Category Archives: Crime Prevention

Here’s How to Protect Your Data Privacy When You Sell or Recycle Smartphones and Computers (Video)


Video

 

Alyssa Newcomb

By Alyssa Newcomb, Business and Technology Contributor to Fortune   March 19, 2019

 

When it comes to data privacy, there’s more to security than changing passwords and encryption. You’re at risk if you do good by recycling computers and smartphones too. Research from security company Rapid7 shows that tech sold in secondhand shops are filled with the previous owners’ personal data, according to new research from security company Rapid7.

Over the course of six months, Josh Frantz, a researcher at Rapid7, purchased old electronics from businesses that sell refurbished computers, or accept donations, and promise to wipe the devices before they are sold. He spent $650. His haul included 41 computers, 27 pieces of removable media, which included flash drives and memory cards, 11 hard disks, and six cell phones.

What he found was the equivalent of people serving up their data on a digital silver platter. Frantz retrieved more than 366,000 files, which included documents and images. Perhaps most troubling was the load of personal information he was able to access. He found 41 social security numbers, 19 credit card numbers, six driver’s license numbers and two passport numbers.

“Whenever I brought a computer back, I booted it up to see whether it was bootable and whether it required a password to log in. I wrote a script in PowerShell that would run through and index all the images, documents, saved emails, and conversation histories through instant messengers. It would then zip it up nice and organized on the desktop, and I would pull it off with a USB drive,” he wrote in a blog post.

While many businesses promise to wipe donated old electronics, Frantz said the best way to prevent your data from leaking to potential thieves is to clean any device as best as you can before handing it over to a recycling program or a re-seller.

Performing a factory reset sometimes isn’t enough to keep experienced hackers from finding old data. Frantz shared a guide to how to wipe an Android device, which involves first using an app to encrypt your data before performing a factory reset. An iPhone or iPad can be reset by going to settings > general > reset > erase all content and settings.

And if you are planning to recycle your old computer, Frantz recommends a few different methods for destroying it, including a drill, hammer, or setting it on fire, as long as there aren’t any toxic byproducts.

“If you’re worried about your data ending up in the wrong person’s hands, destroy the data,” he said. “If you wish to do a good deed and donate your technology so others can benefit, make sure it’s at least wiped to an acceptable standard. Even if you get it in writing that your data will be erased, there’s no good way to know whether that’s actually true unless you perform the wipe yourself.”

Why businesses fear cyberattacks from ex-employees more than nation states

By Alison DeNisco Rayome, Senior Editor for TechRepublic – February 27, 2019, 6:02 AM PST

A major data breach would likely shut down half of SMBs permanently, according to an AppRiver report.

 


Video

 

More than half of cybersecurity executives at small- and medium-sized businesses (SMBs) (58%) fear a major data breach more than a flood, fire, transit strike, or even a physical break-in of their office, according to the inaugural AppRiver Cyberthreat Index for Business Survey released Tuesday.

The concern is rooted in a stark business reality: Nearly half of the 1,059 SMB cybersecurity decision-makers surveyed (48%) said a major data breach would likely shut down their business permanently, the report found. This percentage increased significantly for financial services and insurance SMBs (71%) and healthcare SMBs (62%), according to the report.

SEE: Security awareness and training policy (Tech Pro Research)

These results echo the findings of a previous report from VIPRE, which found that 66% of SMBs would either go out of business or shut down for at least one day in the event of a breach. Almost half of all cyberattacks target SMBs, as these businesses tend to have less-sophisticated security infrastructure and fewer trained cybersecurity workers on staff to manage and respond to threats.

“In today’s digital age, businesses rely on their intellectual property and use automated business processes more than ever before – bringing cybersecurity to the forefront,” said Dave Wagner, CEO of Zix Corporation, parent company of AppRiver.

SMBs are more concerned that these attacks could come from disgruntled ex-employees (24%) than from rogue hacktivist groups (21%), lone-wolf hackers (19%), competitors targeting corporate intellectual property (18%), or nation state-sponsored hackers (18%).

The reason for this fear of an ex-employee breach is well founded: Some 20% of organizations said they have experienced data breaches by former employees, according to a OneLogin report. Companies can increase their chances of avoiding such an attack by removing employees’ access to all accounts immediately after they leave the company.

SMBs can follow these tips from Kaspersky Lab to improve their security practices:

  1. Create a list of assets your employees use
  2. Make a list of the online services your organization uses, and analyze which of them is critical for your business process.
  3. Audit critical services and their settings
  4. Set clear guidelines for which data can be moved to the cloud and which must stay internal
  5. Set guidelines for which data can be accessed by which employees
  6. Arrange security awareness training to teach staff how to handle critical data safely
  7. Use a reliable security solution
The big takeaways for tech leaders:
  • 58% of cybersecurity leaders fear a major data breach more than a flood, fire, transit strike, or even a physical break-in of their office. — AppRiver, 2019
  • 48% of cybersecurity leaders said a major data breach would likely shut down their business permanently. — AppRiver, 2019

———————————————————————-

A Practical Guide to Protecting Your Privacy Online

 

 

 

By John Mason, Founder and Chief Researcher of TheBestVPN and Contributor to TechNewsWorld
Feb 1, 2019  8:47AM PT
(This story was originally published on Nov. 7, 2018, and is brought to you today as part of our Best of ECT News series)

 

Do you take your online privacy seriously?

