A New Era of Internet Attacks Powered by Everyday Devices

October 23, 2016 Leave a comment

WASHINGTON — When surveillance cameras began popping up in the 1970s and ’80s, they were welcomed as a crime-fighting tool, then as a way to monitor traffic congestion, factory floors and even baby cribs. Later, they were adopted for darker purposes, as authoritarian governments like China’s used them to prevent challenges to power by keeping tabs on protesters and dissidents.

But now those cameras — and many other devices that today are connected to the internet — have been commandeered for an entirely different purpose: as a weapon of mass disruption. The internet slowdown that swept the East Coast on Friday, when many Americans were already jittery about the possibility that hackers could interfere with election systems, offered a glimpse of a new era of vulnerabilities confronting a highly connected society.

The attack on the infrastructure of the internet, which made it all but impossible at times to check Twitter feeds or headlines, was a remarkable reminder about how billions of ordinary web-connected devices — many of them highly insecure — can be turned to vicious purposes. And the threats will continue long after Election Day for a nation that increasingly keeps its data in the cloud and has oftentimes kept its head in the sand.

Remnants of the attack continued to slow some sites on Saturday, though the biggest troubles had abated. Still, to the tech community, Friday’s events were as inevitable as an earthquake along the San Andreas fault. A new kind of malicious software exploits a long-known vulnerability in those cameras and other cheap devices that are now joining up to what has become known as the internet of things.


The advantage of putting every device on the internet is obvious. It means your refrigerator can order you milk when you are running low, and the printer on your home network can tell a retailer that you need more ink. Security cameras can alert your cellphone when someone is walking up the driveway, whether it is a delivery worker or a burglar. When Google and the Detroit automakers get their driverless cars on the road, the internet of things will become your chauffeur.

But hundreds of thousands, and maybe millions, of those security cameras and other devices have been infected with a fairly simple program that guessed at their factory-set passwords — often “admin” or “12345” or even, yes, “password” — and, once inside, turned them into an army of simple robots. Each one was commanded, at a coordinated time, to bombard a small company in Manchester, N.H., called Dyn DNS with messages that overloaded its circuits.

Few have heard of Dyn, but it essentially acts as one of the internet’s giant switchboards. Bring it to a halt, and the problems spread instantly. It did not take long to reduce Twitter, Reddit and Airbnb — as well as the news feeds of The New York Times — to a crawl.

The culprit is unclear, and it may take days or weeks to detect it. In the end, though, the answer probably does not mean much anyway.

The vulnerability the country woke up to on Friday morning can be easily exploited by a nation-state such as Russia, which the Obama administration has blamed for hacking into the Democratic National Committee and the accounts of Hillary Clinton’s campaign officials. It could also be exploited by a criminal group, which was the focus of much of the guesswork about Friday’s attack, or even by teenagers. The opportunities for copycats are endless.

The starkest warning came in mid-September from Bruce Schneier, an internet security expert, who posted a brief essay titled “Someone Is Learning How to Take Down the Internet.” The technique was hardly news: Entities like the North Korean government and extortionists have long used “distributed denial-of-service” attacks to direct a flood of data at sites they do not like.

“If the attacker has a bigger fire hose of data than the defender has,” he wrote, “the attacker wins.”

But in recent times, hackers have been exploring the vulnerabilities of the companies that make up the backbone of the internet — just as states recently saw examinations of the systems that hold their voter registration rolls. Attacks on the companies escalated, Mr. Schneier wrote, “as if the attack were looking for the exact point of failure.” Think of the mighty Maginot Line, tested again and again by the German Army in 1940, until it found the weak point and rolled into Paris.

The difference with the internet is that it is not clear in the United States who is supposed to be protecting it. The network does not belong to the government — or really to anyone. Instead, every organization is responsible for defending its own little piece. Banks, retailers and social media hubs are supposed to invest in protecting their websites, but that does not help much if the connections among them are severed.

The Department of Homeland Security is supposed to provide the baseline of internet defense for the United States, but it is constantly playing catch-up. In recent weeks, it deployed teams to the states to help them find and patch vulnerabilities in their voter registration systems and their networks for reporting results.

Categories: Uncategorized

Holiday shopping habits from over 7,000 smartphone consumers

October 14, 2016 Leave a comment
Categories: Uncategorized

NY Times BITS Daily Report

October 14, 2016 Leave a comment

The New York Times

Friday, October 14, 2016

For the latest updates, go to nytimes.com/bits »

Yahoo’s headquarters in Sunnyvale, Calif.
Yahoo’s headquarters in Sunnyvale, Calif. John G. Mabanglo/European Pressphoto Agency

Daily Report

The aftereffects of an extensive hacking can linger for weeks and months — sometimes even years.
Yahoo is now experiencing that fallout. Late last month, the internet portal disclosed that the account information of at least 500 million users was stolen by hackers in 2014. The hacking was deemed the biggest known intrusion of one company’s computer network.
The situation was especially prickly for Yahoo because it is in the midst of selling its core business to Verizon Communications for $4.8 billion.
Now Verizon is using the hacking to rattle some cages. The giant telecom company’s top lawyer said on Thursday that the hacking had materially reduced the value of Yahoo, implying that Verizon may want to renegotiate the price at which it is acquiring the internet portal, writes Vindu Goel.
It is one move in a chess match that is no doubt going on behind the scenes between Verizon and Yahoo, and it illustrates how hackings can become a factor in a negotiation. Your move, Yahoo.
— Pui-Wing Tam
In a statement on Thursday, Yahoo said, “We are confident in Yahoo’s value and we continue to work towards integration with Verizon.”

