The discovery of Stuxnet, a malware that targeted a nuclear facility, was somewhat revolutionary and groundbreaking. It targeted ICS which monitor and run industrial facilities. Before that, most of malicious programs were developed to steal information or break-in into financial sector to extort money. Stuxnet went beyond went and targeted high-level facilities. It is not hard to imagine what damage it could have inflicted if the worm were not detected. What is more worrisome, the technology is out. It might not be perfect, but it is definitely a start. Regardless of the intentions behind Stuxnet, a cyber bomb has exploded and everyone knows that cyber capabilities indeed can be developed and mastered.
Therefore, if they can be developed, they will probably be. The final goal of Stuxnet was to affect the physical equipment which was run by specific ICS. It was done in order to manipulate computer programs and make it act as an attacker intended it to act. Such a cyberattack had a particular motivation; sabotage of industrial equipment and destruction could have been one of the goals. So, if they were indeed the goals, it might have been an offensive act, conducted by an interested party, presumably, a state for its political objective. Yet, there are certain limitations when it comes to so-called “cyber weapons” (malware that might be employed for military use or intelligence gathering).
One of the main concerns of cyber offence is that code may spread uncontrollably to other systems. In terms of another physical weapon, it is like a ballistic missile that anytime can go off-course and inflict damage on unintended targets and/or kill civilians. Cyber offensive technology lacks precision, which is so valued in military. For example, in ICS and SCADA systems one may never know what can backfire because of the complexity of the system. The lack of precision consequently affects military decisions. When launching a weapon, officers should know its precise capabilities; otherwise, it is too risky and is not worth it.
In case of Stuxnet, the program started replicating itself and infected computers of many countries. For this moment we do not know if it were planned in that way. However, provided that that target was Natanz facility, it is unlikely. Symantec Corporation started analyzing the case only with external help; it did not come from Natanz. This exacerbates the case if a country decides to launch an offensive cyberattack.
If the military planning cannot prevent cyber technology to go awry or to go out in the public, it brings more disadvantages than advantages. Moreover, given a possibility of the code being discovered and broke down to pieces to understand what it does, it may potentially benefit an opposing party (and any other interested party along the way). This is unacceptable in military affairs.
Similarly, when the code is launched and it reaches the target, it can be discovered by an opponent. In comparison to nuclear, when a bomb explodes, it brings damage and destruction, but its technology remains in secret. In case of cyber, it may not be the case, as when a malware/virus is discovered, it can be reverse engineered to patch vulnerability. By studying the code, an enemy would find out the technology/tactics used that could be unfavourable in the long-run for the attacker.
Additionally, it should be said that not every malware is meant to spread by itself. In order to control the spread, vulnerability can be patched, meaning updating the software which had that vulnerability. An anti-malware can also be introduced; this will make the computer system immune to that particular vulnerability. Nonetheless, if the malware spreads uncontrollably, there is nothing much that an attacker can do. It is not possible to seize the attack. In this scenario, an attack may only release information about this certain vulnerability so that someone else can fix it. However, a state is highly unlikely to do so, especially if the damage is extensive. It would not only cost the state diplomatic consequences, but also it might severely impact its reputation.
An AI-enabled cyberattack could perhaps fulfill its potential. That means involvement of artificial intelligence. AI systems could make digital programs more precise, controlling the spread. In contrast, it could also lead to a greater collateral damage, if a system decides to target other facilities that may result in human death. Similar concerns are raised in the area of autonomous weapon systems in regard to the need of leaving decision-making to humans and not to technology. AI technology has a potential to make existing cyberattacks more effective and more efficient (Schaerf, 2018).
Aforementioned concern leads to another and affects the end result. When a certain weapon is employed, it is believed to achieve a certain goal, e.g. to destroy a building. With cyber capabilities, there is no such certainty. In the
Alternatively, the true costs of cyberattacks may be uncertain and hard to calculate. If that is so, an attacker faces high level of uncertainty, which may also prevent them from a malicious act (particularly, if nation states are involved). However, the costs and the benefits may always be miscalculated, and an attacker hoping for a better gain may lose much more in the end (e.g. consider Pearl Harbour).
Another concern refers to the code becoming available to the public. If it happens, it can be copied, re-used and/or improved. Similar concerns in regards to proliferation and further collateral damage emerged when Stuxnet code became available online. An attacker may launch a cyberattack, and if it is discovered, another hacker can reverse engineer the code and use it against another object. Moreover, the code can be copied, improved and specialized to meet the needs of another party. Technology is becoming more complex, and by discovering a malware developed by others, it also takes less time to produce a similar program and/or develop something stronger. (For instance, after Stuxnet, more advanced malwares were discovered – Duqu and Flame).
