Category Archives: newsmaker interviews

Security Intelligence blog: Understanding the Relationship Between AI and Cybersecurity

Posted on by
Reply

When it comes to the future relationship between artificial intelligence (AI) and cybersecurity, usually the first thing most of us think about is the Terminator “Skynet” scenario where machines take over the world and inflict harm on the human race. But one security professional has a somewhat more rosy view, and suggests that AI needs to be viewed across a wider landscape, both in terms of understanding how it will influence cybersecurity, and how IT can use AI to plan for its future security technology purchases.

Earlier this year, Dudu Mimran gave a speech and wrote a subsequent blog post for the OECD FORUM. Mimran is the CTO at Deutsche Telecom Research Labs. I began with an interview at his offices Beersheva, Israel on a recent visit, along with continuing the conversation with a series of email questions.

“While the threat of cyberattacks powered by AI is increasingly likely, I am less concerned in the short and mid-term of machines making up their mind and able to harm people,” he says. Instead, “our lives are becoming more and more dependent on technology, and this will be exploited by adversaries much before we have conscious machines. Nevertheless, today most of the attackers’ goals can be attained without the sophistication in AI, and that is why we don’t see a big new wave of AI-based attacks.”

In his speech, he mentions the four different time horizons for AI and security:

  • Short-term hyper-personalization, where algorithms are getting to know us better then we know ourselves,
  • Medium-term disruptions that are based on various focused automation efforts,
  • Long-term pervasive autonomous machines, such as driverless cars, and
  • Very long-term situations such as malicious Skynet-type situations.

One of the biggest potential benefits is where AI can have an impact on malware attribution. If you know your attacker and can respond quickly, “the chances you will be hitting back your true adversary are higher if you can react in real-time,” he says.

However, “attribution is a field of cybersecurity which suffers from under-investment because it lacks commercial viability,” he says in his OECD speech. Certainly this a well-known problem, because researchers have to check so many variables such as what non-coding language the malware is written in, what cultural or political references are used, what code fragments mimic existing malware structures, and other factors. This recent blog post in the Talos blog about trying to figure out who was behind the Olympic Destroyer malware that we saw during that event is a case in point about the difficulties about attribution.

Mimran suggests two ways policymakers can improve attribution: the first one is supporting and building a joint global threat intelligence network that can track threats across different geographies, and include participation by both business and government researchers.

The second suggestion is to fund ongoing research that would help to improve attribution but at the same time preserve data privacy. “Attribution is a distributed problem, spanning across different technology stacks, systems and organizations and these central entities can help weave such a thread,” he said. He has hope, especially about new security startups that are focused on these collaboration ideas, and an initiative with the largest European banks to collaborate on shared threat intelligence.

The data privacy element is an important consideration. Mimran wrote in his own blog last year: “High amounts of personal data distributed across different vendors residing on their central systems can increase our exposure and create green field opportunities for attackers to abuse and exploit us in unimaginable ways.“

One solution to the privacy issue is some form of blockchain-based innovation. Mimran mentioned ForgeRock and others that have recently gotten funded. “The challenge for these companies is integration with the rest of the world. Identity is mostly embedded deep into online services and products and creating an external neutral entity that will enable the same smooth experience with all the services out there is a significant challenge.”

AI also has applications for other cyber defensive tactics. “We do see an initial effort of AI used as an automation tool in the SOC but these are just preliminary and somewhat premature,” he says. However, caution is advised, particularly when vendors try to oversell their tools and claim they are AI-based. One product reviewer for CSO Online makes the point of delineating between products that have rules-based detection engines and AI, “because many vendors with hundreds of rules feel they have accomplished some sort of near version of AI.” That isn’t true, and the post points out that just verifying an existing malware signature isn’t AI but mere pattern matching.

Mimran also mentioned the threat that IoT botnets have become. “The problem of IoT botnets touches on many loose ends in the way technology is built today, and there is no silver bullet for that. The best way to tackle botnets is when cooperation emerges between the hosts of the bots, along with the communication or services provider which tunnels the bots traffic and law enforcement.”