Most people don’t. They have an ideal scenario of just how private their online activities should be, but they rarely do anything to actually achieve it.

The problem is that bad actors know and rely on this fact, and that’s why there’s been a steady rise in identity theft cases from 2013 to 2017. The victims of these cases often suffer a loss of reputation or financial woes.

If you take your online privacy seriously, follow this 10-step guide to protect it.

1. Shield Yourself From Snoopy ISPs

You may not be aware of it, but your ISP already might know all about your online searches.

Each time you search for something online, your browser sends a query to a DNS server. Before the query reaches a DNS server, however, it first has to go through your ISP. Needless to say, your ISP easily can read and monitor these queries, which gives it a window into your online activity.

Not all ISPs monitor your browser queries but the ones that don’t are the exception and not the rule. Most ISPs will keep records of your Web browsing for a period of a few months to a year. Most ISPs don’t record your texts, but they do keep records of who texted you.

There are two ways to protect your privacy if you don’t want your ISP monitoring your browser queries: 1) Switch to an ISP that doesn’t monitor your online data, if practicable; or 2) Get a VPN to protect your data (more on this later).

2. Guard Your Login Credentials

One thing most people take for granted is the login credentials they use to access their many online accounts. Your username and password are the only things keeping your information and privileges from getting into the wrong hands. This is why it’s important to make them as strong as possible.

Choose a strong username that is simple and easy to remember but can’t easily be linked to your identity. This is to prevent hackers from correctly guessing your username based on your name, age, or date of birth. You’d be surprised just how cunningly hackers can find this information. Also, never use your Social Security Number as your username.

Next, pick a strong password. There are many ways to do this, but we can narrow them down to two options: 1) Learn how to make strong passwords; or 2) Use a password manager app.

Learning how to make a strong password requires time and imagination. Do you want to know what the most common passwords are? They are “1234,” “12345,” “0000,” “password” and “qwerty” — no imagination at all. A password combining your name and date of birth won’t cut it. Nor will a password that uses any word found in the dictionary.

You need to use a combination of upper and lower case letters, numbers, and even symbols (if allowed). Complexity is what matters, not length, since a complex password will take centuries for a computer to figure out. In fact, you can try your password if you want to see just how long it will take to crack.

If you don’t have the time and imagination to formulate a strong and complex password, you can use one of the six best password managers. These apps not only save you the hassle of memorizing your complex passwords but also auto-fill online login forms and formulate strong passwords for you.

Whether you want to learn how to make strong passwords or choose to install a password manager app is up to you. What you should never neglect, though, is 2FA (2-factor authentication). 2FA adds an extra layer of protection for your passwords in case someone ever does learn what they are. In fact, you may already have tried it when logging into an account on a new device.

The app or service requires you to key in the access code sent to another one of your devices (usually your phone) before you are given access to your account. Failing to provide this access code locks you out of your account. This means that even if hackers obtain your login credentials in some way, they still can’t log into your account without the access code.

Never use the same usernames or passwords for different accounts. This prevents hackers from accessing multiple accounts with just one or more of your login credentials. Also, never share your login credentials with anybody — not even your significant other.

3. Secure Your WiFi

Have you ever heard of a KRACK attack? It’s a proof-of-concept cyberattack carried out by infiltrating your WiFi connection. The hacker then can steal information like browsing data, personal information, and even text message contents.

The problem is that not even WPA2 encryption can stop it. This is actually why The WiFi Alliance started development of WPA3, which it officially introduced this summer.

Do you need WPA3 to defend against KRACK attacks? No. You just need to install security updates when they become available. This is because security updates ensure that a key is installed only once, thereby, preventing KRACK attacks. You can add additional layers of protection by visiting only HTTPS sites and by using a VPN.

You also can use a VPN to protect your device whenever you connect to a public network. It prevents hackers from stealing your information via a MitM (Man in the Middle) attack, or if the network you’ve connected to is actually a rogue network.

4. Browse With Confidence

If you read through your browser company’s Terms of Use and Privacy Policy, you might find that they actually track your online activities. They then sell this information to ad companies that use methods like analytics to create a profile for each user. This information then is used to create those annoying targeted ads.

How do they do this?

Answer: Web cookies.

