Inside the Cunning, Unprecedented Hack of Ukraine’s Power Grid

Wired offers an in-depth look at how hackers crippled Ukraine’s power grid last year. Very interesting that they deployed TDoS attacks to flood the power company’s call centers so nobody could call in to report anything:

[…] they launched a telephone denial-of-service attack against customer call centers to prevent customers from calling in to report the outage. TDoS attacks are similar to DDoS attacks that send a flood of data to web servers. In this case, the center’s phone systems were flooded with thousands of bogus calls that appeared to come from Moscow, in order to prevent legitimate callers from getting through.

Most enterprises probably haven’t even thought about defending against TDoS attacks, but it’s definitely a threat these days with cheap VoIP and number spoofing. Not to mention cybercriminal call centers.


The Last Days of Target

From Canadian Business, the details of how Target failed in Canada. A good case study in global IT (in particular, the bloated SAP software suite) management?

The company had also been learning more about using SAP correctly. Former employees describe decoding SAP as like peeling an onion—it had multiple layers and made you want to cry. One initiative in particular greatly improved Target’s data quality. A technology team was finally able to install an automatic verification feature to catch bad data before it could enter SAP and wreak havoc. If an employee entered a UPC that was short one digit, for example, the system wouldn’t allow that purchase order to proceed until the code was correct. The technology Target used in the U.S. has these checks and balances, as do other retailers who use SAP. Target Canada finally implemented a verification tool in 2014, according to a former employee who was involved, owing to time constraints. “This happened very late in the game.”

Emphasis mine.

A Look Inside Cybercriminal Call Centers

Brian Krebs’ blog, KrebsOnSecurity, is always a great read, especially when it’s about criminal call centers:

One of the cybercrime underground’s oldest call center services — CallMeBaby — serves a variety of swindles but specializes in helping criminals cash out dating scams. It charges $10 for each call in English, and $12 for calls in German, French, Italian, Spanish, Portuguese and Polish. […]

CallMeBaby advertises the availability of a male and female to impersonate anyone in the above-supported languages, and operates between the hours of 17:00 to 03:00 Moscow time (business hours in America).

Personally, I’ve received foreign (based on the accent of the callers) scam calls about delinquent IRS taxes, viruses on my Windows computer, and signing up for mobile service (okay, the last one may just be a legit but annoying telemarketer).

I have to wonder though: are these call centers run much like legitimate ones, where call handling time, agent performance, etc. are measured?


Vultures deserve our hugs too

From National Geographic, about the important role vultures play in the ecosystem and their declining numbers which are often ignored:

In July 2012, 191 vultures died after feasting on an elephant that had been poached and then sprinkled with poison in a Zimbabwean national park. A year later roughly 500 vultures were killed after feeding on a poison-laced elephant in Namibia. Why do poachers, intent on ivory, target vultures in this way? “Because their kettling in the sky over dead elephants and rhinoceroses alerts game wardens to their activities,” Ogada says. Ivory poachers now account for one-third of all East African vulture poisonings.

Cultural practices have also taken a toll on vultures. According to André Botha, co-chair of the vulture specialist group at the Inter­national Union for Conservation of Nature, many of the birds found at poached carcasses are missing their heads and feet—a sure sign they’ve been sold for muti, or traditional healing. Shoppers at southern African markets have little trouble buying body parts believed to cure a range of ailments or impart strength, speed, and endurance. Dried vul­ture brain is also popular: Mixed with mud and smoked, it’s said to conjure guidance from beyond.

Still, the biggest existential threat to African vultures remains the ubiquitous availability and use of poisons. FMC, the Philadelphia-based maker of Furadan, began buying back the compound from distribution channels in Kenya, Uganda, and Tanzania—and suspended sales in South Africa—following a 60 Minutes segment on lion poisonings in 2009. But the compound, in generic form, persists. Agriculture is the second largest industry in Kenya, and the nation has a long history of using toxins to combat outbreaks of disease and pests. Anyone can walk into a Kenyan agro-veterinary shop and, for less than two dollars, buy highly toxic pesticides off the shelf—to kill insects, mice, feral dogs, hyenas, leopards, jackals, and even fish and ducks meant for human consumption. (Poachers claim, erroneously, that removing the animal’s entrails, then slowly roasting the carcass, detoxifies the flesh.)