Adrian Lamo, RIP

Posted on by
3

I first met Adrian Lamo back in 2002. I was teaching a high school networking class and I thought it would be cool to have the kids experience a “real” hacker, since so many of them aspired to learn how to get into the computerized grading system that the school ran. It wasn’t a very exciting teachable moment, as I recall. But Lamo made a big impact on me, as he couch-surfed in my New York suburban apartment.

Sadly, I learned that last week he died at age 37 in Wichita, KS. The cause of death hasn’t yet been determined, and he had been living in the area for the past year, according to reports. Lamo moves around alot, thanks to a rather interesting personality that could best be described as on the autism spectrum.  When I met him, he had the symptoms of obsessive-compulsive disorder and was later diagnosed with Aspberger’s. One of his quirks was that it would take him a while to leave my apartment every morning: he had a sequence of steps to follow in a very specific order before he could walk out the door.

Lamo was a study in contradictions: both very bright and very socially awkward, a Sheldon Cooper before his time. He had a high sense of morality. At the time Lamo stayed with me, he had been arrested for breaking into several different computer systems, including that of the freelancer database of the New York Times. His method was to find an open Web proxy server and use that to gain entry inside a corporate network. (It is still a common entry point method, although many companies have finally figured out how to protect themselves.) He never profited financially from these attacks, instead he would often leave hints on how a company could close these proxies and improve their security. He was sentenced to house arrest for the Times attack.

At the time we met, he was called the “homeless hacker” – not because he was living on the streets, but because he was young and had no fixed address, and would go from couch to couch as the mood took him. I offered him a place to stay and a chance to get to know him better, thinking how cool could that be? Little did I know.

When I told my then-teenage daughter about his impending visit, she was rather incredulous (you have someone wanted by the police staying with us) but ultimately she was won over by his geek cred – she had a problem with her cell phone that she recalls him fixing in a matter of seconds.

Well, Lamo went on get a degree in journalism, ironically enough. He was very connected to the tech trade press, and Brian Krebs recalls his various interactions with him in this post.

Lamo is remembered in various tributes in the past few days with his role in the Wikileaks/Cablegate case of 2010, when he divulged the name of Private Manning to the feds as the leaker. Both then and now, his decision was vilified in the hacking community, with numerous online threats.

I had a chance to speak to Lamo back in 2011 and recorded the interview for ReadWrite, where I was working at the time. It covers a lot of ground:

He has some very wise comments about the importance of government secrecy, and the freedoms that it enables for us all. Lamo saw the Manning case from the other side, as a case that would be eventually remembered supporting our freedoms. It was a real issue for him, because as a hacker he could certainly understand what Manning was trying to do, but as someone who also understood the role of our military he couldn’t in good conscience allow her to leak all that data. When Manning contacted Lamo he had a crisis of conscience and made his decision. He struggled over harming Manning, whom he considered a friend, or harming countless others who would be placed at risk because of Manning’s leaks. He wishes Manning had come to him before making the documents public.

This is certainly an interesting position for a hacker to take, to be sure. He was vilified in the hacker community because of it, but I think he made the right decision. “Who would have thought that when we first met ten years ago that I would have been involved in the single biggest intelligence leak in history,” he told me. How true.

He continued to work as a security consultant, helping corporations understand better security practices as well as going out on the speaking circuit. Ironically, his preferred method of communications more recently was FedEx! “I’m a little bit of a Luddite these days,” he said.

Lamo left this planet far too soon. He was a very smart guy and had a very solid moral compass, and those two traits guided his actions all his short life. I am sad that he is no longer with us, and hope that his life can be noted and celebrated for his accomplishments, verve and significance.

Security Intelligence blog: An Interview With IBM Master Inventor James Kozloski on His New Security Patent: The Cognitive Honeypot

Posted on by
Reply

What does a master IBM inventor who typically models brain activity have to do with making enterprise networks more resilient to spear phishing attacks? If you ask James Kozloski, you won’t get a quick answer, but it will be interesting.