Verizon Says Yahoo Hack Could Reopen $4.8 Billion Deal Talks


Verizon’s top lawyer said the hacking of 500 million Yahoo email accounts, made public after the deal was announced, could justify reopening sale discussions.

A SoftBank store in Tokyo. The Japanese conglomerate has had success in investing in companies rather than buying them outright.

SoftBank and Saudi Arabia Partner to Form Giant Investment Fund


The fund, worth possibly $100 billion, would seek out promising technology companies worldwide.

A customer asking about returning a Galaxy Note 7 at a store in Seoul, South Korea, on Wednesday.

Samsung Predicts $3 Billion Hit to Future Profits After Pulling Galaxy Note 7


The reduction in profits tied to cancellation of the model was expected to be in the mid-2 trillion won range in the October-December period, the company said.

Snap Inc., as Snapchat recently renamed itself, is expected to make a splashy market debut.

Snap’s I.P.O. Bankers Also Helped Bring Alibaba to Market


Snapchat’s parent has hired two of the banks that worked on the $25 billion market debut of the Alibaba Group, the biggest I.P.O. on record.

Connected Car services become contextual to the driver’s location and lifestyle.

One Day, Cars Will Connect With Your Fridge and Your Heartbeat


Cars that direct drivers to appointments and stores — or even monitor the driver’s health — are coming, experts say.



Making Sure You Record the Whole TV Show


Live events running long can mess up your video recordings, but you can use a few workarounds to make sure you get the end of that game or show.

Forward it to your friends, and let them know they can sign up here.
FOLLOW Bits Twitter @nytimesbits
Categories: Uncategorized

2016 Retail Future Trends Report

October 14, 2016 Leave a comment

 Oct. 14, 2016

Colleagues pay homage to editor James Bickers

James Bickers, founding editor of Digital Signage Today and Retail Customer Experience, is remembered as creative, passionate, enthusiastic, talented, but, most of all, as a man who adored his family and who made everyone smile.

ComQi, Inc.
ComQi provides true end-to-end networked digital out-of-home solutions for retailers, advertisers and other media estate owners – delivering the right message at the right time in the right place. Learn more.
Register for Money20/20 Today!
Join 10,000 brilliant minds, including 1,000 CEOs and 500+ speakers at Money20/20. Register with code NETWO250 to save an additional $250!

My Account

Copyright © 2016 Networld Media Group, LLC. All rights reserved.
Categories: Uncategorized

Just-Style Weekly News

October 14, 2016 Leave a comment
Categories: Uncategorized

ST&R Trade Report

October 12, 2016 Leave a comment

If you have trouble viewing this e-newsletter, please View Email as a Web Page

Oct. 13, 2016

Trade Remedy Cases on Softwood Lumber from Canada Could be Filed Soon

The first antidumping and countervailing duty cases against Canadian softwood lumber products in a decade could be filed as early as this week after the U.S. and Canada missed an Oct. 12 deadline for reaching a new agreement.

List of Foreign Goods Cited for Forced or Child Labor Adds 27, Removes One

Significant U.S. Import Restraints Subject of ITC Review

Steel Import Monitoring System Proposed for Extension Until 2022

Import and Export Restrictions on Two Opioids Postponed

IPR Enforcement: Food Supplements, Marine Sonar, Batteries and Power Tools

EPA Names Five Chemicals to Receive Expedited Action
Amended Maritime Agreements Filed

Categories: Uncategorized

ST&R Trade Report

October 11, 2016 Leave a comment

If you have trouble viewing this e-newsletter, please

Oct. 12, 2016 About l Federal Register

Revamped MTB Process Offers Significant Duty Savings; Oct. 13 Webinar to Review Details

The first miscellaneous trade bill process in six years is set to get underway Oct. 14 when the International Trade Commission starts accepting public petitions for import duty suspensions or reductions as directed by the MTB reform bill approved by Congress and signed into law earlier this year. Each approved duty modification can result in savings of up to $500,000 per year.

Burma Sanctions Program Terminated, Including Ban on Gem and Jewelry Imports

Asia Update: Trade Liberalization, Foreign Investment, Vietnam Port, China-Colombia FTA

$1.5 Million Penalty for Shipping Act Violations

ATF Testing Submission of Export Data Through ACE

AD/CV: Crawfish Meat, Steel Cylinders, Pipe Fittings

Guidance and Fire Control Equipment Among Items Transferred to Commerce Control List
CBP Accepts Proposal to Upgrade Border Infrastructure for Fresh Produce
Categories: Uncategorized
%d bloggers like this: