Tuesday, September 14
Cyber insurance premiums are going way up, and Evan Greenberg, Chubb CEO, warns that those increases do not capture the actual risk of a catastrophic cyber event. Prior to the prevalence of ransomware attacks, insurance companies focused on privacy, such as keeping and storing records, versus business interruption costs. Ransomware has radically altered the landscape of cyber insurance and now accounts for 75% of cyber insurance claims. The increase in claims far exceeds the bump in insurance costs. And, there is not a clear path to reducing the risks and capturing the true costs of a breach.
Is paying ransom to criminals driving up insurance costs as the insurance companies themselves feed the cybercriminal enterprise? Companies may focus less on cybercrime prevention knowing that demands will be met; hackers see companies with solid insurance coverage as highly desirable targets for easy payouts.
Thursday, September 16
Cybercriminals try to trick employees into clinking links to infiltrate and exploit system weaknesses via phishing emails. Additionally, a new approach by a Nigerian criminal enterprise takes a more direct approach. If they cannot trick employees into clicking on links in phishing email, perhaps they can be upfront, and invite them to orchestrate the breach. This group is offering employees a cut of the ransom, initially offering as much as $1M, if employees help sabotage their employer by installing DemonWare on their network. They identify prospective employee targets using LinkedIn.
Researchers at Abnormal Security posed as prospective willing accomplice employees. The criminal group promised the prospective accomplices they would not be caught by their employer because the ransomware would encrypt everything on the system.
Tuesday, September 21
Tech giants, Amazon, Google, Microsoft, IBM, and Apple have pledged major investments to bolster private and public cybersecurity infrastructure following a meeting with President Biden. The Biden Administration established voluntary cybersecurity goals and is pushing G7 countries to update NATO cyber policy and to aid in a collective effort to hold nations accountable for harboring ransomware criminals.
Amazon – Will provide its internal employee security awareness training directly to individuals and businesses at no charge. They will offer a multi-factor authentication device to AWS account holders to protect against phishing and password theft and the ability to use that device to access applications such as Gmail, Dropbox, and GitHub.
Google – Investment of $10B over the next five years to expand zero-trust programs, help secure the software supply chain, and enhance open-source security.
Wednesday, August 25
Is the sky falling?
Well, I suppose that would help.
Bezos, Musk, NASA, Intel, NVIDIA, Netflix, Amazon, Google, and many others are helpless without it. Crippled, done, nada. What is this “magic” ingredient that is so necessary for their current success? Helium. Not just for kids balloons and silly voices, helium is integral to our major technological advances today. Netflix stores its data on 36 helium-filled drives that hold about 100TB of data. Helium increases hard drive storage capacity by 50% and reduces power consumption while doing it.
There have been numerous articles about depletion of helium reserves, increasing global demand, and other doom and gloom, the sky is falling, rhetoric. The fact is there are many advances in global production. And, worst case, the moon is full of Helium-3, which is extremely rare on Earth but 100 million times as abundant on the moon. So, a few more rocket launches, and we can tap that resource along with all the other unique minerals available there.
Monday, August 30
Pay $125K to fly into the Stratosphere in a Hydrogen Balloon?
And, yes, you may reserve a seat on the Spaceship Neptune for $125K, courtesy of Space Perspective, space flight company, which is proposing this idea. The six hour flight goes 100K feet up (1/3 of the way to outer space), high enough to see the curvature of the Earth. A football field sized balloon tows a 16-foot-wide capsule with 9 seats (8 passengers and a pilot), bathroom, bar, Wi-Fi, communications devices to allow live streaming, and a splashdown cone at base for landing. Touted as a “radically gentle voyage”, the airship travels at 12mph, two hours to reach cruising level, drift for hours and descend to land in the Atlantic Ocean. A recovery ship will pick up the passengers from there.
Thursday, September 2
Data Storage, Servers, and Data Center Infrastructure in Space
Data storage is moving from the ground to the cloud to outer space. The exponential growth in data supports increased capacity and technological advances for each. Currently, the focus is on satellites. In 2020 1,283 satellites were launched, the highest number of satellite launches in a year. This year, more than 850 satellites have already been launched. The growth in the number of satellites over the last decade was mainly driven by the development of the smaller CubeSat, which allows a large number of small sized satellites to launch at the same time, earlier rockets were used only to launch one or two satellites at a time. SpaceX launched 172 Starlink satellites in just three launches.
Google has partnered with SpaceX to use the Elon Musk’s space company’s satellite internet service, Starlink. SpaceX will install Starlink terminals at Google’s cloud data centers around the world. Starlink customers can use the cloud and Google can use the internet serve for its enterprise cloud customers.
Wednesday, August 11
VCs Banking on Threats, Breaches, and Accelerating Cybersecurity Market
The cybersecurity market is flush with VC funding at a record high with over $7.8B invested in 2020. Cybersecurity venture funding has been increasing over the last decade with 1500 companies receiving funding since 2017, including 58% seed-stage opportunities. Over $3.7B has already been invested in by April of this year. Over 75% of 2020 funding went to US companies, at $5.9B.
Top investors include Accel, Insight Partners, Techstars, Y Combinator, Ten Eleven Ventures, Lightspeed Venture Partners, Clearsky, ForgePoint Capital, Intel Capital, Salesforce Ventures, and Sequoia Capital.
Friday, August 13
Windows Facial Recognition
Authentication Hacked –
In May 2020, Microsoft reported that Windows Hello had over 150M users and that 84.7% of Windows10 users sign in using Windows Hello. This vast facial recognition user base drew the interest of CyberArk. The system works only with webcams that have an infrared sensor in addition to the regular RGB sensor, but does not even look at the RGB data.
“We created a full map of the Windows Hello facial-recognition flow and saw that the most convenient for an attacker would be to pretend to be the camera, because the whole system is relying on this input.”
Monday, July 19
10 Hot Semiconductor Startups
CRN picks for the “10 Hottest Semiconductor Startups of 2021 (So Far)” are Ampere Computing, Cerebras Systems, EdgeQ, Fungible, Mythic, Pliops, SambaNova Systems, SiFive, Tachyum, and XSights Labs. We take a look at each awardee below.
Thursday, July 22
Human Factors and Cybersecurity
Steve Durbin, Managing Director of the Information Security Forum (ISF), explains that “Cybercriminals have a deep understanding of human psychology and stress-related pandemic issues. In 2020 alone, Google registered a record two million phishing websites whereas ransomware attacks increased by sevenfold.”
Monday, July 26
Expect to Pay Again.
As we know, ransomware attacks are on the rise and the ransoms are getting higher. In the first half of this year, there were more than 226.3M attacks. Of course, the real number is unknown and companies and insurance companies go to great lengths to avoid report of the breach.
Ransomware criminals are now, not only attempting to extract money from their victims, but coming back a second time to extort more. Yonatan Striem-Amit, CTO and co-founder of Cybereason, explains, “Ransomware cybercriminals are constantly innovating on better ways to get companies to pay more.
Tuesday, June 15
$53B SD-WAN Market by 2030
Persistence Market Research report indicates SD-WAN market growth reaching $53M by 2030. The top five vendors in revenue share for the full-year 2020 were led by Cisco, followed by VMware, Fortinet, Versa and HPE/Silver Peak and account for nearly 2/3rds of the market. Top reasons for adoption include auto-failover and redundancy (66.8%), simplified management (61%), and cost savings over MPLS (57.7%).
Tuesday, June 22
EVOTEK Cybersecurity Predictions - Hit or Miss?
EVOTEK leadership, Matt Stamper, CISO, Executive Advisor, and Macy Dennis, CSO, provided 2021 cybersecurity predictions to CSW. Now that we are halfway into the year, let’s look at whether industry movement matches expectations.
Matt Stamper - “2021 will be the year of SOAR and investments in enhanced detention technologies including deception. I am cautiously optimistic that the improvements in security automation, ...
