New security jobs for the digital world

WSJ highlights 5 new jobs for the digital world

• Deepfake analyst
• Driverless-Car Security Specialist
• Implanted-Device Guardian
• Anti-Cheat Referee (for video games)
• Chief Digital Identity Officer

Video on Trend Micro's threat research

Drones are the COVID-19 heroes - and villains?

They are helping in digital track and trace in China carrying large QR codes

They are delivering test results to labs in Ghana

They have been spraying disinfectants in Spain

 

They are helping in thermal and other inspections

Of course, they are also leading to surveillance state worries. My personal opinion - drones are far more visible to the person on the street than satellite or high-altitude, wide area plane surveillance. We would be naive to discount all the other positive use cases drones are showing.

Wide Area Surveillance

Operated by a company called Persistent Surveillance Systems, the plane was equipped with 12 cameras which, at 8,000 feet, could take in 32 square miles of city in minute detail.

This system is an update of one originally designed for the Air Force, which was used in Iraq to provide aerial intelligence to Marines as they rolled into Fallujah, says Ross McNutt, founder and president of Persistent Surveillance Systems. Only this time, it was being used to catch criminals in the U.S.

Across 300 hours of flight time, the system captured 23 shootings, five of them fatal. In some instances, detective could use this 192-megapixel gods’-eye view to trace suspects to their getaway cars, then rewind to points when those cars had passed in front of one of the city’s 744 closed-circuit cameras.

WSJ (sub required)

 

 

 

The Fifth Domain

From a blog post by Robert K. Knake, co-author of The Fifth Domain

 

"In the Wall Street Journal, we lay out the case that some companies are already resilient to cyber attacks. Dmitri Alperovitch, the CTO at Crowdstrike, and the originator of the often-quoted line that there are “two kinds of companies: those that have been hacked and know it and those that have been hacked and don’t," no longer stands by that assessment. He would add a third kind of company: those that are actively managing the risk posed by even the most persistent nation-state actors. Those companies are cyber resilient.

The handful of companies that have developed resilience are spending millions of dollars and hiring thousands of cybersecurity professionals. For the nation as a whole to be resilient to cyber attacks, we will need innovations that reduce costs and automate security processes. We will also need to put in place incentives so companies truly value their own data and sufficiently invest in their own resilience.  

What we need is the resolve and the budget to make our nation resilient to the threat of cyber attacks. Here, the Solarium can play an important role, not by divining a new strategy, but by studying what we need to do to implement resilience as a strategy, and convincing Congress to make the investments sorely needed to upgrade federal cybersecurity, build the connective tissue for managing threats with the private sector, and bring existing, successful programs to scale to meet the national challenge."

 

The challenges of securing the Black Hat conference

“Things are flying [through the network] that would never, ever fly in a normal corporate environment,” said Mr. Stump in an interview on the sidelines of the five-day conference, which ended Thursday.

Their team, comprising about a dozen volunteers and specialists from technology companies, monitors and responds to more malware variants and malicious traffic over the course of a few days than they would see in an entire year on corporate networks, Mr. Wyler added.

The network operations center must maintain and defend systems that event staff, exhibitors, presenters and attendees rely on. The threats are external and internal, coming from hackers eager to make a mark. Over the course of the conference, there were 84,875 “network events,” or activities suspicious enough to make the team want to take a look.

Deciding what to police and what not to, in the spirit of running a conference for hackers, is a challenge. Attendees can hack each other; they just can’t install cryptojacking software—a program that uses the infected device to secretly mine currency—or ransomware, for example. Attacks directed at conference infrastructure are stopped.

Almost everything else is fair game, within reason, as many of the seminars at Black Hat are geared toward experimenting.

WSJ (sub required)

 

 

 

Your drug store is watching you

A startup named Cooler Screens is piloting a new door for commercial freezers and refrigerators that’s equipped with a camera, motion sensors, and eye tracking in six Walgreens pharmacies around the country, including the one off of Union Square. The doors can discern your gender, your general age range, what products you’re looking at, how long you’re standing there, and even what your emotional response is to a particular product.

The company says that the doors don’t store any of this data, which is anonymized, meaning that it won’t know that when you go to your local pharmacy you always buy ice cream (however, studies have shown that anonymized data, especially in cities, is possible to de-anonymize). Instead, it will use the data it’s collecting on you in real time to show you ads and promotions that the algorithm has determined might be relevant to you.

Fast Company

FullDoorOfVideos2 from Cooler Screens on Vimeo.

 

Giving billions a digital ID

Imagine for a moment that you are one of the estimated one billion people in the world—most of them among the poorest and the most vulnerable—who have no official identification. No birth certificates. No official ID documents. Nothing.

 

Without a way to prove who you are, you would face huge problems going to school, seeing a doctor, receiving government services, getting a bank account, finding a job, traveling across a border, or having access to many other rights and services most of us take for granted. Without an ID, you would be nameless in the eyes of the government and largely ignored.

 

For the last decade, Nandan Nilekani has been working to make these “invisible people,” as he calls them, visible by giving them access to official identification. One of India’s leading technology entrepreneurs, Nandan joined the government of India to lead the launch of India’s national biometric ID system, which uses fingerprints and other biological traits to verify the identities of the country’s more than 1.3 billion residents.

Gates Notes

 

 

The new neighborhood watch

Neighbors, an app launched by Ring, Amazon's smart-doorbell company. It's free to download and use, and lets people share, view and comment on crime and security information in their communities. Most of the posts are video clips shot by Ring video doorbells and security cameras.

Ring CEO Jamie Siminoff said in an interview last month that he sees Neighbors as a major part of his company's development, using the app to help more people work together to reduce crime in their communities. The app, which launched in the US in May, has over a million active users sharing information on alleged crimes and suspicious behavior, Siminoff said.

CNET

 

Robocop

In NYC last week I stayed at a hotel near the Knightscope store and encountered one of their security robots at LaGuardia airport. The Daily Mail explains what they can do

The robots, which can reach speeds of up to 3mph, are equipped with five cameras and feed captured patrol data to an internet-based portal which security teams can then use.

Among the robots' capabilities are the ability to record license plates, detect people, capture thermal imaging, provide 360 degree video, make broadcasts, provide intercom activity and find mobile devices within a set perimeter. 

The conical, self-propelled security robots were created by Silicon Valley company Knightscope and are being used in select cities around the US at venues including malls, hospitals, stadiums and warehouses, according to the company's website. 

Fending off GPS spoofing

Vehicles that rely on GPS navigation are vulnerable to spoofing, the sending of phony signals to lead them off their intended course. The palm-size Pyramid GPS SP from Regulus Cyber Ltd. uses a bundle of antennas and receivers to make sure the signals it’s reading are legit.

Bloomberg