For the most part, Web cookies are harmless. They’re used to remember your online preferences like Web form entries and shopping cart contents. However, some cookies (third-party cookies) are made specifically to remain active even on websites they didn’t originate from. They also track your online behavior through the sites you visit and monitor what you click on.

This is why it’s a good idea to clear Web cookies every once in a while. You may be tempted to change your browser settings to simply reject all cookies, but that would result in an overall inconvenient browsing experience.

Another way to address the monitoring issue is to use your browser’s Incognito mode. Your browser won’t save any visited sites, cookies, or online forms while in this mode, but your activities may be visible to the websites you visit, your employer or school, and your ISP.

The best way I’ve found so far is to replace your browser with an anonymous browser.

One example is TOR (The Onion Browser). TOR is a browser made specifically to protect user privacy. It does this by wrapping your online data in several layers of encryption and then “bouncing” it for the same number of times before finally arriving at the right DNS server.

Another example is Epic Browser. While this browser doesn’t run on an onion network like TOR, it does do away with the usual privacy threats, including browsing history, DNS pre-fetching, third-party cookies, Web or DNS caches, and auto-fill features. It automatically deletes all session data once you close the browser.

SRWare Iron will be familiar to Google Chrome users, since it’s based on the open source Chromium project. Unlike Chrome, however, it gets rid of data privacy concerns like usage of a unique user ID and personalized search suggestions.

These three are the best ones I’ve found, but there are other alternatives out there. Whatever privacy browser you choose, make sure it’s compatible with your VPN, as not all privacy browsers are VPN-compatible — and vice-versa.

5. Search Safely

Presenting risks similar to popular browsers are the search engines many people use. Most browser companies also produce their own search engine, which — like the browser — also tracks your online searches. These searches then can be traced to your personal identity by linking them to your computer, account, or IP address.

Aside from that, search engines keep information on your location and usage for up to several days. What most people don’t know is that persons in the legal field actually are allowed to use the information collected by search engines.

If this concerns you at all, you may want to switch to a private search engine. These private search engines often work in the same way: They obtain search results from various sources, and they don’t use personalized search results.

Some of the more popular private search engines include DuckDuckGo, Fireball, and Search Encrypt.

6. Use a VPN

What is a VPN, and why do I strongly recommend it?

A VPN (virtual private network) is a type of software that protects your Internet browsing by encrypting your online data and hiding your true IP address.

Since you already know how online searches are carried out, you already know that browser queries are easily readable by your ISP — or anyone else, for that matter. This is because your online data is, by default, unencrypted. It’s made up of plain text contained in data packets.

You also already know that not even built-in WPA2 encryption is good enough to protect against certain attacks.

This is where a VPN comes in. The VPN courses your online data through secure tunnels until it gets to its intended DNS server. Anyone intercepting your browsing data will find unreadable jargon instead.

You may hear advice against trusting VPNs with your security. I’m actually inclined to partially agree — not all VPNs are secure. However, that doesn’t mean all VPNs are not secure.

The unsecured VPNs I’m referring to are the “free lunch” types that promise to be free forever but actually use or sell your data to ad companies. Use only the safest VPN services you can find.

A VPN is primarily a security tool. While you may enjoy some privacy from its functions, you will want to pair it with a privacy browser and search engine to get the full privacy experience.

A VPN can’t secure your computer or device from malware that’s already present. This is why I always recommend using a VPN together with a good antivirus and firewall program.

Some popular browsers run WebRTC protocols by default. You have to turn off this protocol. This protocol compromises a VPN’s security by allowing your true IP address to be read.

7. Beware of Phishing

You may have the best VPN, anonymous browser, and private search engine on the market, but they won’t do you much good if you’re hooked by a phishing scam.

Phishing employs psychological analysis and social engineering to trick users into clicking a malicious link. This malicious link can contain anything from viruses to cryptojackers.

While phishing attacks usually are sent to many individuals, there’s a more personalized form called “spearphishing.” In that case, the hackers attempt to scam a specific person (usually a high-ranking officer at a company) by using information that’s available only to a select few people that the target knows.

So, how do you avoid being reeled in by phishing attacks?

The first option is to learn how to identify phishing attempts. Beware of messages from people you don’t know. Hover over a link before clicking it to make sure it navigates to the site it portrays. Most importantly, remember that if it’s too good to be true, it most likely is.

The second option is to install an antiphishing toolbar. This software prevents phishing by checking the links you click against a list of sites known to host malware or those that trick you into disclosing financial or personal information.

It then will prompt you, once it determines the link to be connected to one of those sites, and provide you with a path back to safety.

The best examples I’ve found are OpenDNS, Windows Defender Browser Protection, and Avira Browser Safety.

8. Encrypt Your Messages

If you’ve been following tech news in the recent months, you may have found an item about the FBI wanting to break Facebook Messenger’s encryption. Say what you will about the social network giant, but this news reveals one thing: Even the FBI can’t crack encrypted messages without help.

