On March 13th, a SQL injection script was found in the WP Statistics plugin. WP Statistic is an open source plugin design to track visitors. It records IP addresses, referring sites, search engine terms, and location statistics. Per it’s WordPress.org, the plugin has over 600,000 installs. The Daily Swig reported that the plugin can break a WordPress site’s encryption keys and salts. Hackers can use automated tools like sqlmap. The flaw was found in admins accessing the “Pages” option to get statistics. This sends a request to a database and generates an SQL query. This function is normally reserved for administrators. But the flaw can be viewed by non-admins. The hacker can then input their own values into the database.
When the creators were alerted to the flaw, they quickly sanitized the bug and released a new patch.
In 2015, Darius Kazemi created an app called Ethical Adblock. Ethical Adblock blocks websites that need ad revenue. Some websites have free content. To compensate for their free content, these websites host ads. The data from these ads are also sold to advertisement firms. The user is the product, which is then sold. Ethical Adblock removes the user from participating in being sold. This application differs from unethical AdBlock. The user cannot view a website with “free” content. Visitors may choose to disable ads and view website content. That creates a loss of revenue for ad-driven websites. Some websites depend on ad revenue to continue. Ethical Adblock disables the temptation of viewing website content for free.
Why do advertisers need websites for ads? They need to find new platforms to advertise. No longer are the days when a large audience views tv shows from 5 or 10 stations. News is not limited to three or four newspapers. Society is out of sync with everyone. Not only can people stream content at any time, but they can also find content from anywhere on the internet. To reach their customers, Advertisers use algorithmic advertising technology. This tech is important for advertisers to tailor their ads to different platforms. The ads can serve a broad audience without the need for a central location. And the data from the algorithms help shape the products that are sold.
I have a mixed view on Adblockers. I disable my adblockers for small businesses and local businesses. It is important for a thriving economy that there are more local entrepreneurs. The local business or individual pay more in taxes percentagewise than corporations. Leeching free content by using Adblockers is stealing from my neighbors. Individuals and local businesses do not have the advertisement budget like big businesses. I will turn it off for those websites. I do not have the same compassion for corporations. It is true that corporations create more jobs. Corporations pay less in local property taxes and are a drain for a local economy. Furthermore, some corporations do not pay living wages. Thus, I do not feel they need help with their advertisement budget. They have already recovered lost revenue by paying less in local taxes and less in fair wages.
Amy Zegar, co-director of CISAC and Davies Family Senior Fellow, did a TEDx Talk on Cyberwarfare in 2015. Cyber attacks and cyber wars have escalated and evolved over the years. The U.S. Government placed cyber attacks on the top of their threat list. They did this after the attack by North Korea on Sony. The attack stopped the release The Interview, starring James Franco and Seth Rogan. Terabytes of private information was stolen and released. Sony suffered because of this attack.
In her talk, Ms. Zertag listed three classes of cyber attacks. The first one as thief of intellectual property form American Corporations. The IP from U.S. private businesses gives the economic an edge over others. The second class of attack is a tax on infrastructure. An attack like this would cause disruptions to the American way of life. The third class of attack is one that degrades or disables our military. A disruption like this limits the U.S. Military ability to defend the country. The military cannot attack when their interests are threatened.
Ms. Zertag states that there are “no safe neighborhoods” online. In real life, police officers patrol the city. The military defends the United States. The police and military are government owned monopolies on security. But the private sector owns 85% of cyberspace. The government cannot reach in and defend those sectors. It is up to private businesses to work with the government for cyber defense.
The internet has, as Ms. Zertag put it, a “huge attack surface.” The internet is one location where people communication, shop, and manage their finances. It is also a place where people can steal, sell illegal products, and commit other crimes. It is a centralized location. The internet was never designed to have safe spaces. Researchers and developers created the internet to share unregulated information.
Since the start of the internet, internet traffic has tripled. Development of smart devices has increased the reliance of the internet. Appliances will soon be autonomous. Driverless cars will become more popular. In the health field, smart devices will be implanted to record health vitals. The coding rule of thumb is that there is one defect for every 2,500 lines of code. The defects in code are tested by hackers and random bots. When the error in code is discovered, it is exploited. The more code is used in programing devices, the more susceptible a network is to a cyber-attack.
There are five key differences between cyber warfare and traditional warfare. The first difference is that the more powerful a network, the more vulnerable. The more connected a society is, the more they will lose due to a cyber attack. Because 85% of the internet is owned by the private sector, the government cannot work alone. The government must rely on support of private corporations and other nations to handle cyber attacks. Since society has become more connected worldwide, the attack surface is broad. The last difference is that victims do not know they are victims until it is too late. Some cyber attacks are slow and unnoticeable by their intended victims. Until the crime is committed, there is no notice of a cyber attack. Traditional warfare as the advantage of seeing the enemy. In cyber attacks, the enemy often are anonymous.