Tuesday, May 25, 2021
Colonial Pipeline Attack &
Why You Should Not Hoard Gas in Plastic Tubs
A ransomware attack on Colonial Pipeline by hacking group DarkSide crippled gas and jet fuel supplies to nearly half the east coast. The pipeline is 5,500 miles long and can carry 3M barrels of fuel each day. The pipeline is owned by the Koch Industries (28%), South Korea’s National Pension Service and Keats Pipeline Investors LP (23.44%), CDPQ Colonial Partners, LP (16.55%), Shell Pipeline Company, LP (16.55%), and IFM Colonial Pipeline (15.8%).
Thursday, May 27, 2021
RSA Conference 2021
COVID & the Expanded Attack Surface
RSAC Virtual 2021 kicked off on Monday May 17th with a keynote titled “A Resilient Journey” from Rohit Ghai, RSA’s CEO. Unsurprisingly, one of the big themes of the keynote was how COVID-19 forced IT and IT security to rethink how we approach remote workers, trust, resiliency, and hacks when most of the workforce of a variety of companies were forced to work remotely.
Thursday, April 22, 2021
Social Media, Blue Leaks, & Suspicious Activity Reporting
2 Views – ACLU versus NSA
Where there is collection of data, there is always the prospect of great use and/or bad abuse.
And, much of the data culled has been packaged and delivered directly from the individual user, via social posts about getting vaccinated, vacation plans, new purchases, 10 year challenge photos (assisting in AI facial recognition), attendance at protests, and check-ins at every restaurant, workout, and airport - complete with selfies, food photos, and Fitbit results.
Thursday, March 25, 2021
Building Storage Solutions for HPC
High-Performance Computing (HPC) originally started out in defense and research domains, such as universities and government agencies. The workloads that the initial HPC solutions were used for included particle physics, fluid dynamics, nuclear weapons modeling, and research and aerospace projects – and, obviously, the space program. What we have seen in the last several years is HPC being applied to new problems in commercial enterprises.
Wednesday, March 10, 2021
Security Hack of F-35 Results in J-31. DOD Says NO MORE in Cybersecurity Enforcement Push
China’s J-31’s is “modeled after” the F-35. That is a nice way of referring to the Chinese hack of F-35 data in 2007 through contractor Lockheed Martin, to build their jet fighter, J-31. Contractors are required to meet standards regarding security protocols but those requirements have not been verified in the past.
Friday, February 19, 2021
Flash or Cache?
Deep Dive on SSD versus HDD (plus cache) for Arrays
In storage systems (and in particular storage arrays), the conventional wisdom has been that flash storage in the form of solid-state drives (SSDs) are necessary for high performance, and NVMe® SSDs provide the highest performance of all storage media. However, a recent interview in Blocks and Files by Infinidat (started by a number of ex-EMC alumni) would like to be the start of a rewrite to this narrative.
Monday, February 8, 2021
AI & Stock Trading
High frequency and algorithm trading has moved from 60-70% of trading in 2010 to 90% in 2017.
While AI is being largely utilized, the proof seems far into the future Don’t we need a recession or major market correction to test the stock trading models?
Monday, February 1, 2021
Balancing Servers and SSDs
How can datacenter systems and application architects rebalance the relationship between server needs and storage capacity for typical enterprise workloads? Balancing the relationship between servers and SSDs is critical to datacenter cost, operational efficiency, and performance.
Saturday, January 9, 2021
U.S. Capitol Security Issues - January 6, 2021
Our AI & Cybersecurity Newsletter typically covers topics such as ransomware attacks, exploits, security issues facing major companies such as Zoom, & security breaches such as the Solarwinds attacks on Nuclear Labs, the U.S. Treasury, & Pentagon. However...
Wednesday, December 30, 2020
Will 2020's Hot Topics Still be Hot in 2021?
Here is a look at three topics for 2021 - storage-class memory, computational storage, and composable infrastructure - what they promised to deliver, to what extent they have lived up to their promise, and what to expect in the coming decade.