Security

Health care and Cyber-attacks

An Opte Project visualization of routing paths through a portion of the Internet. (http://creativecommons.org/licenses/by/2.5) via Wikimedia Commons.

Sadly, one of the most common cyberattacks is upon health care centers, particularly ransom-ware attacks upon hospitals. While digital records and telemedicine are proving essential during the COVID-19 pandemic, hospitals’ reliance upon digital resources also make our health care systems vulnerable to attack. As this article by Jocelinn Kang and Tom Uren says, cyber-defense efforts now need to prioritize our health care systems.

If you are interested in hearing more about global topics, please listen to my podcast, Dispatch 7. You can find it on Spotify here, or by searching whichever podcast platform you prefer.

Shawn Smallman, 2020

Turkey’s strikes in Syria

“Chest X-rays, 3D Image of lungs, Sagital Plane Image” by Praisaeng at freedigitalphotos.net

With the COVID-19 pandemic rampant, it’s easy to forget that other world events are still taking place, and with good reason. No other events now matter as much. Even so, after 33 of its soldiers were killed by the Syrian military (or perhaps by a Russian airstrike) last month, the Turkish government launched a devastating counterstrike against the Syrian military on February 27, 2020. The use of drones and other technology simply overwhelmed the Syrian armed forces, and let to the destruction of even the most sophisticated Russian equipment, such as the Pantsir anti-air systems. As usual, the Oryx blog has the best information. The list of destroyed military equipment on this website is striking. For example, the Syrians likely lost 32 tanks, which they could ill afford, and eight aircraft (mostly helicopters). …

The South China Sea

Are you looking for an online resource that students might use to quickly understand the South China Sea dispute between China and its neighbors? You could do much worse than this brief video that was shared on Twitter. I know that we sometimes think of Twitter as the host for emotional oversharing, Russian bots and disinformation campaigns, but @9DashLine and @SCS_news are good feeds to follow if you want to keep abreast of the latest information on the South China Sea issue.

Shawn Smallman, 2020

Facebook, Twitter and Security

Image of globe on light, Arts Building, McGill University. Photo by Smallman

Last quarter I was  teaching a fully online course Digital Globalization, while this quarter I am teaching an online class on Cyber-warfare and espionage. In these courses we cover topics such as  Snowden, Wikileaks, Anonymous, white and black hat hackers, NSA, zero day exploits, the Panama Papers and the Cambridge Analytica scandal. What’s interesting is the division within my students regarding privacy. There are a minority of students who are unconcerned about the issue because they feel that if they haven’t done anything wrong, why should they worry? But there is a much larger group of students who feel that this is a significant anxiety in their lives. Although they worry about the government tracking their activities, they are even more concerned about how their lives are tracked by businesses. Every time they go on social media, have a sensitive conversation near Google Home or Alexa, or text message a friend, they wonder a little about how their digital lives make them vulnerable.

Whats amazing is how little security is built into many online platforms. But few platforms have faced as much criticism as Facebook. To help understand why, you might read this post by Krebs on Security: Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years. As the article explains, this meant that Facebook’s employees could have accessed peoples’ accounts over a very long period, although Facebook says there is no evidence that they did. Since people often reuse passwords, this was a terrible security breach. Facebook is key to many peoples’ social lives. But given its flaws, it’s worth remembering never to reuse passwords, especially with Facebook. It also wouldn’t hurt, to enable two-factor authentication on key accounts (such as your bank), and always use a VPN on public wifi.

Of course Facebook isn’t the only social media tool that has security vulnerability. One of the best ways to keep in touch with digital issues is through Wired magazine, which had a recent article
Twitter Insiders Allegedly Spied for Saudi Arabia. In this case, what happened was that two employees were able to access accounts, and to pass on this information to Saudi Arabia. Social media is a wonderful tool. But one of the key concepts in my digitally focused classes is that there is no absolute privacy online, only relative privacy. This fact cannot be escaped by using the Dark Web, as the Egotistical Giraffe exploit with TOR showed. Remember what happened on the Silk Road with the Dread Pirate Roberts (yes, named after a character in the movie, the Princess Bride). Even the most savvy digital user leaves breadcrumbs. No software tool, VPN, or hardware can elide this fact. And in the age of the Internet Archive, nothing online truly disappears. This doesn’t mean that social media can’t be a wonderful tool. But its worth remembering when you use social media to convey sensitive information, or politically loaded content. And we collectively need to hold the giant social media companies (as well as as other corporations with data, including health records)  to account for lax security. And if you can bear it, just delete Facebook.