Furthermore, there are other difficulties with the employment of cyber offensive technology. In order to maximize its result, it should be supported by intelligence. In case of Stuxnet, an offender needed to pinpoint the location of the facility and the potential equipment involved. It has to find zero-days vulnerabilities that are extremely rare and hard to find. Cyber vulnerability is all about data integrity. It should be reliable and accurate. Its security is essential in order to run an industrial infrastructure.
After pinpointing vulnerability, security specialists need to write a specific code, which is capable of bridging through an air-gapped system. In case of Stuxnet, all of abovementioned operations required a certain level of intelligence support and financial capability. These complex tasks involved into development were exactly the reason why Stuxnet was thought to be sponsored and/or initiated by a nation state. If intelligence is lacking, it may not bring a desirable effect. Moreover, if cyber offense is thought to be used in retaliation, malicious programs should be ready to use (as on “high-alert”) in the event of necessity.
Regardless of some
advantages of cyber offence (like low costs, anonymity etc), this technology
appears to be unlikely for a separate use by military. There is a high level of
uncertainty and this stops the army of using technology in offence. Truth is
when you have other highly precise weapons, it does not make sense to settle
for some unreliable technology that may or may not bring you a wanted result.
Yet, other types of
cyberattacks like DDoS attacks can give some clear advantages during military
operations and give an attacker some good cards in case of a conflict. When
such attacks used together with military ground operations, they are much more
likely to bring a desired result.
 For better understanding, out of twelve million pieces of malware that computer security companies find each year, less than a dozen uses a zero-day exploit.
What are spamtraps and how to get them off your mailing list for good?
There is a silent enemy that many companies face and that focuses directly on the contact list. It is spamtraps. These are emails that are meant to catch spammers, but negatively influence mass mailings. Today we are going to find out why, and we are going to assess some actions that are easy to do to get them out of the way.
Mailing lists are generally formed by people who are interested in using a product or service of a company and who subscribe voluntarily. However, it can happen that an email appears normal-looking, but it is a spammer detector. When an email is sent to these addresses, they block it, causing a negative impact on the reputation of the brand that sent it.
Spamtraps are traps for emails, in short. They do not belong to any real person, and their only function is to block the sender of the email and mark him or her as a spammer. In this way, the brand is affected, even if the content sent has nothing to do with spam. These exist on all existing email platforms, such as Gmail or Yahoo.
Characteristics of spam traps
Although there is no simple way to find out which of the emails on your list are spamtraps, you can assess some characteristics that lead to the most frequent spamtraps. Here we can see elements such as:
- No direct relation to a person: people generally put their names when creating their emails. Although this does not happen in 100% of cases, it could be an important factor to consider if you see some emails made up of meaningless letters and numbers, for example.
- Emails with generic names: Generic names are not a good sign, even though many companies use them as a means of communication. To separate those that are real from those that are not, it is possible to check the domain of which the emails are part. For example, there may be emails in a list that start with the word sales@XXXXXX. What completes the part of the X’s will tell us what the chances are that it is a spamtrap. In any case, be aware that it is very unlikely that a company will subscribe to a newsletter using this type of email.
- Abandoned emails: Technology has come a long way in recent times, and this has led to the use of new ways of communicating. Nowadays, it is very unlikely that there are people who subscribe to a list with a Hotmail email address. It is therefore essential to check, if you have one, that it is not an abandoned email that can be used with ISPs because they are no longer in use.
- Misspelled emails: This is a very common situation that occurs, especially when double confirmation is not used. In this case, it is possible that a person enters the mailing list with a misspelled entry and then the result is an email that ends, for example, in @gml.com. You have to be very careful with these. The recommendation is to always run the confirmation to ensure that it is a real and operational address.
Actions to take to verify spamtraps on the mailing list
Now that we have an idea of what we can look for in the list and target what looks the most suspicious, we can define a series of actions to take in order to detect whether the list is clean or whether there are any harmful elements present.
The first thing to do is to review your entire contact list. This can be a tedious task when you have a large number of subscribers, but it is worth the effort. If in this first step you got several suspicious emails, you should flag them to check their behaviour in the following points.
Then, it will be time to evaluate the results of the email marketing campaigns sent previously. In these campaigns, you will get a history of very interesting data that will tell you how many people generally open the emails, those who do not, etc. The important thing here is to assess whether the values shown in the history are more or less constant or have suffered a significant decrease in recent days. If this is the case, it could be due to spamtraps.
