My take-aways from Fareed this week

I love spending my Sunday mornings catching up on the world. And I am a big fan of Fareed Zarakia GPSon CNN. The PoliSci major in me is a big lens through which I view things. These are my thoughts on what I heard today. I suggest you listen to the panel and guests for today’s show to see what you think.

1. Unholy Alliances: Saudi Arabia and the dangerous liaison between Trump and the country that actually funds, harbours and supports terrorism which is NOT Iran as Trump stated in his speech in Saudi. The statistics on who is behind terrorist events impacting North America points the finger of blame squarely at Saudi, but we knew that. We have know that since 9/11.  Is this a case of keep your friends close but your enemies closer? No, sadly not. As Fareed put it, Trump has been played by the Saudis. Fareed’s guests on the panel today were: Richard Haass, president of the Council on Foreign Relations, Anne-Marie Slaughter, president and CEO of New America, Ian Bremmer, president of the Eurasia Group, and Matthew Kroenig, associate professor of government at Georgetown and the School of Foreign Service there. I would liken this to how Trump has been played by Putin.
2. The radicalization of Islam.   The panel discussion went on to discuss how Saudi Arabia has twisted Islam to suit their purposes, and have been steadily exporting it across the globe through religious schools and funding.  There are scary references from the past we can draw from when we teach evil, hatred, intolerance to our youngest. We know where this leads. We still don’t get the concept of Jihad in the West. Africa.  And yet, what has been fomented out of Saudi Arabia is now spreading like cancer, an infection that seeps in through the cracks of poverty, divisiveness, intolerance and mutates. It replaces acceptance with rigidity, masquerading as structure.  It offers something that existing governments, education, religion fail to supply, then works like an addiction to brainwash and radicalize.  This is far more entrenched within our societies than we realize and we need to recognize where it is taking hold and why.
3. What happens when you close the door on something? The case in point made here about when the US rejected overtures from Sudan. Sudan looked elsewhere for what they needed and found it in Islam. What they sought was a basic human need for structure, and a way to unify many competing factions. Religion was something they all shared. This builds from the point made above. Here was an opportunity lost for the West to gain a foothold and build relationships. Now, as Africa takes on “westernized” attributes, it also has the underpinnings of terrorism strongly rooted in nations known for their instability.   Fareed’s guest was  Jeffrey Gettleman, the East Africa bureau chief for the New York Times and author of “Love, Africa”.   He was eloquent and hopeful about the future for this continent and the people who are willing to work very hard for comparatively little.
4. Finally, bringing science to the hearts and minds of the people. Fareed’s guest was Brian Greene, professor at Columbia University and also co-founder of the World Science Festival. He hit home a point near and dear to me about ensuring we make these concepts accessible to all, rather than shut them out because they aren’t “smart” enough. If we want to see diversity in tech, to encourage our young people to enter these fields, we need to open the doors to understanding, to respect that not everyone learns the same way.  If we want to force governments to fund research and development, to feed scientific initiatives that will seed and nurture innovation for the years ahead, we need to foster interest and support across the general populace. Help them understand in their own ways, see the relevance, and share in the excitement. Science is for everyone.

   Thanks for reading!

Manchester: United

My thoughts and prayers have been with the people of this city this past week.  In deep respect, I want to celebrate their strength, unity and unwavering commitment to meet hardship head-on. This is who they are, and how they want the world to see them.

Nothing can undo the grievous loss of life, or the heinous crime committed against innocents. Those who committed the act have no regard for what the rest of us feel; there is no retribution that will make them make amends or be remorseful. They are incapable of humanity. And in blunt honesty, I would not waste it on them but instead would spend the energy and time supporting those who are victims of their terror, and bolster the resources and efforts of those who fight against them. So that we stand together with Manchester, united.