This is why you should always use “encryption mode” in your messaging apps. Apps like Signal, Telegram, and Threema all come with end-to-end encryption and support for text, calls, and even video calls.

If you require constant use of emails, ProtonMail, Tutanota, Mailinator, and MailFence are great alternatives to popular email services that actually monitor your email content.

9. Share Carefully on Social Media

Social media has become one of the best ways to keep in touch with important people in our lives. Catching up to everyone we care about is just a few clicks away. That said, we’re not the only ones looking at their profiles.

Hackers actually frequent social media sites as they hunt for any personal information they can steal. They even can circumvent your “friends only” information by adding you as a friend using a fake account. I don’t think I need to mention the problems hackers can cause once they’ve stolen your identity.

This is why you should exercise caution about what you share on social media. You never know if hackers are using the photos you share to target you for their next attack. You may want to skip out on filling out your profile completely. Avoid giving your phone or home number, and perhaps use a private email to sign up.

10. Update Frequently

You may have heard this before but it’s worth repeating now: Don’t ignore system updates. You may not be aware of it, but updates fix many vulnerabilities that could jeopardize your online privacy.

Most people put off installing updates since they always seem to come at inopportune times. Sometimes we just can’t put up with the dip in performance or Internet speed while updates are being installed.

It’s usually best to suffer what minor inconvenience they cause early rather than risk getting caught in the whirlwind of problems hackers can cause if you should get targeted. Most software and apps now come with an auto-update feature, so you won’t have to manually search and download them.

Bottom Line

Privacy is a human right, and our online privacy should be taken seriously. Don’t neglect to take the necessary steps to protect yours.

Beware of your Internet service provider, and always protect your login credentials no matter how strong they are. Remember to check the network you’re connecting to before you log in.

Watch what your browser and search engine are doing, and consider replacing them with more private ones. Prepare against phishing by learning to identify attempts and installing an antiphishing toolbar.

Always use encrypted messaging, and watch what you share on social media. Finally, never ignore system updates when they become available.

Follow these steps and you’ll soon be on your way to a more private browsing experience.


John Mason, an avid privacy advocate, is founder of TheBestVPN and serves as its chief researcher.

Protect Yourself Against Social Security Identity Theft

Retirement The PBS website for grown-ups who want to keep growing

By Amy Zipkin, Freelance Writer and Journalist, Next Avenue Contributor and Contributor to Forbes
Jan 17, 2018, 01:11pm

Last fall, after the Equifax breach, Jim Borland, acting deputy commissioner for communications at the Social Security Administration wrote a blog post on the agency website headlined “Protecting Your Social Security.”  He said: “A my Social Security account is your gateway to many of our online services. Create your account today and take away the risk of someone else trying to create one in your name, even if they obtain your Social Security number.”

I took Borland’s advice, since anyone 18 or older with a Social Security number, an email address and a mailing address can open a mySocialSecurity online account and maintain it for decades before claiming benefits. But fewer than nine months after I opened the my Social Security account, I received an unexpected email from the Social Security Administration. It said: My account was being deactivated at my request.

Why Was My Social Security Account Deactivated?

I was mystified since I hadn’t contacted the agency. And no one else had access to personal details to change my password. So I called the next morning and requested a direct deposit block on my Social Security account to prevent any additional suspicious activity. (Even though I don’t collect Social Security benefits yet, a block offers two apparent safeguards: It prevents changes to direct deposit information through a financial institution or through the Social Security site. And it prevents someone else from changing my mailing address through the Social Security site.)

Also on Forbes:

I also asked the Social Security Administration to notify its Inspector General about suspected fraud.

Then I tried to find out what happened.

The U.S. PIRG (Public Interest Research Group) website offered a possible clue. “With full name, birth date and Social Security number a thief can try to open a  my Social Security account in your name and change your direct deposit information to his or her checking account.”

It continued, “Coupled with other information that can easily be found online such as place of birth, a thief can try to claim your benefits over the phone.”

The Rising Trend in Compromised Social Security Accounts

My compromised account, it turns out, was not alone.

In its 2018 Identity Fraud Report, the Javelin Strategy and Research firm found nearly a third (30%) of U.S. consumers were notified of a breach in 2017, up from 12% in 2016, to the tune of $16.8 billion dollars. And for the first time, Social Security numbers were compromised more than credit card numbers in breaches. What this means, according to Javelin, is that 35% of individuals who were notified that their personal information was involved in a breach in 2017 had their Social Security numbers compromised.

One reason Social Security number theft is up: scammers seem to have shifted tactics. “Over the past couple of months, our helpline has received fewer reports of the IRS scam [a con artist pretending to be from the Internal Revenue Service, demanding money] while complaints about scammers impersonating the Social Security Administration have been on the increase,” said Amy Nofziger, an AARP expert on frauds and scams.