It is common for these problems to become apparent when a number of new users join the list. It is possible that among them there is an email that works as a spam trap. The simplest solution to recognize if this is the problem is to perform a segmentation and send an email to the members of this new list and verify the results.
Finally, you will need to check if the domain you are using is on the block list. This is an essential step to know if you really have a problem or not. Doing this on a regular basis is key to avoiding problems.
Segmentation as a working strategy
Working with email marketing software that allows the segmentation of the mailing list is a benefit that will remove problems later and, of course, spamtrap detection is one of them. Thanks to segmentation, it will be possible to create groups of users to whom certain campaigns are sent and evaluate the response they have.
Mailrelay is the best option in this regard because it offers the possibility to segment and also to validate the statistics. With the statistics you can measure the percentage of clicks that were made and that can give us an important guide, since this is an action that can only be performed by real people.
Nowadays, there are already robots capable of opening emails that arrive at your server, so the open rate is no longer a valuable statistic in this regard.
After you are clear about which contact segments are performing well, you can continue to work with them as normal and separate those that are not performing well to validate them later. It is better to keep fewer subscribers than to risk having your domain blocked and losing your entire list.
9 Ways to Keep Technology from Slowing Down Your Business
There’s no doubt that technology has made our lives easier. We can now do things we never thought possible, like communicating with people all over the world in an instant or order items from the comfort of our own homes. However, with great power comes great responsibility- and for business owners, this means making sure that technology doesn’t slow you down. Here are nine ways to keep your business running at full speed.
Make a Plan
Technology can be unpredictable, so it’s important to have a plan in place in case of any malfunctions. This includes having backups of your data and creating disaster recovery plans in case of emergencies.
Keep your software up-to-date, as well as your operating system and hardware. Outdated software can cause compatibility issues and make your devices run slower.
Use the Right Tools
Using the right tools for the job is essential when it comes to technology. If you’re using an outdated program or device, chances are there’s a better, faster option out there that will suit your needs. Even shortcuts are important tools, like automatic cache cleaner for Mac users in your company.
Creating standards for how employees use technology can help keep things running smoothly. This means establishing guidelines on passwords, data storage, backups, and any other procedures related to technology usage at work.
If you don’t have the resources internally then, it’s crucial to get help from someone who knows what they’re doing. This can be a tech-savvy friend or coworker, an IT professional if your budget allows for it, or even just reading articles online about how best to use specific devices/software programs.
Invest in New Equipment
Upgrading equipment regularly will help keep things running smoothly and make sure that there aren’t any compatibility issues with new software releases. It also ensures employees always know what tools are available when needed without having them search through piles of old files looking for something specific like an outdated version of Microsoft Word or Excel that won’t work with the latest operating system they’re trying to install on their computer.
Create a Backup Plan
Having multiple backups of your data makes it easy to recover files after an emergency situation like a power outage, hard drive crash, or (heaven forbid) a hacking, so you can get back up and running as soon as possible without losing any valuable information.
It’s vital for employees who use technology regularly at work, such as those in IT departments, customer service positions, etcetera – to have training sessions on how best to utilize whatever type of device/software program they’ll be using daily. This will help them avoid making mistakes which could lead to major problems down the line if left unchecked by management personnel. Allowing users time off from duties during these training sessions will also ensure they’re not distracted while learning new skills that may be required on some projects within their company.
Keep Your Data Secure
Keeping your data secure is essential to any business, and this means more than just backing it up regularly or installing antivirus software. For example, it’s important for companies who deal with sensitive information about clients/customers, etcetera – take steps such as encrypting emails containing personal details before sending them out across networks which can sometimes have vulnerabilities (e.g., open Wi-Fi). You should also train employees on how best to utilize whatever type of device/software program they’ll be using daily so there will never again be confusion over what needs doing when dealing with confidential files work.
7 Practical Ways To Keep Your Kids Safe Online
The internet has many advantages to offer kids. Used well, it can be an infinite source of knowledge and an excellent communication tool for kids.
However, the internet can also be a dark and scary place. It has its fair share of bullies and cybercriminals out to take advantage of innocent children. Add to that a plethora of inappropriate content, and it is understandable why many parents would rather not allow their kids to use the internet.
But in this day and age, forbidding your children from accessing the internet is simply impractical.
So, what is a concerned parent to do about keeping their kids safe in the jungle that is the internet? Here are seven valuable tips to help you in your quest.
