Add cyberwar to the long list of reasons for why insurance companies will deny claims

Essentially, Zurich’s position is that NotPetya was a “hostile or warlike action” by a “government or sovereign power.” In fact, NotPetya is widely viewed as a state-sponsored Russian cyber attack masquerading as ransomware that was designed to target Ukraine but inadvertently spread globally. Russia denies these allegations.

According to Mondelez, even Zurich had doubts about denying coverage and at one point, rescinded its denial and committed to advancing $10,000,000 partial payment towards Mondelez’s insurance claim. But, for some reason, Zurich changed its tune and reasserted the declination of coverage.

For me this story is less about what is cyberwar, and more about why insurance companies are so good about self-declaring reasons to refuse coverage.

I recently had an insurance company executive tell me they were in the healthcare industry. So I asked if they provide care, to which they replied “no, we know more than anyone, even doctors, about health and we want to encourage people to make smaller and fewer claims.”

That’s not healthcare. That’s finance. Fewer claims (of care) means more margin.

The NotPetya-based denial of claim means the insurance company has assigned themselves the fun burden of proving that a “government or sovereign power” has committed a “hostile or warlike action”. Presumably they think the cost of that proof is less than $10,000,000

Advertising news sources are saying that it was an accident.

On Tuesday at about 7 p.m. ET, many publishers both in the U.S. and Australia saw many–if not all–of their ad slots filled with display ads featuring nothing but the color yellow. They were up for 45 minutes.

The costly mistake occurred during a Google training program when an employee accidentally purchased the 300×250 ad units, the sources said. Publishers who checked their logs saw the advertisements came from theiconic.au.com, an Australian retailer.

Estimates are upwards of $1m burned in just hours. Google made an official statement, confirming both payments and that the protest didn’t encounter any resistance.

We will honor payments to publishers for any ads purchased and are working hard to put safeguards in place to ensure this doesn’t happen again

I’ll be presenting again at the RSA Conference in SF, discussing how the information security industry shifted fundamentally after 2014 from ongoing confidentiality to growing integrity concerns.

SESSION ID: MASH-F02

TITLE: Top 10 Security Disasters in ML: How Laurel and Yanny Replaced Alice and Bob

SCHEDULED SESSION DAY AND TIME: Friday, Mar 08, 9:50 AM

ROOM: Moscone West 2007

LENGTH: 50 minutes

ABSTRACT: A seismic shift is upon us. Integrity flaws stand looming and untamed despite the security industry making great progress in availability and confidentiality awareness and control. Now a crisis of trust is developing as developers rush into “machine learning” with integrity a paramount risk. This talk will expose keys of past breaches of integrity to help attendees prepare to control ones just ahead.

QUICK ABSTRACT: If you thought confidentiality breaches were a crisis, are you ready to detect and prevent integrity failures at machine speed?

In an awkwardly worded statement, the laptop manufacturer has alerted owners of its 13-inch Macbook Pro that SSD firmware flaws are causing serious data corruption and even complete failure.

Apple has determined that a limited number of 128GB and 256GB solid-state drives (SSD) used in 13-inch MacBook Pro (non Touch Bar) units have an issue that may result in data loss and failure of the drive. 13-inch MacBook Pro units with affected drives were sold between June 2017 and June 2018.

Apple or an Apple Authorized Service Provider (AASP) will service affected drives, free of charge. Apple recommends having your drive serviced as soon as possible.

A few things stand out here:

1. The firmware update means an Apple “technician will run a utility”
2. The repair process is to backup your data, update the SSD firmware in a destructive manner, and then restore all your data from backup. And this begs the question why someone can’t do the update themselves if it means restoring a backup to a fresh OS install. Apple ought not be worried about data loss or failure in the process as that’s a guaranteed outcome. Are they concerned the firmware update would brick the laptop, or that the utility would grant too much authority to the end user?
3. Data already destroyed by the faulty SSD can not be recovered
4. Anyone who already paid for this service can get a refund. Although at the same time, it only “covers affected MacBook Pro models for 3 years after the first retail sale of the unit”. The repair will not be free if your SSD has faults beyond 3 years…

China has downgraded the rating of US ability to partner or deliver goods, and is distancing itself from the instability of a white nationalist White House.

…the economic relationship between the U.S. and China has been permanently altered.

[…]

The president’s abrupt return to brinkmanship…underscored U.S. unpredictability.

