with them when it comes to updates.

Along with Apple, Fairphone is the only other smartphone company that puts its money where its mouth is and offers long-term smartphone support. While Apple is a multi-trillion-dollar company with all the resources in the world, Fairphone proves any OEM can offer long-term support if it wants to; they just don’t want to invest the time and money to make it happen.


A.I. Operations Could Lead to ‘Catastrophic’ Consequences for China and US: Expert

The rapid evolution of artificial intelligence (AI) technologies poses a challenge to international security and could be used by third-party actors to push nuclear rivals into catastrophic conflict, according to one expert.

Groups leveraging AI, whether they be nation-states or otherwise, would have an “outsized strategic effect” in the coming years, Johnson said during a webinar on China-U.S. A.I. competition hosted by the International Institute for Strategic Studies.

He expressed concern that nonstate or other third-party actors could leverage critical and emerging technologies against nuclear powers, potentially hampering their capability to conduct military operations or drawing them into an unwitting nuclear conflict.

“In theory, a nonstate actor could target nuclear command and control systems, early-warning satellites, and radars, with AI-enhanced cyber weapons without the need for any kinetic or physical attack, let alone the possession of nuclear weapons,” Johnson said.


It’s Time to Get Rid of the IT Department

But here’s the sad fact: Having an IT department is exactly what will prevent companies from being innovative, agile, customer-focused and digitally transformed.

That’s because IT departments are for a bygone era and are ill-suited to the demands of a digital-first world. We all love to complain about our IT departments—blaming the people in them and their leaders for living in their own worlds, and for being unresponsive to business needs. But our complaints are misguided. The problem isn’t with the people or the leaders. It’s with the whole idea of IT departments in the first place, which sets up IT to fail.

The encouraging news is there are also a small number of pioneers who are ditching their IT departments. And their examples offer models for others looking to do the same.



Malcare WordPress Security