It may surprise you how far behind most parents are when it comes to tech matters. First, however, the vigilant parent must learn how the internet works to guide their children safely through its murky waters. This requires you to:
- Know how different social media platforms work
- Be able to operate the programs your kids use
- Have a good grasp of the content your kid’s favorite websites
If you come across as tech-savvy, your kids will view you as an authority on internet matters. This makes them more receptive to any advice you offer regarding safe internet use.
Consequently, they’re less likely to engage in inappropriate internet conduct.
As a parent, the best way to keep your kids safe in any environment is to teach them how to make good decisions. This is the same approach you should take with the internet as well.
Start by making your kids aware of the dangers that lurk online. Discourage them from sharing sensitive information on the internet, and explain the impact of leaving undesirable digital footprints. Help them see that they should use the internet cautiously.
Additionally, it would be best to tell your kids how you expect them to behave online. Set ground rules around internet and tech devices, like limiting their screen time and asking that they don’t use their devices in the bedroom.
Another clever way to stay informed about what your kids are doing on the internet is to join their social circles. Follow them on Instagram, befriend them on FaceBook, and watch their TikTok videos.
Granted, they may not be very keen on being your friend on social media sites. But this does not mean that you should give up. If they are resistant at first, make it a precondition to accessing their devices. They will likely comply.
Use Parental Controls
An excellent way to put your mind at ease is to use parental control software on your children’s devices. These include filters that restrict your kids’ access to potentially inappropriate content.
You could also use software that limits how much time kids can spend on their phones and tablets. If you think that your children are engaging in risky online behavior, you can install the best spying app for iphone on their devices.
This allows you discreet yet unfettered access to their every activity, enabling you to act promptly on suspicious activity.
In addition, spyware is highly effective with older kids who know how to erase their search history.
Put Devices in a Public Place
One of the best ways to ensure that you are always aware of your kids using their devices is to have them in a public place. Place the monitor such that you can quickly glance over it and get a general idea of what your children are viewing.
You can also have a rule prohibiting screens in the bedroom where it is difficult to supervise your kids.
However, this is not to say that you should be a helicopter parent. You don’t want your kids to view you as overbearing and controlling. Instead, you want them to know that you can see what they are generally doing but are happy to allow their independent internet exploration.
Use Tech With Your Kids
As a parent, embracing technology can open communication channels, you never imagined. Kids are generally more comfortable texting than speaking face to face. So take advantage of this fact and get to learn more about your kids.
Text them often to find out how they are doing. Send your kids images and videos that you find funny. If they consider you their friend, they will be forthcoming and will trust your guidance more.
Teach Your Kids What Not To Share
Be sure to teach your children never to share sensitive information online. This includes details of your home address, the school they attend, and your workplace.
Sharing this information can seriously compromise your family’s security, and this is a risk your kids should know.
Additionally, enlighten your children about the danger of sharing overly revealing photos online. If they are unsure about a specific picture, have them run the problem by you or an older sibling.
This will prevent young kids from falling into the trap of shady internet users.
Lead by Example
Finally, it would be best if you practiced what you preach. If you require your kids to adhere to any screen time guidelines, be sure to limit your use of screens as well. If you want them to be cautious in their online interactions, show them that you are careful as well.
Parents who don’t lead by example find it much harder to get their kids to comply with their safe internet use guidelines. If you are irresponsible online, you won’t motivate your children to practice responsible online behavior.
What’s worse, they might copy your actions and potentially expose themselves to danger.
Keeping kids safe online requires a lot of parental involvement. You can start by befriending your kids, asking them to communicate often with you, and regularly checking to see that they are using the internet responsibly.
Additionally, you can use parental control software to ensure that your kids are safe online. If you follow these tips, you will find it much easier to protect your kids from the dangers of the internet.
Here’s How to Boost Employee Satisfaction Today
Tighten Up Your Customer Service In These Ways
How to Supercharge Your Construction Company’s Customer Service
Improving Fleet Efficiency
Here Are The Pros Your Business Desperately Needs
Technology9 months ago
What are spamtraps and how to get them off your mailing list for good?
Health12 months ago
The Stigma Behind Anabolic Supplements
Business6 months ago
Do’s and Don’t’s of Firing People
Health10 months ago
How to Look After Your Health Despite Your Disability
Business9 months ago
Turn Your Passion into a Career: How to Make Money Doing What You Love
Business7 months ago
Best Strategies to Create an Comfortable Atmosphere in Your Restaurant
Sports10 months ago
Discover the best sports accessories shop
Business9 months ago
Top Tips for Moving Your Business to an Office