The realities of a global cyber attack: Ransomware hits home

realtime botnet tracking map by http://www.malwaretech.com

On Friday, a global ransomware attack began by hitting the most vulnerable target: hospitals. The National Health Service in the UK dealt with a worst case scenario, having to turn away patients, being unable to operate or aid those in need.

There were warnings echoed from Spain, where a major telecom was hit, followed by numerous businesses. It took less than 12 hours for the ransomware to circle the globe. But, North America was spared because an intrepid security researcher in Britain happened upon the means to delay the spread for a significant time, buying time for those in the US and Canada to patch and prepare. You can read his story on his blog here.

Currently, the number of countries impacted is over 100. We are expecting version 2.0 to hit by Monday, because that’s the nature of  these attacks: the attackers know when they have their victims over a barrel, and the maximize the opportunity. Microsoft has issued patches. But what everyone can and must do, over and above applying these specific patches, is this:

• Ensure you have full, and working backups that are offline and removed from the network.
• Have a Disaster Recovery/Business Continuity plan that specifically addresses cyber events like this one
• Be ready with a crisis communications designated spokesperson and prepared statements. If you’ve been hit, and things are going terribly wrong, then you don’t want to be dealing with that and trying to say the right things to press, staff, stakeholders
• Check in with and listen to your network and sysadmins. They know what’s going on out there. They’ve seen the sh*t that happens, what breaks, and why
• Don’t evade or deflect this topic. Don’t underplay it, and of course don’t focus on the fear. Have honest discussions with your staff because this is how you creating lasting awareness and create change in behaviours that will better secure your organization

I follow these two experts on the risks to specialized systems, notably ICS or Industrial Control Systems and SCADA, Supervisory Control and Data Acquisition. Note that medical facilities, mass transit, manufacturing and utilities all rely on these specialized systems that are proprietary;  are often set up with hard coded or default passwords that are NOT secure; and with older equipment that just can’t be upgraded so is left to run unpatched until it fails. There is so much more we need to address.

Here is a global snapshot (per CTV news):

Russian Train Control Center Ransomwared

EUROPEAN UNION: Europol’s European Cybercrime Centre, known as EC3, said the attack “is at an unprecedented level and will require a complex international investigation to identify the culprits.”
BRITAIN: Britain’s home secretary said the “ransomware” attack hit one in five of 248 National Health Service groups, forcing hospitals to cancel or delay treatments for thousands of patients — even some with serious aliments like cancer.
GERMANY: The national railway said Saturday departure and arrival display screens at its train stations were affected, but there was no impact on actual train services. Deutsche Bahn said it deployed extra staff to help customers.
RUSSIA: Two security firms — Kaspersky Lab and Avast — said Russia was hit hardest by the attack. The Russian Interior Ministry, which runs the country’s police, confirmed it was among those that fell victim to the “ransomware,” which typically flashes a message demanding payment to release the user’s data. Spokeswoman Irina Volk was quoted by the Interfax news agency Saturday as saying the problem had been “localized” and that no information was compromised. Russia’s health ministry said its attacks were “effectively repelled.”
UNITED STATES: In the U.S., FedEx Corp. reported that its Windows computers were “experiencing interference” from malware, but wouldn’t say if it had been hit by ransomware. Other impacts in the U.S. were not readily apparent.
TURKEY: The head of Turkey’s Information and Communication Technologies Authority or BTK says the nation was among those affected by the ransomware attack. Omer Fatih Sayan said the country’s cyber security centre is continuing operations against the malicious software.
FRANCE: French carmaker Renault’s assembly plant in Slovenia halted production after it was targeted. Radio Slovenia said Saturday the Revoz factory in the southeastern town of Novo Mesto stopped working Friday evening to stop the malware from spreading.
BRAZIL: The South American nation’s social security system had to disconnect its computers and cancel public access. The state-owned oil company Petrobras and Brazil’s Foreign Ministry also disconnected computers as a precautionary measure, and court systems went down, too.
SPAIN: The attack hit Spain’s Telefonica, a global broadband and telecommunications company.