“I am aware advisories have been put out for consumers to beware of impersonation schemes,” said Mike Litt, Consumer Campaign Director at U.S. PIRG based in Washington, D.C.

How to Safeguard Your Future Social Security Benefits

How do you safeguard your Social Security benefits if you are months or even years away from collecting them?

Perhaps its counterintuitive, but experts recommend signing up for a my Social Security account and closely monitoring it.

The way to do that, says Mike Litt, consumer campaign director at U.S. PIRG, is by logging into your Social Security account regularly and checking your personal information, such as your address or date of birth. If you see changes to the information you entered when you opened the account or information that doesn’t belong to you, contact the Social Security Administration (800-772- 1213 or by email: https://secure.ssa.gov/emailus).

“It may mean someone has tried to claim your benefits, perhaps by telephone,” Litt said.

To report possible fraud or identity theft, Nofziger suggests casting a wide net. “The more reporting entries the better,” she said. Besides the Social Security Administration Office of the Inspector General, the Federal Trade Commission and the Senate Select Committee on Aging fraud hotline 800-303- 9470 are options. (Note: The Federal Trade Commission is currently closed due to the lapse of government funding.)

If You Have a Password Problem

The Social Security Administration says that if you have password problems with your my Social Security account, call Social Security and answer “helpdesk” when the auto prompt asks the nature of your call.

The Social Security Administration uses Equifax credit reports for personal identification verification. “If a person has a security freeze, fraud alert or both with Equifax, a my Social Security account could not be created,” the agency said in an email.

While reporting this story I checked back with the Office of the Inspector General to find out why my account was closed without my authorization. “Due to privacy and law enforcement concerns, we cannot comment on any investigative action we take on the allegation going forward,” communications director Andrew Cannarsa wrote in an email.

After checking my credit report and making sure it was accurate, I then opened another my Social Security account. The block is still in place and Social Security sent me a confirmation. But if I call to request direct deposit or mailing address agencies, the agency said, I may be asked to visit my local Social Security office to confirm my identity.

—————————————————–

America is in the midst of an age boom and with it, an amazing transition. In general, those over the age of 50 are expected to live longer than any previous generation. Enter NextAvenue.org, a public media website devoted to the aspirations and concerns of grown-ups who …

Next Avenue is public media’s national journalism service for America’s booming 50+ population. Part of the PBS system, Next Avenue’s daily content delivers vital ideas, context and perspectives on issues that matter most as we age.

 

5 Technology Trends Impacting State and Local Governments

Contributed by the Community Editorial Team at Comcast Business
View Profile

ComcastBusiness

March 01, 2018

State and local governments stand at the cusp of a technology renaissance, as new offerings and services are available to help agencies serve their constituents faster, more effectively and more efficiently. Technologies that once were thought of as “bleeding edge” now are increasingly ubiquitous, enabling government agencies to become more customer-centric in myriad ways, from answering billing queries to proactively identifying when customer data is being targeted by cybercriminals.

Read our white paper and view the infographic.

 

According to research firm Gartner, government CIOs expect to spend 28 percent of their 2018 budget on digital initiatives designed to increase the value of government to constituents.[1] Technologies such as analytics, automation, artificial intelligence and even autonomous vehicles all have the potential to enable governments to offer services and aid their citizens in ways that not only can improve the customer experience, but also save governments time, money and labor.

Imagine logging on to a government website and being “recognized” through facial recognition, then “telling” the site what you’re looking for in plain English and receiving the results instantly. Or imagine a self-driving maintenance truck that “sniffs out” and automatically fills potholes without human intervention.

On the surface, this may sound like the stuff of science fiction. But these scenarios are coming closer to being reality, as technologies such as artificial intelligence and autonomous vehicles are moving closer to the mainstream. And their effect on state and local governments would be transformational in providing services and keeping citizens safe from physical and cyber perils.

TECHNOLOGIES TO WATCH

The scope of technologies that can impact government services—and, in turn, our lives—is far-reaching, from robots that clean parks to systems that can create personalized cybersecurity by observing and learning from users’ behaviors. Some technologies are still more bleeding-edge than leading-edge, while others have the potential to be in service—and of service—today.

Five technologies in particular—artificial intelligence and robotics, autonomous vehicles, digital government, automation, and efforts to increase cybersecurity—demonstrate value to state and local government initiatives.

ARTIFICIAL INTELLIGENCE AND ROBOTICS

Of all the technologies that can reap the largest benefit for governments, artificial intelligence is perhaps the one most likely to have the biggest impact. In fact, a number of agencies already are using AI to handle tasks quickly that otherwise would take much longer for humans to do, such as sorting through massive amounts of paperwork to find relevant information.

Law enforcement agencies are looking at artificial intelligence as a weapon to help fight crime by improving video surveillance, spotting criminals in crowds through facial recognition, and even helping reduce the amount of time police officers spend writing reports.