Shawn Smallman, 2020

Iran, history and War

Last Thursday, June 13, 2019, two tankers traveling in the Gulf of Oman were struck by explosions. The crews of both ships were quickly evacuated, and there was no loss of life onboard. The United States’ Secretary of State Mike Pompeo quickly announced that Iran was responsible for these strikes. The U.S. government released military footage that it said showed an Iranian ship removing a limpet mine from the side of one of the tankers. There had been an attack on four other tankers within the last month. The U.S. alleged that Iran was carrying out these assaults because of U.S. pressure regarding the nuclear deal. …

Mexico and Safety

Panoramica Bahia de Acapulco. By Microstar (Own work) [CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0)], via Wikimedia Commons
Date rape drugs are a problem in many different nations. A recent article in USA Today, however, reveals systemic issues at Mexican resorts. Raquel Rutledge’s well-researched piece, “Mother’s nightmare at Mexico resort: ‘There is more to this deeper, darker story than we know,'” reveals the inability or unwillingness of Mexican authorities to investigate the use of date rape drugs at these resorts. On a personal note, about six months ago I heard a second hand account from one of my students, who described a case of a husband and wife, in which the wife was raped after they were both given a date-rape drug. I can’t know if this story is true, since I did not speak to one of the people who were drugged. But what was disturbing to me about this particularly story was that this case allegedly took place not in a resort, but rather in a restaurant in Mexico City. Again, this story was not first-hand, and I cannot attest to its veracity. Still, Rutledge’s piece suggests that travelers to Mexico should exercise caution, and that Mexican authorities should thoroughly investigate all such cases, which should include medical examinations for rape, and blood testing to identify the drugs used.

Curious to read more about drugs in Mexico? You can also read this post. I also recommend this Propublica piece “How the U.S. Triggered a Massacre in Mexico” by Ginger Thompson, which covers this topic in much greater depth than my initial blog post.

Shawn Smallman, 2018.

Russian Hackers

I believe that in a 100 years people will believe that digital globalization was as an important a trend in the twenty-first century as financial, political and economic globalization. Cyberwarfare, artificial intelligence, cyber-currencies, the sharing economy, drones and robotics are fundamentally reshaping our world. In this context, hackers have become not only a security threat but also part of pop culture. But how do hacker’s themselves think about their culture and their activities? You can learn more by watching the BBC program, “The Hackers of Siberia,” which focuses on the “SiBears” of Siberia.

Shawn Smallman, 2018

Bioterrorism and Cocaine

“A beautiful landscape of Mendoza City’s park seen from the height of the Gómez building.” By Itsmemarttin (Own work) [CC BY-SA 3.0 (https://creativecommons.org/licenses/by-sa/3.0)], via Wikimedia Commons
Mat Youkee has a fascinating article, “Who Killed the Nazi Scientist trying to Wipe out Cocaine,” on the online site Ozy. The piece tells the story of Heinz Brücher, who had served as a second lieutenant in the German military (S.S.) during World War Two. A biologist, Brücher had stolen a Ukrainian seed-bank on Heinrich Himmler’s orders. Later in the war, he disobeyed orders to destroy these seeds, and fled the Reich with them. As with other German military figures at the war’s end, he fled to Argentina, as part of an evacuation which has become a theme in popular culture from film to conspiracy theories. He did not stay in Argentina only, however, but also taught as a faculty member everywhere from Venezuela to Paraguay. Later in life, though, he wound up living in a farm house in Mendoza, Argentina, where he seems to have hatched an incredible plot: to destroy the coca plant that is the basis for the cocaine trade.