Kozloski, who is Manager, Computational Neuroscience and Multiscale Brain Modeling for IBM Research in Yorktown Heights, New York, is one of those guys who is always coming up with new ideas, and was recently part of a team of IBMers who received a patent for “cognitive honeypots,” or as expressed in the patent language, “an electronic communication evaluating device determines a suspicion level for an initial electronic communication.” You probably have no idea either what that means, so let’s take this step by step, because the invention is quite clever.

 

Most of us know what honeypots are: the concept goes back at least a decade if not longer, and involves trying to trap malware authors by simulating an unsuspecting user who happens upon an infected site. Microsoft and Google have used honepots and honeynets – collections of them – for years in this fashion, and they have been effective at locating new malware techniques. The German Honeynet Project is one such open source effort that has been useful to develop new honeypots, for example.

 

Many of Kozloski’s efforts have been in computational biology, where he uses high-performance computing clusters to simulate various neural components, in the hopes of building models on how the brain works. For example, he might want to build how to understand how the brain fails to comprehend something, or understanding what happens when it contracts a particular disease. He has worked in the past on modeling Huntington’s disease, a particular pernicious malady where brain cells degenerate over time.

 

But several years ago, he was standing by his office printing station and happened to engage another IBMer, Clifford Pickover, in a discussion about reducing the wait time for their print jobs. You know, just the average kind of conversation you and I might have, if you and I were brainy research scientists that have a bunch of patents to our names. That got him started and he hasn’t been idle since then in his search for understanding literally what makes humans tick.

 

So back to spear phishing. The issue for enterprise security managers is that they have to be ever-vigilant in detecting and preventing this spam: a single message that is acted upon by an unsuspecting user will infect the network and cause trouble. For the scammers, this means a numbers game: send sufficient emails, and eventually one or two or a few will succeed.  Kozloski’s efforts in computational biology got him interested in this topic, as he had more around-the-print-queue discussions with his colleagues at the IBM research labs in New York and around the world.

 

What if you could develop a honeypot that could mimic a clueless user, and respond to a spammer with the kind of email that would indicate the spear phishing succeeded? Better yet, what if you could overwhelm the spammer with hundreds of these false positive messages, so that it would waste the spammer’s time in trying to track down which were actual human responses, and which just were automated bots? Turnabout is fair play, after all. “The trick is doing this in such a way that it isn’t distinguishable from a human subject’s response,” he said. “For example, it could mimic an elderly user who is responding to an email about winning a lottery or someone in supposedly trouble overseas, with appropriate human response.” What the genius of the idea is that it consumes the most critical resource for the attacker, his time.

 

The honeypot project is an active area for IBM research, and while no current product actually exists from this patent, you might keep a lookout for one in the future.

 

Kozloski has been at IBM since 2001 and has written ten papers and had a hand in more than 100 different patents. He joins a small group of several dozen master inventors at IBM such as Lisa Secat DeLuca who are recognized by IBM for their contributions to the company’s prolific patent prowess. Last year was a bumper crop of more than nine thousand patents issued to IBM inventors, once again putting IBM in the lead for 25 years in this tally.

 

Being a master inventor usually means a three-year term and you are evaluated to see if your activities are worthy of an additional term. As part of his efforts, he leads regular workshops teaching other IBMers on how to better collaborate to come up with inventions. Does Kozloski feel any day-to-day pressure to come up with his own new ideas? “It is a cool title, to be sure,” he told me in a phone interview. “But it more about the work with my team and being recognized for doing something innovative.” His team stretches around the globe with IBMers in Israel and Hungary, who helped formulate the honeypot idea. “Being a single inventor is hard, because when you are a part of a team you can leverage each other’s skills and interests and be more productive,” he said. It is like that African proverb, “If you want to go quickly, go alone. If you want to go far, go together.”