Beyond artificial intelligence, robotics is becoming a way for agencies to spend less and do more. Consultancy firm Deloitte highlights the coming of process robotics, which it describes as “… computer-coded, rules-based software that uses ‘bots’ to automate repetitive, rules-based tasks otherwise performed by humans. Requiring minimal system integration, bots can be deployed in as little as a few weeks depending on the complexity of the process.”[2] Any high-volume, rules-based work can be performed by process robotics, which helps free employees to focus on more valuable customer-facing activities.

Bots are already being used by agencies to help improve customer service. Chatbots in particular are being used to answer questions via the web without the need for customer service agents—a technology especially useful for agencies that are understaffed and don’t have dedicated customer-facing employees.

Deloitte estimates that employing AI technology in the government space could free up as many as 1.2 billion working hours every year, saving $41.1 billion.[3]

AUTONOMOUS VEHICLES

While much of the conversation around government and autonomous vehicles has focused on legislating such technology, governments can benefit from the use of autonomous vehicles in multiple ways. Another Deloitte study notes that, as end users, agencies not only can improve their government-operated fleets, but also further the concepts of shared mobility and “other new types of travel through their procurement decisions.”[4]

The federal government operates a fleet of more than 600,000 vehicles, including U.S. Postal Service trucks and General Services Administration vehicles leased to various agencies.[5] In 2016, USPS vehicles were involved in about 30,000 accidents nationwide, resulting in about $67 million in repair and legal costs.[6] As a result, the agency is considering autonomous vehicles for its fleet, not only to help improve safety but also to increase productivity of letter carriers, who could ready the mail for deliveries during transit.

At the state and local level, highway maintenance departments could dispatch autonomous trucks to repair road damage such as potholes or broken curbs, clean debris from roads following a collision or events such as a parade, or clear snow and ice from roadways during inclement weather. Public transportation can also be a potential target for autonomous vehicles to help municipalities save on labor costs while keeping their fleets moving.

While autonomous vehicles can have the ability to negatively impact state and local budgets—the amount of revenue generated by traffic tickets is certain to decrease due to anticipated safer driving by autonomous vehicles—governments potentially have more to gain than lose from the technology, including decreased labor costs, increased productivity and lower legal costs related to vehicle accidents.

DIGITAL GOVERNMENT

The term “digital government” is an umbrella term used to describe technologies such as mobile services, common online identities and crowdsourcing—all designed to streamline services and improve the end-user experience.

Mobility in particular is an area where governments at all levels can increase the quality of their services and the efficiency of their employees. Apps can be used to access information quickly and easily, enabling citizens to, for example, see in real time where tree-trimming crews are slowing traffic or virtually check in to the local DMV office to avoid waiting in line. Mobile apps also can help government employees working offsite and in the field. Building inspectors can get instant access to building plans, permit applications and more, for example. Parks and recreation department workers can see the location and working status of every water fountain connected to an internet of things (IoT) sensor. And transportation department employees can remotely change the status of digital signage to alert motorists of changing traffic conditions.

Back-office systems that facilitate common identities for constituents also can help improve the user experience, especially when dealing with multiple agencies. Much like users can log on to various websites by connecting with social media sites such as Facebook, government agencies can use common identity systems to help simplify the process of accessing various agency sites to accomplish tasks, such as checking on the status of a request filed with the zoning commission or filing a police report for a hit-and-run traffic accident.

Crowdsourcing, once the purview of sites that harness user opinions to make recommendations on restaurants, hotels and more, is now joining the government fray, as more agencies are depending on the “wisdom of the crowd” to help collect and disseminate information. The federal government has established a site, citizenscience.gov, to help agencies encourage public participation to accelerate innovation. It features federal citizen science efforts in climatology, ecology and disaster response, among others, to help “engage the American public in addressing societal needs and accelerating science, technology, and innovation,” according to the site. At the state and local level, crowdsourcing can be used by agencies to gather real-time traffic information, monitor power outages and collect other data important to citizens, providing facts to the minute and on the fly.

AUTOMATION

Consultancy firm KPMG pegs automation as “the next step in government’s digital transformation,”[7] and with good reason: Automation is perhaps the most useful technology in terms of impacting government services from both the agency and the constituent perspectives. In particular, process automation can free employees from mundane tasks such as filing paperwork to concentrate on more meaningful projects or tasks that require their full attention, such as addressing constituent issues.

Automation is one step below artificial intelligence on the technology ladder; however, interest in “intelligent automation” is growing as a way to further enhance productivity while improving accuracy. Chatbots are a simple example of intelligent automation, while IBM’s Watson with its cognitive analytics, which has the ability to learn and solve problems, offers a prime example of more complex intelligent automation.

Automation is not a new concept in government or other industries, for that matter. However, as advances in artificial intelligence and robotics continue, automation will take on a much more important role in helping governments run efficiently and providing more valuable citizen services.

