China Accuses U.S. of Cyberwarfare

Here’s a follow-up to a story I posted last week that discussed organized crime and sovereign nations engaging in cyberterrorism:

In the wake of a recent speech by U.S. Secretary of State Hillary Clinton condemning countries that censor the internet and engage in hacking, China has lobbed a return volley and accused the United States of hypocrisy and initiating cyberwarfare against Iran. An editorial in the People’s Daily — the primary mouthpiece for China’s Communist Party — accused the United States of doublespeak and of using “online warfare” to instigate violent unrest in Iran with Twitter and YouTube following that country’s national elections in June.

“We’re afraid that in the eyes of American politicians, only information controlled by America is free information, only news acknowledged by America is free news, only speech approved by America is free speech, and only information flow that suits American interests is free information flow,” said the Sunday editorial, according to the Guardian newspaper. The editorial was taking aim at a speech by Clinton last Thursday in which she said that access to information, and the internet, is a basic human right. She said that countries around the world were erecting virtual walls in place of the physical walls that generally characterize oppressive regimes.

Clinton urged U.S. media companies to challenge foreign governments’ demands for censorship and surveillance. Clinton did not mention China specifically but also said that “Countries or individuals that engage in cyberattacks should face consequences and international condemnation.”

The Danger of Chain Letters

Even the pointy-haired boss is not immune to the threats of chain letters.

This is one of those things that I wish people would have figured out is not true by now, along with the emails that say Bill Gates will give you $100 if you forward his email and the Nigerian lottery scams. I still get them all the time, which means somebody is still passing around these chain letters and responding to these scams.

250,000 White House Staffers, Visitors Affected by National Archives Data Breach

Given that the White House can’t keep two party crashers out of the building, what hope do they have of defending against a data breach?

A data breach at the National Archives and Records Administration is more serious than previously believed. It involved sensitive personal information of 250,000 Clinton administration staff members, job applicants and White House visitors, as well as the Social Security number of at least one daughter of former Vice President Al Gore.

The data, which included more than 100,000 Social Security numbers, was stored on a computer hard drive that the NARA discovered missing last April from a data processing room in Maryland. It’s unknown if the drive was lost or stolen.

Last month, the NARA sent out about 150,000 letters to former Clinton staff members and White House visitors warning them that their information was involved in the breach, putting them at risk for identity theft. The agency said it is still identifying potential victims and will send more letters as it does. Earlier this year, the NARA had sent out only about 26,000 letters to people affected by the breach. It didn’t know at the time how many other potential victims it might uncover.

The hard drive was part of a collection of electronic storage tapes with data from computers belonging to former employees of the Clinton administration, according to news reports. Data for Executive Office staff was on the drive, as well as Secret Service and White House operating procedures, event logs, social-gathering logs and political records. Former Vice President Al Gore has three daughters, Karenna, Kristin and Sarah. Fox News reports that the Social Security number of at least one of the daughters was on the missing hard drive, but didn’t indicate which daughter.

Well, that’s rather inconvenient, isn’t it?

JetBlue Responds to Tweet, Goes Looking For Passenger’s Sunglasses

Cool story about the power of social networking:

David Friedman, a photographer and blogger of cool ideas, was at JFK airport in New York City earlier today and realized he’d forgotten his sunglasses at the security gate. He mentioned it in a tweet, and to his surprise someone at JetBlue saw it and investigated for him.

The sad news is the JetBlue employee didn’t find the sunglasses. On the other hand, JetBlue did go look for them, then sent someone to Friedman’s gate to give him an update.

United has also been active on Twitter recently, although not as happily. The airline just apologized to Twitter CEO Evan Williams via Twitter this morning after failing to get Williams’ luggage to its destination.

Twitter Apartment Mold Libel Suit Dismissed

Score one for people who like to complain on the internet!

A judge Wednesday dismissed a libel lawsuit filed last year by a Chicago property firm against a tenant who complained about her “moldy apartment” on Twitter. “Who said sleeping in a moldy apartment was bad for you? Horizon realty thinks it’s okay,” Amanda Bonnen wrote in her Twitter feed May 12 at 9:08 a.m. Horizon Group Management, which leased the Uptown apartment to Bonnen, wasn’t pleased and filed a libel suit against her saying she “maliciously and wrongfully published the false and defamatory Tweet.”

On Wednesday in Cook County Circuit Court Judge Diane J. Larsen ordered the case dismissed with prejudice, meaning that Horizon cannot refile the same case. According to Bonnen’s attorney, the judge felt the tweet was too vague to meet the legal standards of libel.

