BF-SIRT Newsletter 2018-04

It has been announced that hackers from the Dutch intelligence service AIVD have provided the FBI with crucial information about Russian interference with the American elections. This seem to be a good showcase of cyber warfare and capabilities.

Maersk chair detailed the reinstall “4,000 new servers, 45,000 new PCs, and 2,500 applications” after the NotPetya attack in 2017, providing good insights into a working disaster recovery process, completing 6 months work in 10 days and only suffering 20 percent drop in volumes.

Top 5 Security links
Dutch agencies provide crucial intel about Russia’s interference in US-elections
IT ‘heroes’ saved Maersk from NotPetya with ten-day reinstallation bliz
The popular former NSA hacker Patrick Wardle published a detailed analysis of the CrossRAT malware used by Dark Caracal for surveillance.
Alphabet enters enterprise cybersecurity market, launches Chronicle
Critical Flaw Hits Popular Windows Apps Built With Electron JS Framework

BF-SIRT Newsletter 2018-03

Researchers have uncovered a government-sponsored mobile hacking group operating since 2012.
OnePlus had its store compromised, leaving 40 000 credit cards compromised.
Hackers have started exploiting three Microsoft Office flaws to spread Zyklon malware.

Top 5 Security Links
OnePlus minus 40,000 credit cards: Smartmobe store hacked to siphon payment info to crooks
Transmission users beware: Flaw lets hackers control your computer
Skygofree Android malware is “one of the most powerful ever seen”
Hackers Exploiting Three Microsoft Office Flaws to Spread Zyklon Malware
Researchers Uncover Government-Sponsored Mobile Hacking Group Operating Since 2012

Where does Big Data begin? – Many perspectives, one classification

Big Data is a buzz phrase that is used in various situations and is constantly developing.

To classify Big Data decisively is not so easy. Firstly, it is not just a stand-alone term but rather a combination of many aspects to reveal a whole picture. And secondly, Big Data is a buzz phrase that is used in various situations and is constantly developing. It is time to set things straight.

Buzz phrase? Collective term? Synonym?

All of the above. Fundamentally, Big Data represents large digital data volumes as well as the capturing, analyzing and evaluating of it. Therefore, Big Data is also the collective term for all digital technologies, architectures, methods and processes that are required for these tasks. Or as Hasso Plattner says: “Big Data is a synonym for large data volumes in a wide range of application areas as well as for the associated challenge of being able to process them.”

Large data volumes?

Very large. “By the year 2003, humans had created a total of 5 trillion gigabytes of data. In 2011 the same amount was created within 48 hours. Now, creating the same data volume requires just 7 minutes,” illustrated RBB Radioeins in simple and effective terms. Driven by the internet, social networks, mobile devices and the Internet of Things, the worldwide digital data volumes will grow another tenfold by 2020. In Germany alone the current figure of 230 billion GB will rise to 1.1 trillion GB.

This is exactly were Big Data comes into play: The huge data volumes are checked for relationships using a such algorithm, and the whole process requires a combination of several disciplines. “It ranges from traditional informatics and data science to interface design. Machine learningdeep learning and artificial intelligence to mathematics, statistics and data interfaces,” explains Florian Dohmann, Senior Data Scientists at The unbelievable Machine Company. “A lot of this is nothing new, but combining them all creates the basis for new opportunities.”

So it is only about data volumes?

Fundamentally, yes. Big Data is firstly defined by data volumes that are “too large, too complex, change too quickly or are structured too weakly to be analyzed with manual and traditional data processing methods,” according to Wikipedia. But to define where Big Data begins – i.e. from which point the targeted use of data becomes a Big Data project – you need to take a close look at the details.

BF-SIRT Newsletter 2018-02

Microsoft released patches for Meltdown and Spectre, but it’s important to update ones antivirus before applying the patches.

Latest WebLogic exploit caused an increase in compromised hosts being used for mining Cryptocurrencies.

F-Secure finds a new Intel AMT Security Issue which gives hackers with physical access full control of laptops in 30 seconds.

Top 5 Security Links
Police give out infected USBs as prizes in cybersecurity quiz
Wi-Fi Alliance launches WPA3 protocol with new security features
Mining or Nothing!
Anti-Virus updates required ahead of Microsoft’s Meltdown, Spectre patches
New Intel AMT Security Issue Lets Hackers Gain Full Control of Laptops in 30 Seconds

Big Data Intro-Webinar!

Watch webinar on demand! Big Data inspiration with Big Data Chief Evangelist, Klaas Bollhöfer!

Big Data has become a buzzword over the last years. It is not just a stand-alone term but rather a combination of many aspects to reveal a whole picture.

You might ask why Basefarm in particular is hosting a webinar about Big Data?
We have been a managed service provider of mission critical solutions for years, and are now expanding our business with our acquisition of the German company “The Unbelievable Machine Company”.

Our Big Data expertise is relevant and interesting for a lot of industries – both in operational, developing and “ideation” perspective.
We have reference cases like Deutsche Post, Gebr. Heinemann, Audi, Deutsche Welle, Delivery Hero, Metro Group and Parship.  Read more about *UM here!

In this session you will get an inspiring intro-webinar where we evolve Big Data possibilities presented by Chief Evangelist, Klaas Bollhöfer.
The webinar is for everyone, and you do not need any knowledge about the topic before the session. The session will be in English.

At the end of this session you will have a fundamental understanding of what Big Data is, the challenges that comes with it, why you should start looking into it in 2018 and last but not least – how you can turn your data into business opportunities.

Big Data Chief Evangelist – Klaas Bollhöfer

Klaas Bollhöfer has acted as the Chief evangelist of The unbelievable Machine Company, a Basefarm company, for more than 5 years now, and is pioneering data science in Germany, Europe and beyond. At the interface of business, IT, artificial intelligence and design he develops cutting-edge strategies, spaces, services, teams and sometimes escape routes, and describes himself as a for-, side- and backward thinker. Besides that he is founder and managing director of Birds on Mars, a Berlin-based consultancy exploring and developing the intersections of human and artificial intelligence. The time left is filled with lightning talks, guest lectures, program committee chairs and craft brewing. Klaas is a certified Scrum master, design thinker, mediator and coach and will never stop being curious.

Big data Olympics

Four gold medals and one silver medal during the 2018 Winter Olympics are proof that Jac Orie is a successful speed skating coach. Why? It all has to do with data!

In the ice skating world, the name of Jac Orie is well established. He is the man behind the biggest successes of many Dutch speed skaters. Gerard van Velde in 2002, Marianne Timmer in 2006, Marc Tuitert in 2010 and Stefan Groothuis in 2014: they all won Olympic gold working with Orie. Apart from a mountain of medals, these skaters have left something valuable: a huge amount of data. Advanced analytics on almost two decades worth of data has helped Orie to train his team even more smartly in the run-up to the 2018 Winter Olympic Games in Pyeongchang, South Korea.

Data science

The results of Orie’s big data project have been astounding so far. Millions of viewers all over the world saw Sven Kramer (men’s 5,000 metres), Carlijn Achtereekte (women’s 3,000 metres) and Kjeld Nuis (men’s 1,000 and 1,5000 metres) skating to gold. And Patrick Roest (men’s 5,000 metres) won silver. Less visible is what exactly lies behind these successes. For many years, Orie has been using test data generated by skaters to calculate speed and stamina. For Pyeongchang however, he went one step further and collaborated with Leiden-based data scientist Arno Knobbe.

The big data approach, whereby computing power is used to perform calculations on big volumes of data has led to many useful insights. These include the relation between the type of training and the moment, duration and intensity of the training. A skater who has profited hugely from this is Kjeld Nuis. Data showed that stamina training in the morning proved ineffective for him, leading to an improvement in his training programme – and two gold medals in Pyeongchang.

Supercompensation

For Orie, Knobbe and the skating sport in general, the big data journey is just beginning. For example, the phenomenon of ‘supercompensation’ still needs to be figured out. Supercompensation is what happens when an athlete temporarily lowers the training intensity, leading to recovery of the body and an increase in racing performance. Obviously, this effect needs to be timed perfectly in the run-up to an important race. It’s a complex equation, with the results of training sessions sometimes showing up months later and with training types having different effects on performance for sprinting distances (especially the 500 and 1,000 metres), on the one hand, and longer distances (1,500 metres and above), on the other.

Golden opportunities – everywhere

It is certainly not an exaggeration to say that the 2018 Winter Olympics have become the first big data Olympics. As a best practice, the example set by the Dutch skaters will be followed by other athletes looking to optimize their performance. And it’s not just in sporting events that data thinking is making such an impact. Many companies are becoming more data-driven. At

Basefarm, we work together with some of these companies to explore their existing wealth of unexplored data and find new use cases. In the manufacturing, service and maintenance industries, for instance, the use of predictive maintenance saves companies millions of euros every year. And this is only just the beginning. Undoubtedly, big data will shape the next Olympic games as well as the business world of tomorrow. Our question to you: will you be a contender for gold?

About Ronald Tensen

Ronald Tensen is Marketing Manager at Basefarm in the Netherlands. He has a broad experience in the internet and IT industry (B2B and B2C), successful at developing and launching new consumer services and brands, strong customer focus and of course he is a great team player!

BF-SIRT Newsletter 2018-01

Meltdown and Spectre, two security flaws said to be affecting almost all CPUs released since 1995, was announced this week, and will probably haunt us for years to come.

Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. We might see more of this in near future botnets.

A researcher released details of a local privilege escalation attack against macOS that dates back to 2002, totally ignoring any responsible disclosure process.

Top 5 Security Links
Meltdown and Spectre – Bugs in modern computers leak passwords and sensitive data.
Mozilla Patches Critical Bug in Thunderbird
Attention, vSphere VDP backup admins: There is a little remote root hole you need to patch…
MacOS LPE Exploit Gives Attackers Root Access
Code Used in Zero Day Huawei Router Attack Made Public