What Did We Learn From The Cyber Shockwave…March Madness Can Cripple Our Infrastructure

Just this Tuesday, February 16th 2010, the Bipartisan Policy Center hosted a mock cyber attack called Cyber Shockwave. The aim of this simulation was to understand the impacts of a cyber attack and assess infrastructure capability during such an incident. There are many articles explaining the motive and results of this simulation, and post mortem is still coming as we speak.

So, what did the simulation entail? It depicted a war game taking place in 2011 – basically an application installed on smart phones during ‘March Madness’  thatturned out to be a malware. This hypothetical malware affected telecom and IT infrastructure throughout the country, with the result actually bringing down the nation’s cellular network...but there is more. According to an article from ‘The Atlantic Wire’:

“Later, two bombs disabled the country's electricity network and destroyed gas pipelines... Soon 60 million cellphones were dead. The Internet crashed, finance and commerce collapsed, and most of the nation's electric grid went dark. White House aides discussed putting the Army in American cities.”

Also, according to an article from DarkReading:

Read more

Online Shopping Sites May Be Sharing Your Credit Card Data

The Attorney General of New York is investigating a large group of online retailers to see if they have been sharing your credit card data with third parties without your knowledge or permission. In a press release, the AG's Office details the scheme, including the fact that you may unknowingly be giving someone other than the retailer you are shopping with your credit card number:

"Information about joining the membership program and its ramifications, including the fact that the consumer is agreeing to transfer his or her credit or debit card account information, is buried in fine print and cluttered text."

My gut tells me that this violates the spirit, if not the letter, of the PCI Data Security Standard.  According to the PCI DSS:

"Additionally, merchants and service providers must manage and monitor the PCI DSS compliance of all associated third parties with access to cardholder data."

It is probably safe to assume that the business agreement around the data sharing identified by the New York AG's office did not include language surrounding PCI compliance.
An MSNBC story on the investigation puts it this way:

Read more

Categories:

Q4 2009 IT Market Data As We Expected Shows End of Tech Downturn

The first reports on the IT market in Q4 2009 are now in, and they are in line with our prediction that the tech market recession ended in that quarter (see US And Global IT Market Outlook: Q4 2009). Overall, the tech market in Q4 2009 was more or less flat with the same quarter the year before – an improvement from prior quarter when growth was negative, and evidence that the 2010 tech market will post positive growth. 

  • The US economy was stronger than expected, by 5.7% real GDP is an aberration.  The US Department of Commerce released preliminary data on Q4 2009 economic growth, and the results was a surprisingly strong 5.7% in real GDP, 6.4% in nominal GDP from the previous quarter (on a seasonally adjusted annualized basis).  However, about two percentage points of that growth was due to inventory re-stocking, which will not be repeated in future quarters.  And based on prior GDP reports, this growth rate will probably be revised down as new data comes in.  (In Q3 2009, the growth rate in real GDP started at 3.5%, but ended up revised down to 2.2%.)  Still, this report confirms that the US recession is over, and slower by steady growth is likely for the rest of 2010.
Read more