[…]

…imposition of tariffs on more than $250 billion in Chinese goods already has prompted China to [buy] soybeans from Brazil rather than Indiana or Iowa.

[…]

Xi has personally directed a campaign to promote “self-reliance,” with public tours of China’s modern industries in the south and its traditional Rust Belt region in the northeast.

“The turn away from reliance on the U.S. for agricultural and industrial inputs will accelerate,” Charles W. Freeman Jr., a former U.S. diplomat said in an email.

This really isn’t about China or America, though. Anyone familiar with the erratic performance and quick failure of a certain steakhouse, casino, airline…probably wouldn’t want to hitch their wagon to a horse unwilling to pull its own weight let alone help anyone else.

You may have noticed a post the other day about a decorated SEAL charged with war crimes.

Some have decried this investigation as political maneuvering by those serving with the accused, while others have said they simply do not believe in challenging the accuracy of decorated war veteran records.

Meanwhile I noticed a similar story brewing in Australia about special forces with some interesting commentary on both political maneuvering and motives among those involved.

In a statement to Fairfax Media sent on Wednesday evening, an AFP spokesperson said: “The Australian Federal Police (AFP) received a referral to investigate allegations of war crimes committed by Australian soldiers during the Afghanistan conflict.”

[…]

Fairfax Media has confirmed through multiple military sources that both the AFP inquiry and the Brereton inquiry have gathered extensive information from decorated serving and former special forces veterans who served alongside Mr Roberts-Smith in Afghanistan. The Brereton inquiry has interviewed more than 200 witnesses on oath since 2016.

[…]

Dr Nelson, a former defence minister, has repeatedly attacked the media reporting and Inspector-General’s inquiry into Mr Roberts-Smith on the basis that it is taking too long and because, “We want to believe in our heroes”.

But Fairfax Media has confirmed from special forces insiders that over a dozen SAS soldiers are assisting the Brereton inquiry. Many believe that scrutiny of allegedly unlawful acts is needed to preserve the integrity of the regiment and are scathing of Dr Nelson’s advocacy, believing it amounts to an attack on soldiers willing to raise concerns about alleged battlefield combat.

Another high-profile supporter of the Brereton inquiry is former SAS officer and Afghanistan veteran Andrew Hastie, who is now a Coalition MP.

200 witnesses, a dozen soldiers assisting and a former officer/veteran who entered politics supporting the inquiry. It seems to me those most dedicated to the professionalism of their craft will welcome inquiry into their actions, as it validates what they already know or uncovers things they would want to hear.

And on that note, I have concerns with the response to an inquiry in this case

…Mr Roberts-Smith, he has vehemently denied any wrongdoing in Afghanistan, insisted he has a “spotless record” and insisted those making claims about him are disgruntled or jealous liars

Any auditor will tell you that angry claims of a “spotless record” can be a tell. Continuous improvement is what people aim for, not spotless records (indicates methods of intimidation and coverup). Also accusing messengers of jealousy can be a tell, which doubles-down on the risk that the accused believes spotless records are a function of destroying critics.

We definitely saw this behavior in the unraveling of Theranos, for example.

Q: The Theranos story has many remarkable aspects. What was the most striking thing you found during your reporting?

A: Two things. One, the egregiousness of the lies, the serial lies, of Elizabeth’s serial lies. Sunny’s, too.

The second thing is the unbelievable campaign of intimidation against me and my sources. I’ve been a journalist for more than 20 years and I’ve never encountered anything close to that. Still, I’m a big boy and the Wall Street Journal has been around for a long time. But Theranos went after my confidential sources. They threatened doctors in Arizona who had spoken to me on the record. It was beyond the pale.

And also with Lance “Live Wrong” Armstrong, as extensively documented

The original whistleblower who helped bring down Lance Armstrong has revealed how she was tormented and intimidated for more than a decade by the cyclist and his allies as they stopped at nothing in their bid to silence her.

Mr Roberts-Smith does himself a disservice by insisting he has a spotless record, and perhaps you can see why that’s not even an objective goal. Even if it doesn’t alarm you on its own, though, attacking critics makes the spotless record seem even less believable.

Interesting news from Streets Blog about the change in security standards that now allows foreign train technology to the US

Building trains to unusual U.S. safety standards for the small American passenger rail market made rolling stock purchases needlessly expensive. Opening the door to standardized European train specifications will significantly lower prices.

Rail operators are expected to save hundreds of millions of dollars a year as a result, enabling them to invest more in operating train service and upgrading rolling stock and infrastructure.