WEEK 12 - Current Trends in Cyber Security

There is a current trend within cyber security with the advancement of spy toys. These things are now
connecting to the net via Bluetooth technology to enhance the traditional dolls entertainment factors. That being said, many claim that these new technological advances are being used to store and monitor a person’s everyday behavior and is a rights encroachment. No one really knows where all this recorded cloud storage personal information is being kept, or even what it used for? Maybe that’s why Germany has banned this product all together.

Germany's Federal Network Agency, or Bundesnetzagentur, has banned Genesis Toys' Cayla doll as an illegal surveillance device. "Items that conceal cameras or microphones and that are capable of transmitting a signal, and therefore can transmit data without detection, compromise people's privacy," said agency president Jochen Homann in a statement. "This applies in particular to children's toys. The Cayla doll has been banned in Germany." Calya's deportation and exile comes two months after privacy advocacy groups urged US and EU regulators to deal with the potentially privacy-infringing doll.

The Bluetooth-enabled toy comes with a microphone and is designed to capture children's speech, so it can be analyzed using Nuance's speech recognition software, in conjunction with mobile apps. Privacy and consumer protection groups have complained that the doll has been programmed to advertise to children, lacks security, and provides insufficient privacy guarantees about how captured data and personal information will be used.


References:


Emery, David., (February, 2017). “My Friend Cayla’ Doll Records Children’s Speech, Is Vulnerable to Hackers.” Retrieved March, 2016 from: http://www.snopes.com/2017/02/24/my-friend-cayla-doll-privacy-concerns/

WEEK 10 – Artificial Intelligence

            We are one step closer to a world with real artificial intelligence. Previously there were AI programs out there that would challenge the human brain in games like chess, go, and various other games. These computer programs were susceptible to the world of poker in that “The computer can’t win at poker if it can’t bluff,” said Frank Pfenning, the head of the computer science department at CMU.” With so many variables and a human factor involved in a game, AI was not evolved enough at the time to challenge the best players in the world and consistently lost over the years. That changed last week and created a milestone for the progression of artificial intelligence.

            Libratus, an AI program developed by a team of researchers at Carnegie Mellon University, took on Dong Kim, Jimmy Chou, Daniel McAulay and Jason Les at no-limit Texas Hold’em in a Pittsburgh casino, eventually taking $1.76 million (£1.4 million) in chips. Developing an AI that can do that successfully is a tremendous step forward scientifically and has numerous applications. Imagine that your smartphone will someday be able to negotiate the best price on a new car for you. That’s just the beginning (Sulleyman, 2017).

            These algorithms will be able to be used in various other parts of our technological world. This includes cyber warfare, military decision making, operational security risks, and various other digital aspect of modern warfare. To date, this is the most successful artificial intelligence known to man and may be the steppingstone for years to come. This could be the historical turning point in which a computer beat the world’s best poker players and become a legend.


References:


Sulleyman, Aatif., (January, 2017). “AI Victory Over Poker Players Hailed as Milestone as       Computer Learns to Successfully Trick Humans.” Retrieved May, 2018 from: http://www.independent.co.uk/life-style/gadgets-and-tech/news/ai-poker-win-tournament-software-beats-pro-players-victory-a7555791.html

WEEK 9 - Action Plans


          I believe action plans are the pivotal points of the whole process. You can sit down, draw out a plan of attack, identify the problems all day long. Unless you have a plan to correct the issues and to maintain recommendations, the whole process would be worthless. This is what the big companies pay for, their information security.

          You can say that any part of the process is important in the chain of things. But if you don't produce the results, a corporation's network security could show massive problems leaving everything vulnerable. It happens all the time now and has been reported by huge company's like Sony and our own government agencies. Can't just follow a known model or process, you have to fix the issues to stay safe!

WEEK 8 - Why look for Threats and Vulnerability? (Sony Pictures Attack)


          Even huge corporations are susceptible threats and vulnerabilities. The Sony Pictures attack was one of the most infamous hacker compromises in recent history. On November 24 2014, a hacker group tried to blackmail Sony Picture heads by threatening the release of company and employee sensitive data. This was the first time “Ransom-ware” was highlighted and now seems to be picking up in popularity across many news outlets. After the failure to act, and the exploit of an insurmountable amount of data, the event led to severe layoffs across the industry from the top down. It led to the firing of Sony Chairman Amy Pascal, whom once was hailed by Forbes as one of the most powerful women in the world. The company’s inept security protocols and disorganized structure gave them no chance to ward off such an attack. Eventually this in incident opened the eyes of all major corporations in the United States. Many companies realized how vulnerable they were and what was now needed to safeguard themselves.


          This Infamous attack from the “Guardians of Peace,” was quickly blamed on North Korea. After further research, there doesn’t seem to be much validity to that accusation. At the time, mid-level investigators had based their theories on the fact that the code was similar to another attack that had taken place by North Korea. What wasn’t known to everyday citizens at the time was that once hacker code is used, it is often quickly grabbed and reused by other hackers. The code is used as a shortcut to other variables of malware being programmed. This process dilutes any “fingerprints” of code and is not a feasible tool to identify assailants. To this day, no one has been identified or charged with this crime.

WEEK 7 – Infrastructure Cyber Attack Risk

           The future may hold a new war of cyber-attacks on the worlds infrastructure.  These are attacks used by computer code via directly or overtly and aimed at controlling or sabotaging industrialized countries machines in control of infrastructure. These vulnerable entities entail many well-known everyday items to include driving grid systems, industrial factories, various power plants, financial institutions, health care, and many other systems that a country cannot afford to lose for a sustained amount of time.

           In 2015, a cyber-attack on Ukraine’s power grid left 700,000 people without electricity for several hours. Alarmingly, the actors behind this attack were previously seen conducting attacks against the U.S. energy sector, prompting an alert by the Industrial Control Systems Computer Emergency Response Team (ICS-CERT) in 2014. Though disruption never occurred in the U.S., this was believed to be reconnaissance for a potential future attack (Brasso, 2016).

           If the United states was targeted, the effects could be catastrophic in regards to how much our system depends on infrastructure. These scenarios involve code that manipulates machines that were never originally made with security in mind. Many of these devices were designed before the digital age explosion and never had net connections in mind upon construction. These vulnerable systems can be directed to shutoff or overrun to cause damage. Worst case scenario would contrast with Iran’s Stuxnet incident in where nuclear power plants were targeted. An environmental disaster in that scale due to a hack could rewrite how the world goes about cyber hacking all together.

WEEK 6 - Use of Credible Sources

In WEEK 2 I stated that credible sources may come down to personal preference and the ability to prove the reference.I then went on to discus how I've been using Vice News over the years and like there stance and point of views, specifically on their technology reporting. Unfortunately, this is more of a news outlet and not much help for system analysis research. I've been using the following sources for this weeks assignments; 

https://www.tutorialspoint.com/system_analysis_and_design/system_analysis_and_design_overview.htm

WEEK 5 - This Weeks Experiences

Oh, how I've come to know and love Harry and Mae's Inc. I have really gotten to know this companies insides and outs by using the same case scenario setup through the last couple of years. That being said, It's been great to be able to find newer and more detailed problems within this fictional company. Not that the work gets any easier, it just comfortable to know where I can start looking for problem's within this company's network system. Upon my graduation, oh, how I will miss you Harry and Mae's.