Experts in cyber defense usually assume that attackers are the smart ones. They are the ones with zero-day vulnerabilities, social engineering schemes, and obfuscated malware. They are the ones who reconnoiter a target for months or years — and once inside might go undetected for just as long.
But over the last few years, interest has been mounting in countering these asymmetries through active defense: “synchronized, real-time capability to discover, detect, analyze, and mitigate threats and vulnerabilities… using sensors, software, and intelligence…” [DoD 2012].
One particular type of active defense is deception.
Australia rolled out its Covid-19 contact-tracing app about two weeks ago. In the US, at least three states have advertised their own apps, and in Europe Covid contact-tracing apps are scheduled for release in Italy and Germany. Singapore’s app debuted several weeks ago.
Meanwhile, Google and Apple are teaming up to offer their own contact-tracing solution.
With worldwide Covid deaths at a quarter-million and restrictions being loosened in many countries near their peak number of active infections, we need good data about who has the virus and whom they might infect.
But which of the contact-tracing apps are best? Why…
The last five years have seen massive data breaches.
Attackers grabbed 56 million credit card numbers from Home Depot in February of 2014. In 2015, they made of with 80 million records from health insurer Anthem, Inc. Later the same year, the U.S. Office of Personnel Management failed to protect the background checks of 21.5 million federal employees. Since then, we’ve seen huge breaches of Equifax, Marriot, and British Airways.
And it’s all but certain that more breaches will follow in the years to come.
Despite that, I’d wager that lost data won’t be the worst cyber consequence in the…
The fusion of the Internet of Things (IoT), social networks, and machine learning are enabling tech companies to not only collect data about reality, but to influence reality itself.
This is the topic of a 2015 article by Harvard Business School Professor Emeritus Shoshana Zuboff. She calls the phenomenon “surveillance capitalism.” It’s similar to what engineers call “feedback control” — more specifically, an emerging phenomenon called “human-in-the-loop” (HiTL) feedback control.
Feedback control in the US and Soviet Union
In the 1950s and 1960s, the Cold War fostered a fierce race to explore and dominate outer space. Realizing that satellites and…