The coca plant has been used for thousands of years in the Andes. One can see ancient indigenous sculptures in which the cheek of one figure is extended, because the person is chewing coca. The leaf figures in ritual and religion, but is also a rich source of nutrition.Throughout Latin America coca tea is often used as an infusion because it is supposed to have medicinal properties. The leaf itself is vastly different from the processed drug known as cocaine. In 1898 a German chemist, Richard Martin Willstätter, created cocaine, which had become one of the most used drugs in the world. By the 1970s and 80s, cocaine was the basis for the cartels of Colombia. At the same time, there were allegations that the U.S. intelligence services were themselves involved in the cocaine trade in order to fund the guerrillas fighting against the Sandinista government in Nicaragua.

Literature and Espionage

Sometimes you just can’t make up a story as strange as reality. For anyone following the inquiry into possible Russian collusion with the Trump White House, the endless details are as fascinating as they are intriguing. Clive Irving has a wonderful piece, “What Would Le Carré’s Master Spy Think of Trump and Russia?,” in the Daily Beast, which imagines what George Smiley (the fictional master spy) would make of current events.

Espionage is also in the news because of the case of Sergei V. Skripal. A former spy in Russia, he and his daughter were both found seriously ill on a bench in Salisbury, England. This particular case has many parallels to the assassination of Alexander Litvinenko in 2006, which was covered in a book titled “A Very Expensive Poison.” To date, both of the victims are alive; let’s hope that the terrible events associated with Litvinenko aren’t repeated.

In online forums a vigorous discussion has already begun regarding the likely poison. If I had been working for the FSB (AKA Moscow Central), I would have chosen fentanyl. It would be deadly at a low dose, and the victim could be blamed for ingesting or inhaling it. After the debacle with polonium in the Litvinenko case, it seems unlikely that a radioactive substance would be used again. While poisons from Himalayan plants may be difficult to detect, they also raise too many questions. Much the same could be said ricin. Nerve agents also point to a state actor, as was the case last year in Malaysia. I will be very curious to see if a poison can be identified, and whether that information will be released.

Shawn Smallman, 2018

PS- the poison has now been identified by the British authorities. According to press reports, it was a nerve agent, which would seem to be a means to draw attention. One of the police officers who responded has now been hospitalized and is in serious condition, likely because of exposure to the poison. George Smiley would have done more subtle and careful work.

Nukemap

Nagasaki Bomb. By Charles Levy from one of the B-29 Superfortresses used in the attack. (U.S. National Archives and Records Administration). Public domain, via Wikimedia Commons

Nukemap is a website that allows you detonate a virtual atomic weapon over the city of your choice. You can select the size of the bomb either by kiloton, or by presets. I first chose the a nuclear weapon tested by North Korea in 2013, and tested it as a surface burst over my much-loved city of Portland. The results were horrific: an estimated 32,230 fatalities and 41,500 injuries. When I tested the same blast over Manhattan there were 103,000 fatalities and 213, 430 injuries. In each case the map generates a series of concentric circles that illustrated the impacts from radiation, fireball, air blast, thermal radiation, etc. The website also models the radiation plume, which trails far off into the distance on the map.

This website can take you to a very dark place. I made the mistake of modeling the largest bomb that the USSR ever tested, and what would happen if it detonated over Portland, Oregon. The largest circle was for the thermal radiation, and indicated the areas in which people would receive third degree burns. This circle stretched for 60 kilometers or 11,300 km2. One end of circle passed Yale, Washington in the north, while Silverton, Oregon was on the the south edge of the circle. For this particular example, there were 1,241,130 estimated fatalities, and 574,390 injuries. So people were much more likely to be killed than injured. When I then tested the same blast over New York City, the same blast caused 7,633,390 fatalities and 4,194,990 injuries. At that point I stopped using the site.

This website is both bleak and fascinating, and might be a useful tool during a classroom discussion of nuclear proliferation, and the development of North Korea’s nuclear weapons capability. The day that I visited the website in November 2017 over 130 million detonations already had taken place on the site.

Shawn Smallman, 2017

Privacy & Cookies: This site uses cookies. See our Privacy Policy for details. By continuing to use this website, you agree to their use. If you do not consent, click here to opt out of Google Analytics.