web analytics

Frances Coppola writes about financial bubbles. She says the market for crypto-currencies shares characteristics with earlier bubbles like Dutch tulips and dotcom stocks. Which means a crash is underway. That’s not just Bitcoin, but all of the crypto-currencies.

The remarkable aspect of this is that everyone couldn’t see it coming. As Coppola points out some investors still don’t accept the likelihood of a crash.

It will be interesting to see what remains after things settle down. The idea of a blockchain isn’t going away, but the, at times irrational, enthusiasm  for crypto-currency could be coming to an end.

Microsoft is cutting ‘several thousand’ employees, mostly in its sales organization, following a reorganization earlier this week.

Source: Microsoft to lay off ‘several thousand’ employees | ZDNet

Mary Jo Foley writes:

“One source close to the company said Microsoft would be cutting “several thousands” of employees. CNBC said Microsoft would be shedding up to 3,000 employees, but didn’t cite the source of that number.”

Microsoft has been here before. The company cut around 10 percent of its staff in 2014. That was mainly to do with the failed Nokia devices acquisition.

If the 3,000 number is correct, that’s around 2.5 percent of the employee total.

Sure, it’s a smaller number, but there’s a danger Microsoft is in a place where it has continuing rounds of redundancies. If you want to know how that story ends, look at IBM. The company never recovered once it started making big cuts to its staff numbers.

Cuts are not good for company moral. Employees constant wonder who is next. They become cautious, take fewer risks, play only the safest bets. This kills innovation culture.

Stressed survivours

Those left behind are often stressed. The more employable workers evaluate their prospects. Often, in technology companies the best, most valued employees — even the ones left after a round of cuts — decide they may be better off elsewhere anyway.

IBM’s cuts became a destructive vicious cycle that, eventually, undermined the company’s ability to innovate and serve its customers. They may have unleashed short-term value to shareholders, but the board ended up killing the golden goose.

Microsoft is not yet at that point. This is a trimming exercise. Most of the jobs that will go are in sales and the company is in transition to a new model where it will emphasis its Azure cloud computing over traditional product lines.

Yet, the jobs-cut-easy-fix can become an addictive and damaging habit. If it happens again in the next year or two, you can take it as read Microsoft is doomed to irrelevance.

The cloud only holds a fifth of the enterprise workload, which means there is time for the enterprise to decide the risks are not worth the rewards.

Source: When the Cloud Becomes Just Normal Infrastructure

After ten years of writing about Cloud Computing, it’s easy to lose sight of how far the technology still has to go. And as Arthur Cole points out in the linked story, cloud native applications are only 15 percent of the total. The number is likely to be higher in New Zealand, but all the same, the cloud is still smaller than we sometimes think.

 

NotPetya

Victims of the NotPetya ransomware attack can’t get at their own computer data even if they pay the ransom.

NotPetya is an attack on a grand scale causing a huge amount of disruption. Many victims are large companies in Europe. It has also hit American businesses. You may see this referred to elsewhere as Petya.

At the time of writing the impact on New Zealand doesn’t appear to be major. But then, unlike other countries, there is no compulsory attack notification here. That gives local companies lee-way to paper over their security cracks.

CertNZ offers advice for New Zealand. It includes the usual, but always wise, call to make sure everything is patched up-to-date.

Give us your Bitcoins

Computers hit with the malware show a message demanding a ransom payment of around NZ$500 in Bitcoin. There’s a mail address for victims to use when confirming their payment. The mail service provider has since shut-down the account.

Whatever the rights and wrongs of that action, it makes life even harder for the victims. They can no longer contact the attacker to get the decryption key needed to unlock their data.

NotPetya first emerged in Ukraine. Early reports there say it hit the nation’s government, banks and utilities. It appears that country has suffered more than elsewhere.

Russians fingered

This may, or may not be coincidence. Ukraine blamed earlier attacks on the nation’s infrastructure on Russian organisations. There’s some evidence of Russian state involvement. There is a slow-burn war between the two countries.

Some analysts say the recent attack uses a revamped version of an earlier ransomware. Others suggest it is a new form of ransomware not seen before.

NotPetya is the second huge ransomware attack in as many months. It won’t be the last. These look set to be a regular feature of modern life. Think of it as a new normal.

Last month’s WannaCry ransomware affected 230,000 computers. Among other things it damaged the UK’s National Health Service computers. Spain’s main telco and German state railways were also on the receiving end.

A Symantec press release says the new attack uses the same EternalBlue exploit as WannaCry. America’s National Security Agency developed EternalBlue and used it for five years.

WannaCry used mail systems to infect computers. It appears that’s not the way NotPetya is spreading. It is what security people describe as a worm. That is, a program that makes copies of itself to spread to other computers.

NotPetya, not kill switch

Defenders saw off WannaCry when researchers found a software kill switch. This meant they could turn it off. There is no kill switch in NotPetya.

As you’d expect Symantec says its software protects its customers against the attack. The company says it is not yet clear if this attack targets specific victims. Worms are hard to target, the criminals set them up and let them wreak havoc.

Ransomware is big business for the criminal gangs behind the attacks. It also fuels the computer security industry which grown 30-fold in the past ten years. Today it has an annual turnover of more than $100 billion.

Mandatory data breach reporting has been on the agenda in New Zealand for some time. While they may have some ground to make up on the rugby field, it is one area where our trans-Tasman cousins have stolen a march on New Zealand.

Source: Mandatory data breach reporting in Australia | ITP Techblog

New Zealand is falling behind best practice when it comes to data breach reporting. Where other countries have laws, we have guidelines. There are no formal penalties for failing to report a breach although failure to report may be held against an organisation if there are legal consequences.

Privacy is important and is being eroded all the time. Let’s put a stop to that. It’s time to step up efforts to put a mandatory system in place with fines for non-compliance.