InfoCommons

How Google Works

Posted in Uncategorized by coda on July 29, 2010

How Google Works.

Infographic by the Pay Per Click Blog

Advertisements

Maine Firm Sues Bank After $588,000 Cyber Heist

Posted in Information Security by coda on February 24, 2010

Brief facts: A construction firm in Maine is suing a local bank after cyber thieves stole more than a half million dollars from the company in a sophisticated online bank heist. On Friday, Sanford, Maine based Patco Construction Co. filed suit in York County Superior Court against Ocean Bank, a division of Bridgeport, Conn. based People’s United Bank. The lawsuit alleges that Ocean Bank did not do enough to prevent cyber crooks from transferring approximately $588,000 to dozens of co-conspirators throughout the United States over an eight-day period in May. People’s United Bank spokeswoman Valerie Carlson declined to comment for this story, saying the company is aware of the lawsuit but does not discuss pending litigation. According to the complaint, the fraudulent transfers began on Thursday, May 7, when thieves who had hijacked the company’s online banking credentials initiated a series of transfers totaling $56,594 to several individuals that had no prior businesses with Patco. The company alleges that this pattern of fraud continued each day of the following business week, during which time the thieves made additional batches of fraudulent transfers totaling $532,257.
Ocean Bank TOS
See also ‘Shames-Yeakel v. Citizens Financial Bank: Failure to Expeditiously Implement State-of the Art Security Measures Can Create Liability for Negligence in Data Breach Cases’
Also this

Tagged with:

BLACK JUNE 2005

Posted in Information Security by coda on February 23, 2010

3 Student presentations on Information Security
3 examples – UBS, Motorola and Citibank
The 3 types of threats: Physical, Technical and Social
The first is particularly poignant – Haiti, 9-11
The second – infrastructure: Network/Systems
The third – social. [case examples]

What types of regulations?
Data Protection/Privacy
Common Law obligations – laws of trespass, tort of negligence, criminal damage
Q. How do you explain increased legislative activity?

Types of Approaches
Physical Security measures – CCTV, biometric, ID system
Technical – Network/Information Security
Social – Promoting Institutional Awareness

2nd Presentation
Phishing websites of RBS – illustrates the role of social engineering.
Important – how is fraud being perpetrated? Contrast this with the way “old” type fraud take place.
This is a useful example demonstrating the scale, reach and nature of threats.
Why online? What are the incentives/motives for committing online fraud?
We need to look at online security from the perspective of “data” (what we are trying to protect”) “systems” (the vehicle through which data is carried).
Online malicious attack/intrusion – theft, damage system/delete data
Learning point: how do we “draft” legislation/rules? Emphasis of laws: “unauthorised” and “access”
Where are the threats likely to come from? What types of threats?
A particular problem arises where employees access the Internet/engage in personal communications from work. By the same token, quite a lot of individuals work from home – problems may arise if the home network/computer is not secure or does not have updated appropriate security software.
What is the value of “data”? How much does it cost to upgrade systems/install systems?

Securing compliance is a corporate governance issue. How is this achieved?
Law – legal rules governing data processing
Data Breach Notification laws

Presentation 3
Takes a close examination of the “types” of threats
a. Virus (Melissa) – used email to infect computers
Charged in New Jersey

b. Worm (ILOVEYOU)
Downloads malicious software – and program continues to propagate.
Note – offenders from Philippines. There was no law covering what the accused was deemed to have done – this act of creating the malicious software was an offence in US.

c. Individual’s email was hacked – account was used. What are the challenges for enforcement and investigation?

Tagged with:

Patient Privacy [2]

Posted in Uncategorized by coda on February 19, 2010
Tagged with:

Patient Privacy[1]

Posted in Uncategorized by coda on February 19, 2010
Tagged with:

More on FOSI: Children in Web 3.0

Posted in Uncategorized by coda on February 12, 2010

On 3rd of December I did a post on Larry Magid and the FOSI conference. I want to begin a series of posts, documenting the summaries provided by FOSI of the various panels. So here goes.

Online Child Safety: Thinking map

Posted in child protection, child safety by coda on February 12, 2010

This is an excellent site that enables educators to map critical thinking skills onto lessons.

Tagged with: ,

Video of Spyware

Posted in Uncategorized by coda on February 9, 2010

Introduction

Posted in internet by coda on February 1, 2010
Tagged with:

Designed for Change: End-to-End Arguments, Internet Innovation, and the Net Neutrality Debate

Posted in Net neutrality by coda on December 18, 2009

Many advocates of strict net neutrality regulation argue that the Internet has always been a “dumb pipe” and that Congress should require that it remains so. A new report by ITIF Research Fellow Richard Bennett reviews the historical development of the Internet architecture and finds that contrary to such claims, an extraordinarily high degree of intelligence is embedded in the network core. Indeed, the fact that the Internet was originally built to serve the needs of the network research community but has grown into a global platform of commerce and communications was only made possible by continuous and innovative Internet engineering. In the new ITIF report Designed for Change: End-to-End Arguments, Internet Innovation, and the Net Neutrality Debate, Bennett traces the development of the Internet architecture from the CYCLADES network in France to the present, highlighting developments that have implications for Internet policy. This review will help both engineers and policy makers separate the essentials from the incidentals, identify challenges to continued evolution, and develop appropriate policy frameworks

Tagged with: