Archive for July 25, 2024

Guest Post: Self-hosted observability is essential for federal agencies to protect on-premises applications and infrastructure

Posted in Commentary with tags on July 25, 2024 by itnerd

By Gregg Ostrowski, CTO Advisor, Cisco Observability

Across the world, government agencies continue to be a highly attractive target for cybercriminals. These malicious entities are aware of the vast amounts of sensitive data stored by federal, state, and local institutions, and recognize the limited resources many of these have to protect legacy applications and infrastructure. 

Whether it’s geopolitical strategy and cyber war through state sponsored attacks (a growing possibility with the number of countries with major elections this year) or one-off ransomware and phishing attacks, government agencies are threatened like never before. In Canada, 11 per cent of all cyberattacks were aimed at the public sector last year, with attackers looking to exploit vulnerabilities to access huge volumes of personal data for fraud, identity theft, and account takeovers. 

Unfortunately, many government IT teams are struggling to handle an increasingly dynamic and sophisticated threat landscape. They simply don’t have the tools and insights needed to detect and address threats in a timely way. Unless addressed, this issue represents a huge challenge for government agencies, and for citizens around the world. The likelihood of serious security breaches will continue to rise, with all the subsequent effects to reputation, trust, and citizen engagement.  

While IT teams across vast industries rely on cloud-native and SaaS-based observability tools to address security threats, public sector agencies face unique challenges. Federal, state, and local government institutions often operate in air-gapped environments with strict data privacy and security rules, limiting their access to these solutions. 

Fortunately, more government institutions are now turning to self-hosted observability solutions. This shift allows them to leverage advanced AI-powered tools to enhance their security posture and proactively manage application availability, performance, and security. 

Self-hosted observability is vital to protect on-premises environments 

Observability offers technologists unified visibility across the IT stack, allowing them to identify vulnerabilities, understand root causes and dependencies, and address issues promptly. Additionally, it provides business context to security findings, helping IT teams assess the potential impact of vulnerabilities in cloud-native technologies and prioritize mitigation efforts based on customer and business outcomes.  

Unfortunately, however, the reality is that most observability solutions only run in cloud or SaaS environments – making them unsuitable for organizations maintaining applications and infrastructure on-premises. On-premises observability has largely been overlooked, with only one or two comprehensive solutions on the market. The result is that many on-premises IT teams are struggling to respond to increasing levels of complexity and overwhelming volumes of data, and to respond to an increasingly more sophisticated threat landscape.  

Fortunately, though, there is now a new breed of observability solutions which are delivering innovative functionality within on-premises environments and helping government IT teams mitigate risk and deliver secure and seamless citizen experiences. 

Across federal, state, and local government, a growing number of agencies are embracing self-hosted application observability solutions to monitor their most critical business systems, end-to-end. 

Self-hosted observability – or customer-managed observability – includes on-premises deployments or cloud-based deployments where the organization maintains control of all the data and associated operations. It enables technologists to proactively manage the performance, availability, and security of mission-critical applications and, in turn, delivers market-differentiating digital experiences to end users. 

With observability, IT teams gain a unified view of their applications, infrastructure, and data, allowing them to monitor, manage, and optimize applications in real-time. It integrates seamlessly into the data centre while adhering to compliance, security, and operational policies.  

Modernizing the on-premises control to leverage AI capabilities 

IT teams managing on-premises environments need an observability solution that modernizes their installation and operates effectively within a Kubernetes environment.  

Upgraded observability controls provide government agencies with the same comprehensive capabilities as cloud-native solutions, including AI-powered anomaly detection, root cause analysis, and automated transaction diagnostics. Self-hosted observability enhances security by identifying application vulnerabilities within context and offering automated business risk scores. This helps IT teams prioritize responses based on potential impact.  

With the threat landscape likely to become even more severe over the coming months and years, government agencies urgently need to ensure their IT teams have access to the latest AI-powered functionality that self-hosted observability can deliver. Only with the right capabilities and insights will IT teams be able to counter rising threats and deliver the seamless and secure experiences that are now so crucial in driving improved citizen outcomes.  

Leave a comment »

Bell And One Of Their Third Party Call Centres Gets Sued For Violating A Woman’s Privacy

Posted in Commentary with tags on July 25, 2024 by itnerd

Anyone who’s been reading this blog for a while will know that I praise Bell for the quality and speed of the products that they offer. But I have been highly critical of the fact that Bell outsources as much of their customer service as they possibly can. And this story from CBC News illustrates why that is bad. In short, A woman in Nova Scotia is suing Bell and a third party call centre that Bell used to own and now contracts their services, along with an agent who works at said call centre for violating her privacy.

Now none of this been proven in court. But I just looking at the facts at hand, this illustrates why outsourcing customer service is a #fail. When you give a third party access to data on your customers, you have basically lost some control of that data. As in the company can get hacked, or an insider can steal data for whatever purpose. And then bad things can happen. This situation would quality as one of those bad things. And that’s on top of my other reason for not being in favour of companies outsourcing. Which is that customer service tends to suffer because you don’t have the same level of control over those who are delivering customer service, nor does the outsourced company have enough of an incentive to care about delivering the best possible customer service.

Now I don’t know how this case is going to turn out as this case has yet to go to court. But I for one hope that it makes Bell rethink the fact that it outsources so much of its customer service. Because this situation should serve as a wake up call to them.

Leave a comment »

A New Fresh Phish From INKY Details An Increase In Obfuscation Techniques That Leverages Cross-Site Scripting

Posted in Commentary with tags on July 25, 2024 by itnerd

INKY has published a Fresh Phish. In short, INKY has discovered an increase in obfuscation techniques that utilize malicious cross-site scripting.

Quick Take: Attack Flow Overview

  1. Origin: Newly created domains
  2. Payload:  Malicious links with URL-encoded links
  3. Techniques: Brand impersonation, Data harvesting
  4. Target: Spray and pray – multiple sectors were targeted

You can read the full report here.

Leave a comment »

CIRA’s $1.25 million Net Good Grants investment empowers youth and underserved groups to make Canada’s internet a better place

Posted in Commentary with tags on July 25, 2024 by itnerd

Today, CIRA is proud to announce $1.25 million in grant funding as part of its Net Good program, going towards supporting 15 new community-led internet initiatives that improve the lives of Canadians. Net Good Grants recipients are advancing community internet infrastructure, implementing solutions to combat online harm and ensuring the internet remains a force for good. CIRA’s commitment this year to the Canadian internet ecosystem will reach more than 50,000 people who will benefit from the tremendous resources, opportunities and connections accessible online. With $12.95 million in community investments deployed across 232 projects since 2014, CIRA Net Good Grants have helped address digital challenges and provided essential funding to underserved groups affected by Canada’s digital divide.

According to research conducted for CIRA’s 2024 Canada’s Internet Factbook, more than three-quarters of Canadians (76 per cent) still report getting their news online—despite Meta’s decision to remove news content from its Canadian services in response to Bill C-18. But with the spread of misinformation and disinformation, some of CIRA’s funded initiatives this year are focusing not only on combating misinformation, but on identifying reliable news sources and keeping their communities safe online.

Whether it’s helping the creation of a trilingual toolkit, the launch of an Indigenous, youth-led podcast in Quebec, or the organization of the 2024 Youth Internet Governance Forum (IGF) in Toronto in September, CIRA understands the critical need to support the next generation of Canadian internet leaders.

The increase in online scams, cyberbullying and sexual exploitation underlines the need to ensure youth are equipped to build healthy online relationships and are provided with the tools they need to use the internet as a force for good. Most of this year’s initiatives focus on online safety to improve Canadian internet users’ technological skills so they can navigate the new reality of AI and cyber threats and improve their lives.

Key facts

Funding this year focuses on three main themes: infrastructure, online safety and policy engagement. Some important data to note:

  • 10 initiatives focus on online safety, three are dedicated to infrastructure and two feature policy engagement
  • 10 projects (66 per cent) serve students
  • Nine projects (60 per cent) focus on supporting remote and rural communities
  • Seven projects (46 per cent) serve Indigenous people

2024 CIRA Grant recipients

Alberta

John Humphrey Centre for Peace and Human Rights 
Youth across rural Alberta, Manitoba and Saskatchewan will employ arts-based digital media to articulate their experiences with racism online in knowledge-sharing sessions with policy stakeholders.

British Columbia 

PLEA Community Services 
About 500 school-based workshops aimed at stopping youth sexual exploitation online by giving children and young adults information and practical tools to keep themselves safe from online exploitation and sextortion.

Manitoba

The Pas Community Renewal Corporation 
Installation of a free, reliable wireless network for community residents, visitors and staff of The Pas Regional Library, making high-speed internet and library programs more accessible.

Nunavut 

Kamatsiaqtut Nunavut Helpline 
Virtual workshops and mental health resources addressing online safety, healthy relationships, gender-based violence and cyberbullying; all specifically tailored for Indigenous high school students.

Pinnguaq Association 
Four week-long hybrid camps providing engaging and hands-on education for children in Nunavut and Ontario around online safety, AI, privacy, misinformation and cyberbullying.

Ontario

Wabigoon Lake Ojibway Nation 
Extension of the Nation’s fibre optic network to offer affordable, fast and high-quality internet services for residents and community buildings.

Cyber-Seniors 
A multimedia Cybersecurity Training Toolkit to educate rural-residing older adults in Ontario, Alberta and New Brunswick on how to avoid online scams and stay safe online.

Hackergal 
Online safety will be the focal point of Hackergal’s STEM programming for the 2024/2025 school year, ensuring that girls across Canada receive tailored education and resources to navigate the digital landscape.

Junior Achievement Canada 
A suite of digital, self-directed learning modules for Northern, Indigenous and rural youth aged 12-16 to help them safeguard financial data, evaluate financial advice and understand their digital rights.

Platform
A national educational framework helping women and queer people understand online risks, privacy settings and safe online behavior—reducing barriers to civic engagement and online participation.

Women’s Shelters Canada 
Online modules for shelter workers to address common online safety issues faced by domestic violence survivors in Northern, rural and Indigenous communities.

Toronto Metropolitan University 
A hybrid Youth Internet Governance Forum (IGF) in September 2024 that will provide a platform for young Canadians (18-30) to convene and discuss internet public policy, connectivity issues and global internet coordination. The Youth IGF will include diverse and cross-Canada young stakeholders and rights-holders, building the next generation of Canadian internet leaders.

Saskatchewan

Onion Lake Cree Nation 

Moving the main network hub of the Nation to a new location that’s more accessible for technicians and installing a new fibre optic line, improving affordable connectivity for more buildings and residents of the Nation.

Quebec 

Idée éducation entrepreneuriale
French language online safety educational tools and podcasts co-created and hosted by students addressing cyberbullying, phishing techniques, malware, surveillance, hacking and misinformation.

Wikimedia Canada
A trilingual toolkit and podcast co-created by Atikamekw youth focused on online safety, combating misinformation and promoting accurate information from reliable sources.

Resources

Leave a comment »

Action1 Releases 2024 AI Impact on SysAdmins Survey

Posted in Commentary with tags on July 25, 2024 by itnerd

Action1 has released a 2024 AI Impact on Sysadmins report, revealing that while system administrators (sysadmins) recognize AI’s potential, significant gaps in education, cautious organizational adoption, and insufficient AI maturity hinder widespread implementation. Action1 researchers found that while sysadmins are aware of AI’s potential, the readiness for its adoption is tempered by the need for further education and training and AI failures.

Key findings include:

  • The top 3 areas for AI automation are log analysis, server CPU and memory monitoring, and patch management.
  • 60% of sysadmins acknowledge a lack of understanding of leveraging AI practically, indicating a persistent gap in AI literacy; 72% expressed a need for training, and 45% were concerned about becoming obsolete in the job market due to their current level of AI literacy. 
  • The highest failure rates occurred in areas where AI is most commonly implemented/ Over half encountered errors in troubleshooting, followed by 25% of respondents reporting failures in implementing AI for log analysis.
  • 80% of organizations do not require sysadmins to implement AI in their job roles
  • AI led to critical disruptions in 16% of organizations. 

The report’s timing is intentional: It was released a day ahead of SysAdmins Day, celebrated annually on the last Friday of July, to recognize sysadmins who often work around the clock to ensure systems are available when needed. 

You can read the report here.

Leave a comment »

February’s AT&T Outage Was Worse Than Anyone Thought Says The FCC

Posted in Commentary with tags on July 25, 2024 by itnerd

Earlier this week, the FCC put out a report on the fact that AT&T had a massive outage back in February. And that report basically says that said outage was not only bad, it was worse than anyone thought.

“All voice and 5G data services for AT&T wireless customers were unavailable, affecting more than 125 million devices, blocking more than 92 million voice calls, and preventing more than 25,000 calls to 911 call centers,” the Federal Communications Commission (FCC) said in its report.

The 911 failures are the biggest problem here for reasons that are easy to understand. There’s nothing worse than trying to reach 911 in an emergency and being unable to get through. The FCC report does show that AT&T attempted to restore FirstNet (First Responder Network Authority) first before residential and commercial AT&T users, which sounds like the correct way to go about it.

However, the FCC also criticized AT&T for several failures on top of failing to test the implementation of the network change. The FCC pointed to a lack of oversight and controls to ensure test that processes were followed or that the processes themselves were insufficient. AT&T was also unprepared for the congestion caused by user devices attempting to reconnect to the network at the same time. AT&T’s network was insufficiently robust to mitigate the congestion.

Some of this sounds like what Canadians experienced a couple of years ago with the epic Rogers outage. A executive summary on that outage said that Rogers had a change management process that was suspect. Which sounds like AT&T’s lack of oversight and controls.

What is it with top telcos seemingly YOLO‘ing things, and having things go off the rails as a result?

John Gunn, CEO, Token 

Just as the FDA ensures the food we eat doesn’t kill us, and the FAA ensures we have safe air travel, we need a regulatory agency to implement broad and stringent regulations to ensure the reliability and continuity of the digital services that are inextricably integrated into almost every aspect of our lives. No one should be a fan of additional regulation, but clearly, we are failing without it.

Mr. Gunn is right. Telcos need to be held to a higher standard and completely accountable for stuff like this. And that’s on both sides of the border. Perhaps lawmakers will do something and ensure that YOLO’ing anything has consequences.

Leave a comment »