EFFORTS TO INCREASE CYBER SECURITY

As more processes and constituent interactions occur digitally, governments must do more to protect sensitive and valuable data from cyber threats. No longer should agencies worry about whether their systems will be breached; rather, they should worry about when their systems will be breached.

Researchers estimate damages from cyber crime will amount to $6 trillion worldwide annually by 2021.[8] Included in that amount are damage and destruction of data, embezzlement, stolen money, restoration and deletion of hacked data and systems, lost productivity, theft of intellectual property, forensic investigation, theft of personal and financial data, fraud, post-attack disruption to the normal course of business, and reputational damage.

As cyber threats continue to surge, so does the demand for qualified cyber security talent. However, a recent study by the Center for Cyber Safety and Education predicts there will be a worldwide shortage of 1.8 million skilled security workers by 2022.[9] Agencies must look for new and innovative ways, then, to secure their data and keep their systems safe from breaches and malicious activity.

The cloud is emerging as one tool in the fight against cyber crime, as technologies such as cloud workload protection platforms show promise in keeping data protected no matter where data resides—on-premises, in virtual machines or in cloud environments. Deception technologies, which are designed to throw off a would-be attacker, also can help, as well as endpoint detection and response solutions and network traffic analysis capabilities.

Artificial intelligence shows the biggest promise in improving cyber security, and is the technology upon which many of the new security solutions are based. It is evident that artificial intelligence will serve as the backbone for many, if not most, of the technologies powering the next generation of government services.

HOW THE NETWORK MATTERS WITH NEW-GENERATION TECHNOLOGIES

State and local governments are quickly reaching the point where adoption of new technologies is inevitable. Indeed, the efficiency and effectiveness of any government agency is dependent on the technologies it uses to provide services and protect the health and welfare of its citizens.

In preparing for their impending technology renaissance, agencies first must prepare their networks to certify they are able to handle the increase in demand. Artificial intelligence, cognitive computing, mobility and other technologies can stress the bandwidth of traditional networks and impact performance.

Agencies need to ascertain if they have the right foundation for both customer-facing and back-office operations, as well as new opportunities yet to be imagined. Today’s efficient networks comprise multiple technologies and platforms all chosen to ensure the solutions they support operate at peak performance without issue.

In building a network for the next generation of government services, agencies should consider an environment that includes both on-premises, cloud, and networking technologies such as SD-WAN and high-speed broadband to make certain traffic is handled efficiently over any type of network. And networking components such as WiFi and unified communications can ensure users of the network—employees and constituents—interact with each other using their preferred method of communication.

To help ease stress on an agency’s current network—not to mention the daily burden on IT managers—managed services can be utilized to offer certain constituent services, such as bill payments, without further impacting the network. Managed services can be used to help tie disparate systems together and “fill in the gaps” as agencies update their current infrastructure, and can prove useful even after networks have been upgraded.

Working with a network service provider can help ease the burden associated with building and maintaining a network capable of handling the bandwidth-intensive needs of the next generation of government services. By working with a third-party network services provider, agencies can leverage virtual and physical private Ethernet connectivity to assure critical applications perform as expected. They also can receive all or some of their most critical connectivity functions as a managed service, including managed connectivity, WiFi, security, voice and business continuity, among others.

CONCLUSION

New technologies loom on the horizon to help government agencies better serve their constituents, from answering billing queries to protecting sensitive data from cyber threats. The network on which these technologies run must be robust and flexible enough to handle the traffic and bandwidth demands of today and beyond.

View the PDF.

View the infographic: Trends in Government

 


[1] “Gartner Survey Finds Government CIOs Spend 21 Percent of Their IT Budget on Digital Initiatives,” press release, Gartner, April 25, 2017 https://www.gartner.com/newsroom/id/3693017

[2] “Process robotics in the federal government,” Public Sector Solutions web page, Deloitte, https://www2.deloitte.com/us/en/pages/public-sector/solutions/federal-government-process-robotics.html

[3] William D. Eggers, David Schatsky, Dr. Peter Viechnicki, “How artificial intelligence could transform government,” executive summary, Deloitte, April 26, 2017, https://dupress.deloitte.com/dup-us-en/focus/cognitive-technologies/artificial-intelligence-government-summary.html?_ga=2.17808368.871295872.1509472479-881865455.1507121216

[4] RJ Krawiec, Vinn White, “Governing the future of mobility,” Deloitte, Aug. 3, 2017, https://dupress.deloitte.com/dup-us-en/focus/future-of-mobility/federal-government-and-transportation-of-the-future.html

[5] Ibid

[6] “Autonomous Vehicles for the U.S. Postal Service,” report, USPS Office of the Inspector General, Oct. 2, 2017, https://www.uspsoig.gov/sites/default/files/document-library-files/2017/RARC-WP-18-001.pdf

[8] “Official 2017 Annual Cybercrime Report,” Cybersecurity Ventures, October 2017, https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/

[9] “Global Cybersecurity Workforce Shortage to Reach 1.8 Million as Threats Loom Larger and Stakes Rise Higher,” news release, Center for Cyber Safety and Education, June 7, 2017 https://www.isc2.org/News-and-Events/Press-Room/Posts/2017/06/07/2017-06-07-Workforce-Shortage

 

How technology is tackling human trafficking

18/07/2018
By Alexon Bell, Global Head of AML and Compliance at Quantexa
Contributor to Global Banking & Finance Review

 

Technology is both a blessing and a curse for officials fighting against human trafficking.