 

 

Notable TechWomen, in honor of Ada Lovelace Day

Posted on by
Reply

The TechWomen program brings emerging women STEM leaders from around the world to the Bay Area for five weeks of mentoring and career development. Sponsored by the US State Department and run by the Institute of International Education, over the past six years it has brought more than 400 women here.

I spoke to two of the women that are taking part in the program, both are 32 and from different parts of Africa. Martine Mumararungu runs the core traffic engineering for a Rwanda ISP and has a BS in CS. She was one of seven women in her classes. “Most girls in Rwanda think STEM is just for men,” she told me. Luckily, she had an older brother and sister who were interested in science, and that sparked her own interest. She started out in programming, taking classes in C++ and Java, and got more interested in networking technology. She eventually earned her CCNA and CCNP certifications and has found them very much in demand in Rwanda and very valuable for her job at the ISP. She is using the program to learn more about IT security and how she can beef up her ISP’s profile in that area.

Umu Kamara hails from Sierra Leone where she is the assistant IT manager for a private shipping company. She got her BS in Physics and also got several Microsoft certifications. She switched to IT because she was always interested in systems and databases. She started out wanting to become a medical doctor but wasn’t accepted into the program because of low English grades. Now she is glad she didn’t go that route and likes being in IT. Her father (who died when she was four) was a mechanical engineer, and that motivated her to get interested in science at an early age. She is using the program to learn more about cloud technologies and data center security. She may try to switch her EDR products to more cloud-based ones. When I asked her about the relative bandwidth that she has in the States versus at home, she just laughed, agreeing with me that yes, here it is “a bit faster.” She also agreed that the Internet is here to stay no matter where you live, and even if you have just a marketing company you still need an online presence. “You can’t do without it.”

She experienced a data breach at her company; unfortunately, it was just after her boss left town for a seminar so she had to handle the situation. It was caused by an infected cell phone that was connected to the corporate network, and used malware-infused PDF and Word documents. She had to work long days to reinstall her servers and updates. “It was a good experience but I wouldn’t want to do it again.” The company was offline for several days and the revenue impact was huge, since ships couldn’t unload without the appropriate systems operating.

FIR B2B#70 podcast: The peculiar PR paradox of the resurrection of A.I. with Jason Bloomberg

Posted on by
Reply

“On the one hand, AI is perhaps the most revolutionary set of innovations since the transistor. But on the other, the bad press surrounding it continues to mount, perhaps even faster than the innovations themselves. And AI promises to change the role technology plays for every industry on this planet.” So writes Jason Bloomberg in a post on LinkedIn Pulse earlier this month. Paul Gillin and I sat down with him in our latest podcast to discuss some of the issues surrounding how to best publicize AI and some lessons that overall PR and marketing folks can learn from the rise and fall and current rise of AI. Bloomberg has been a tech reporter for decades, writing for Forbes and various other B2B tech pubs over the course of his career.

Jason’s post makes four important points about PR and AI:

  • AI vendors jump in with more hype than reality, what he calls AI-washing (after white-washing).
  • AI has been on the verge of being the next big thing for decades now.
  • AI will cost jobs. As if we didn’t have enough threats these days.
  • Skynet. Need we say more?

Listen to our 20 min. podcast here:

FIR B2B podcast #49: Rich Mironov on how product managers need to work together with marketers

Posted on by
Reply

Paul Gillin and I this week interview Rich Mironov, who has held marketing and product management positions at many silicon valley companies including Tandem (when we called cloud computing “timesharing”), Sybase, Air Magnet and iPass. Rich and I have worked together over the years and he is a very astute guy who understands how enterprise software is made and marketed.

You don’t want to build something that no one wants and as he says, there are no health benefits from joining a gym. And since most users only use a few functions of every product, it is important to focus on the three or four things that really matter about the product.