One of Bonnen’s lawyers said this morning the judge dismissed the case on the grounds that the tweet itself was too vague to fit the legal elements required to prove a libel case. The tweet, said Leslie Ann Reis, “could be innocently construed. It could be construed as her opinion. It mentioned Horizon Realty but it never specified whether it referred to Chicago or Illinois and knowing that Twitter is international, that could pertain to any company that uses the name Horizon,” said Reis, who is director of the Center for Information Technology and Privacy Law at John Marshall Law School.That, she said, runs afoul of one of the elements required in proving a libel, that the plaintiff show the defendant made a false statement specifically about the plaintiff. Another requirement is that the statement be published — which it was, via Twitter — but the third element asks the plaintiff to prove actual harm from the statement, such as damage to its reputation or negative financial effects.

Critical Infrastructures Under Constant Cyberattack Globally

Again, cyberterrorism seems to rank low on the priority list when it comes to the shoe bombers and underwear bombers of the world, but perhaps this report will change some minds.

Critical infrastructure systems around the world are the targets of repeated cyberattacks, according to a new global survey of technology executives in these industries. They believe some of the attacks are coming not just from individual cybercriminals but terrorists and foreign nation states. The United States and China are believed to be the most likely countries to conduct a cyberattack against the critical infrastructure of another nation, according to the respondents.

Companies and agencies operating in the banking and finance sectors, energy and natural resources, telecommunications and internet service providers, transportation and mass transit, chemical production and storage, food distribution and government services are considered critical infrastructure companies.

Among the more serious findings in the report is that some of the most sensitive critical infrastructure entities around the world, such as those for energy and natural-resource industries (such as water and sewage plants), are some of the least secure. Only 57 percent of respondents across all sectors said their organization installed security patches and updated software on a regular schedule. About 75 percent of executives in China believe foreign governments have been involved in cyberattacks against critical infrastructure in that country, while 60 percent in the U.S. believe this is the case.The most common target in such attacks was financial information, with a little more than half reporting that this was the aim of intruders. The least common target was password and login information, which was targeted in only 21 percent of attacks. Although the report doesn’t note this, in order to get to financial data, intruders often obtain password and login credentials at some point in their intrusion. So while the password and login may not be the final target, it is often a means to the target.

Private Documents Tossed on Yankees Parade

This happened last fall in New York City after the Yankees won the World Series.

Ticker tape doesn’t exist anymore, so folks had to grab other sources of paper to toss on the Yankees World Series victory parade in Lower Manhattan Friday. A lot of the makeshift confetti was created from shredded papers.

But Fox 5 found some paper on the street at the parade that wasn’t shredded — and the documents contained very sensitive private information. Some of the documents were medical records listing names, addresses, insurance information, medical diagnoses, and other private information. One document was somebody’s stock brokerage account, containing financial information. It could have been a treasure trove of information for identity thieves.

Social Networking: Your Key to Easy Credit?

Holy socks.

Did you know that everything you and those in your network do and discuss online may be compiled and provided to creditors? If your settings are tuned to public, it’s true. This includes your Facebook status updates, Twitter “tweets,” joining online clubs, linking a Web site, and even posting a comment on a news blog (such as, well, this one).

In hopes of identifying good credit customers, some financial institutions are tapping into the information you and your friends reveal online. The idea is that the friends you keep and data you disclose may help them make more accurate business decisions.

There are a couple of ways this information may be applied. It can help creditors promote certain products, cutting down on marketing waste. Lowering lending risk is another reason. Creditors can see if people in your network have accounts with them, and are free to look at how they are handling those accounts. The presumption is that if those in your network are responsible cardholders, there is a better chance you will be too. So, if a bank is on the fence about whether to extend you credit, you may become eligible if those in your network are good credit customers.

Having a robust online social network can also expedite loan acceptance. If you’re connected to a lot of people who are great credit risks, it can speed you through the process.

How Things Get Done

New Job Often Means a Pay Cut

Some new information on how rising job numbers late last year may not truly mean a return to economic stability when those workers don’t have as much money to spend as they used to have.

Unemployed for nearly a year, David Becker was relieved to land a new job in information technology last summer. The offer carried a price, though: It was a lower-rung job than the one Becker had lost. He had to uproot his family from Wisconsin to Nevada. And, like many formerly jobless people who find work these days, Becker is now paid far less than before — $25,000 less.

It’s one of the bleak realities of the economic recovery: Even as more employers are starting to hire, the new jobs typically pay less than the ones that were lost. In the government’s data, a job is a job. More jobs point to a growing economy. But to people who used to earn $60,000, a new $40,000 job means they’ll spend less — and contribute less to the recovery.