With the rise of social media and a world growing smaller through communication platforms, alongside the accessibility of online advertisements and encrypted messaging apps, traffickers have a host of technologies at their fingertips to help entrap victims, advertise their services and cover up the trafficker’s own illegal activity.

However, new technologies are becoming increasingly sophisticated and are playing a key role in eliminating human trafficking. Some are used to discover and rescue victims, others to identify networks of perpetrators. Many of these advancements are beginning to empower governments to source the root of trafficking rings and stop the activity at its core. In turn, this puts a new and heavier responsibility onto banks and corporates to innovate and improve their systems to themselves spot any nefarious activity and feed this back into the global effort against trafficking.

Spotting victims

At the heart of each case of human trafficking is a victim, but knowing the identity of this victim is difficult. Hundreds of images of abused children are shared online every day – even if all of these are flagged, many will be duplicates of cases that have already been actioned. Understanding whether an image is a duplicate or a new photo – which would require a new response from law enforcement – is difficult as such images are hard to track.

Previously, traffickers wanting to proliferate an image could make small tweaks to it, such as adding marks or a resizing the photo. This creates a distinct image, making it impossible to trace back altered duplicates using traditional methods.

Now, technologies are being used to outsmart traffickers and distinguish new and existing images faster. For example, Microsoft PhotoDNA imposes a fine grid over an image and assigns a numerical value to each square, representing the “hash” – like a DNA signature for the image. Rather than scanning for whole images, the program matches a numerical hash against a database of known illegal images to match duplicate images instantly.

To help law enforcement turn this innovation into positive action, Thorn – a tech start-up founded by Ashton Kutcher and Demi Moore to fight child sexual abuse and trafficking – has partnered with Microsoft to allow organisations to add to and access a centralised hash sharing database. New images that have not been hashed are reported as belonging to a new victim – meaning law enforcement is alerted to a new victim sooner. This accelerates victim discovery and therefore, hopefully, rescue.

Preventing victim entrapment

Many perpetrators of modern day slavery use contract substitution to entrap their victims. Recruiters offer a lucrative contract to lure individuals abroad, but this is then reworded – often in a language the victim does not understand. Innovators are hoping that blockchain technology may soon help prevent this deception, if governments were to only issue visas when signed contracts are confirmed by the blockchain as matching those originally provided to the individual.

Finding traffickers

Traffickers can use technology to obscure their activity, but technology is also revolutionising the way officials are finding criminal networks. The key is joining the dots of information from NGOs, news sources, databases of known traffickers and details available to institutions such as banks.

Traditional human intelligence is gathered on the ground in a particular country by charities, looking at news sources, hearsay and other resources at their disposal. With many charities operating within one country alone, and much trafficking happening between countries, this information often then needs to be shared with governmental and intra-governmental organisations to compile a profile of a trafficker or activity more broadly. This traditional intelligence, however, is usually not enough to rapidly identify a network of traffickers.

Now, institutions like banks are helping combine this human intelligence with innovative technologies which joins the dots of information from these organisations with the bank’s own internal data and other third party sources. Using big data, artificial intelligence software is able to find links between individuals and their transactions, addresses, associates and company ties, alongside a mass of other relevant information which may suggest nefarious activity when seen in its proper context. By resolving these separate entities, AI tech can build a detailed picture of a criminal’s network, putting an individual transaction or relationship in its wider context. Using a combination of human intelligence and digitally compiled insight, organisations can identify traffickers and their connections.

While some technologies are accelerating trafficking, others are vital in tackling against this devastating crime. The combination of human intelligence, artificial intelligence and the sharing of information is starting to pay dividends.

Whether helping to identify victims, preventing them being ensnared or detecting traffickers themselves, innovative technology is helping at every stage of the fight against trafficking, enhancing processes to make every effort more efficient, effective and accurate – and, ultimately, life-saving.

————————————–

Side note to this article/report by Alexon Bell: I will be following up on the human trafficking issue in the near future with a Commentary. It will include key links to Fact Sheets, Quantexa’s specific involvement, including other organizations on the front lines. You may consider becoming involved (directly, donations to key organizations, etc.), and those sources will be added as well.

Bill Owen – TechNewsBlog.net