Listen to our podcast here:

Lessons Learned From a Master Inventor: An Interview with IBM’s Lisa Seacat DeLuca

Posted on by
Reply

Lisa Seacat DeLuca is the most prolific female inventor in IBM’s history. With more than 400 patent filings, she comes up with a new idea almost every week. She’s had numerous jobs within IBM and currently works as an omnichannel strategist for IBM Commerce. She works from her home-based Baltimore lab, which is filled with lots of different gadgets, including a 3-D printer.

I recently interviewed her for a post in IBM’s SecurityIntelligence blog here.

Remembering Ed Iacobucci

Posted on by
3

Another great tech manager has left our ranks this week, Ed Iacobucci. Ed lost a 16-month battle with pancreatic cancer. I last saw him two years ago when I was transiting Miami, and he was good enough to meet me at the airport on the weekend to brief me on his latest venture on desktop virtualization, Virtual Works. That is the kind of guy he was: coming out to the airport for a quick press meet on the weekend. There aren’t too many folks that would do that, and it shows the mutual respect we had for each other.

Ed was one of the originals in the PC industry. By that I mean that many of his ideas turned into products that we are still using today, or with companies that have gone on to become giants. He worked for many years as the IBM PC brain trust, first in their mainframe communications area and later on was one of the leads for the misguided OS/2 operating system. Both were big interests of mine and I followed his career since then.

You have to realize what a study in contrasts working for the PC division of IBM was back in the day. You had all these upstarts (such as Apple, Kaypro, Columbia, Osborne, and the like) that were building clones to run DOS. These companies were for the most part populated by people in the their 30s. Not at IBM: you had older folks who had come up the ranks in the mainframe world that were taking things into a new direction for IBM: using commodity parts that could be assembled quickly for very low cost. Ed was part of that revolutionary guard at IBM. Now IBM doesn’t even make PCs anymore.

You also have to realize what things were like in the early PC days for the trade press too. Aside from the fact that our publications used dead trees instead of electrons, we had tremendous access to these guiding lights of the industry. We could call up anyone and get anything. We would fly somewhere on a moment’s notice to meet someone or attend a briefing to see a new product.

Back in the early PC era, I just loved people like Ed: smart, articulate, open, funny, and did I mention smart? Tech reporters soaked up the information about their products, their worldview, their “vision” (although that term is overused now). We could always count on the ilks of Ed to ‘splain somethin’ and give us a pithy quote that actually shed some light on a tricky tech topic. I have forgotten more about operating system design that I learned from Ed than most reporters even know today.

When OS/2 was still a project that combined the best and brightest of IBM and Microsoft, I was writing my first book with Mike Edelhart, who was my mentor and editor at PC Week (now eWeek). The book, like the operating system, went through several revisions as we waited for it to take off and become the corporate standard. Sadly for us (and them), that never happened and the book was never published.  Mike and I did have some cool and memorable experiences: holing up at a hotel on Coronado Island to finish the first draft, scheduling a press briefing in Austin where 60 IBM’ers came to brief a few PC Week reporters the secrets and inner workings of OS/2, and getting to meet the cast of Star Trek: The Next Generation at another press briefing (as one version of OS/2 was called Warp).

Ed left IBM in 1989 to found Citrix, which was a very small company for several years until it became the software behemoth that it is today. That began his next career in virtualization, something that he was still working on at his death.

After Citrix he left the tech field temporarily to found NetJets, a time-sharing company for business aircraft. Just like his other startups, he was way ahead of his time: now there are many jet sharing companies around. I always regret that I didn’t get in touch with him during that era and get a chance to ride on one of his jets (a guy can dream, right?).

In the release announcing his death, he is quoted as saying “Every human being has his own vision of what’s happening in the future. I was lucky in that what I thought would happen did happen. When we know we can do it and the rest of the world doesn’t – that’s when things get interesting.” It sure does. It was a honor to know him.

So long Ed, and thanks for the wonderful memories and terrific times and great products over the years.