Had no idea that vulture parts were sold for misguided medicinal and spiritual purposes. I hope this brings more attention to saving these magnificent birds, on the same level as elephants, dolphins, and whales.

Feds raid Chinese hoverboard booth at CES

Bloomberg reports on Thursday that U.S. Marshals raided a Chinese hoverboard booth at the Consumer Electronics Show at the request of Future Motion, maker of the Onewheel:

Future Motion first found out about the Changzhou First International Trade product late last year, when a Onewheel user posted about it in an online forum. A listing by the Chinese company on Alibaba’s online marketplace promised to provide some 2,000 boards per month for about $500 apiece to retailers. (Future Motion sells the Onewheel for $1,500 through its website.) “We said, ‘Wow, that’s clearly a knockoff,’” Doerksen said. According to Alibaba’s website, retailers in Iceland, Germany, and the U.S. bought about $70,000 worth of products.

In December, Kolitch sent a letter to Changzhou First International Trade demanding that it stop selling the products. He never heard back. Kolitch tried again the day before the show floor opened, by approaching the booth directly but got nowhere. By 3:30 p.m. on Wednesday, Onewheel filed a request with a judge to stop the Trotters from being displayed on the show floor.

Chinese knockoffs are everywhere these days so I’m not surprised to see this. Kudos to Future Motion for defending their intellectual property especially on American soil. The Chinese company was given multiple opportunities to resolve the matter before coming to CES, but clearly it didn’t care.

Christian father makes unique videogame about life with his dying son

Wired profiles Ryan Green, gives readers a glimpse into his life with a dying son, his Christian faith, and the inspirations for his videogame, That Dragon, Cancer:

Green began working on That Dragon, Cancer in November 2012. Joel, who had been diagnosed with a rare and aggressive form of cancer just after his first birthday, was approaching the age of 4. Green and his wife, Amy, lifelong devout Christians, saw this longevity as a miracle; back in November 2010, when Joel developed a new tumor after several rounds of chemotherapy, the doctors had declared him terminal, placed him on palliative care, and given him at most four months to live. The Greens had spent much of the next two years celebrating small victories and enduring crushing setbacks. Tumors that shrank, or even disappeared, then reemerged with greater vigor months later. Steroids that filled Joel with a powerful rage. A tumor that pressed on Joel’s optic nerve, causing his right eye to turn inward.

Green’s idea to make a videogame about Joel came to him in church, as he reflected on a harrowing evening a couple of years earlier when Joel was dehydrated and diarrheal, unable to drink anything without vomiting it back up, feverish, howling, and inconsolable, no matter how Green tried to soothe him. He had made a few games since then and had been thinking about mechanics, the rules that govern how a player interacts with and influences the action on the screen. “There’s a process you develop as a parent to keep your child from crying, and that night I couldn’t calm Joel,” Green says. “It made me think, ‘This is like a game where the mechanics are subverted and don’t work.’”

Not very often do you read an in-dept article about faith, family, a dying child, and videogames. A very touching read. Well done, Wired.

NYC to get free Google WiFi soon

Fortune reports on LinkNYC, the project to bring free WiFi to all five boroughs of the city:

Each Link will also put out a strong 400-foot Wi-Fi signal with a top speed of 1 Gbps, depending on network congestion.

When New York decided to build the Link network, it contracted with a group of four companies: Qualcomm; the chip designer Comark, which builds the physical kiosks; Titan, a display advertising firm; and Control Group, which was the company leading the strategy for the effort. In June, Google’s Sidewalk Labs subsidiary was a investor in the move that resulted in Titan and Control Group merging to become Intersection.

Each Link kiosk will also have USB ports for charging and two large screens to display advertisement (after all, it’s a Google product).