Houston, give us a reading on the 1202 program alarm

Posted on by
2

Like many of you that grew up in the 1960s, I have been spending a lot of time online looking at the various commemorative links to the Apollo 11 moon landing that happened 40 years ago this week. I found it fascinating, not just because the event was such a key moment in my teenaged nerd life, but also because it shows how we managed to triumph over technology that wouldn’t even be found inside your average watch today, let alone a cell phone or computer.

The Apollo spacecraft had three different display units onboard, running two computers: one in the main command module and one in the lunar module. Both weighed 70 pounds, ran at 1 MHz and had about 152 kb of memory.

To get an idea of how primitive the guidance computer was, you didn’t have a typewriter interface or a display screen, but a box with mostly numeric input that you had to key in “nouns” and “verbs”. You can go here and try the simulator.

The first moon landing was beset with problems. Armstrong had 17 seconds of fuel remaining, after having to take manual control over the lunar module and fly past some obstacles. The site was four miles off course because the module wasn’t completely depressurized when it separated from the command module – a small amount of gas pushed it off course.  And during the descent, several people (including the New York Times at the time here) documented how many times the guidance computer would get overwhelmed with data inputs and had to be rebooted, because Aldrin had not set one of the radar switches properly and it was filling up the computer with too much data. A young engineer, Stephen Bales, made the critical decision to ignore these warnings.

There are probably hundreds of Web sites with various tributes to the space program, I will just mention two places that I enjoyed reading. First is a special report compiled by EE Times, which has eyewitness accounts from a few of the engineers who worked at NASA, along with a teardown of the space suits used and other technical info about the program. It also has a link to a real-time visualization “experience” that you should definitely try out.

The other is a list of numerous technological achievements from the space program that have found their way into our lives. And while Tang isn’t on the list (and it is dubious whether it should be), there are lots of other things showing just how much innovation NASA had to do to put two men on the moon and bring them back home safely.

How to create a viral video

Posted on by
Reply

Ever wonder what it takes to create a viral video? As someone who started out in college as a physics major, it is gratifying to see people like Stephen Voltz, Fritz Grob and Walter Lewin become famous, at least on the Internet. These people might not be household names like the Spears clan, but at least they are doing things that I can be proud of.

Voltz and Grob are the guys behind Eepybird.com, the people that combine Mentos with Diet Coke to create geysers of exploding soda and some very entertaining videos. Their videos have been downloaded millions of times and enjoyed by people all over the globe.

Paul Gillin and I got the chance to chat with them this week on our TechPRWarStories.com podcast series. (For those of you that haven’t yet subscribed, each week we talk about new media topics that would be of interest to public relations and marketing professionals, as well as interview leading luminaries and interesting people.)

What is fascinating is how quickly the duo became famous: within a week of uploading their first video, they were booked on all the major talk shows (and this is back when these shows had writers so the competition for guests was tough). Voltz and Grob talked about having excellent video production values isn’t quite right for their audience: like so many things on the Internet, Just Good Enough Production is really what counts, and getting across a Just Plain Folks sensibility is really the best path towards more click-throughs. Plus, seeing all that spraying soda helps, too.

You can download the podcast here and hear directly from them about why they do what they do.

Contrary to popular belief, the duo has had plenty of support from the marketing arms of both Mentos and Coca-Cola companies. As you might imagine, they consume a lot of product for their backyard experiments, and they told us that a lot of planning and testing goes into setting up the final shots that you see online – sometimes these three minute videos take months of preparation. They now devote themselves full-time to their experiments, and have gone on the speaking circuit and done them live at various cities, soaking volunteers with soda geysers.

Lewin is an MIT physics professor who is also a download king, but his videos are educational rather than pure entertainment. His videos are the actual lectures that he gives his undergraduates, and are part of the MIT Open Courseware project. MIT has put 1800 of its courses online over the past several years, and now has some of them available in ten different languages including Thai, Chinese and Spanish. If you need to brush up on your intro to physics, you can start with this link here.

It is nice to see all three guys become notorious, and I mean that in only good terms.