Thursday, 27 June 2013

UK World Number One for Phishing Scams

Despite the cloud, high-speed fibre-optics, and all of the new technologies sweeping the Internet, there is still an easy way to steal from people online: simply ask. This surprisingly low-tech method, known as ‘phishing’, happens all over the world. However, the UK appears to be the scam artist’s favourite target.

According to an analysis by Kaspersky, roughly 3,000 UK residents per day were targets of phishing attacks during 2012. Not only is that the highest of any nation the world, it also represents a tripling in the number of attacks over the previous year.

On a worldwide scale, Kaspersky estimates more than 100,000 people are victims of phishing scams daily. That's also an increase, but only a doubling over the previous year. Kaspersky says the highest percentage of phishing scams are based in the United States with the UK hosting the second largest amount.

A phishing scam works by sending out mass e-mails disguised as coming from a legitimate company. The e-mails request consumers do something like verify account details, register credit cards, and so on. When a user clicks on one of the links, he or she is taken to a website designed to look legitimate, even though the scammers operate it.

In the past, phishing attacks have been disguised to make it appear as though they are coming from well-known sites like Facebook, Google, Bank of America, and many more. Unsuspecting Internet users who do not pay attention to these links end up giving away personal information that make it possible to steal their identities and finances.

Interestingly enough, Kaspersky says the majority of phishing attacks are designed to steal account information from Facebook, Yahoo, Google, and Amazon accounts. The prevalence of social media in worldwide Internet use gives us a hint as to why.

With Facebook for example, Internet users have access to so many more sites that have partnered with them for customer logins. If the scammer can get hold of a Facebook identity, there is no telling how many other web accounts he/she can access. It is nothing short of an identity management nightmare.

Victimised by Quality

Kaspersky went on to say that phishing scammers find the UK attractive because of the quality of networks and Internet service. That quality means there are more people online, more robust networks, and more resources hackers can use to steal the information they want. It is a case of the UK being victimised by its own technology advancements.

The lesson to be learned here is that the nefarious among us will never be completely stopped by simply passing new laws and increasing penalties. Protecting oneself against scams requires being careful with Internet use. Educating consumers is a good start.

For example, we've been able to change attitudes regarding things like smoking and climate change through relentless public-relation campaigns and education. The same can and should be done regarding Internet security. Phishing can be stopped, for the most part, by providing a much higher level of education and awareness of the matter.

Monday, 24 June 2013

UK Government to Spend £4M on Cyber Security Awareness

We start off this week's data centre news with a story out of the Home Office. Last week the government department announced a plan to spend £4 million on programs to raise awareness about cyber security issues. The money will be spent primarily on an education and marketing campaigns designed to grab the attention of small business owners.

Not surprisingly, industry experts lauded the move. One after another spoke about the need to educate business owners as well as the ongoing contributions necessary from government. Many industry experts echoed the belief that although £4 million is but a drop in the ocean, it's enough to get the process started.

No specific details of the program have been released except to say that the Home Office will be soliciting bids initially from PR, media, and creative enterprises. Why that particular sector was chosen is unclear. It could be because it is closely tied to information technology and would therefore stand to benefit from increased cyber security measures.

The program will be launched this autumn, according to news reports. The Home Office has indicated that the marketing and educational programs will be the result of combined efforts between the government and some of its private sector partners. Who those partners are, and what they will contribute, remains to be seen.

In all likelihood, the initial investment will go almost entirely to marketing and basic education through the publication of appropriate literature. Hands-on training or classroom-style participation is highly unlikely. Therein may lie the one red flag attached to the program.

Will "Marketing" Be Enough?

Despite the enthusiasm surrounding the project, those of us in the IT sector should not get too excited too quickly. We must ask the question of whether government marketing will be enough or not. Obviously, it will not be enough to completely solve the cyber security issue. But will it even be enough to make a significant dent in the problem?

It's not as though business owners are not aware of cybercrime and its related issues. We all live with it on a day-to-day basis. So, if that's the case, why aren't small businesses doing more to secure their computer systems now?

Perhaps it is a matter of ignorance – ignorance that can be done away with through government education and marketing. However, perhaps it's something more. Could it be that small businesses simply do not have the money to beef up cyber security? Could it be that many business owners consider the expense of cyber security unnecessary overkill?

If the government initiative is to be fruitful, these questions need to be asked – and answered. We know that, historically, simply throwing money at a problem does not fix anything. It is no different in this case. It is fine to raise awareness of cyber security issues among small business owners. Nevertheless, the additional step of finding out what it will take for them to implement security measures must also be part of the equation.

Thursday, 20 June 2013

California Power Companies to Invest in High-Tech Storage

Few places in the United States are as progressive about green energy as the state of California. As the most populous state in that country, California also leads the way in America's power consumption.

That said, it should come as no surprise that the state's Public Utilities Commission has ordered power companies to provide one third of their energy from renewable sources by 2020. In order to achieve the established benchmark, California's power companies will likely be forced to invest in high-tech storage systems. At current production rates, they will not be able to reach the 30% goal without adequate storage.

In order to ensure storage investment is realised, the Commission recently proposed a regulation that would require power companies to acquire up to 1325 MW of storage capacity over the next 15 years or so. Such voluminous capacity would require investments of somewhere between $1 billion and $3 billion.

According to sources, if the proposal is eventually enacted it would double the amount of storage capacity in California connected to the nation's grid. The total storage capacity realised by the additions would be roughly equivalent to the combined storage existing globally at the current time. That's significant for an industry with such lofty goals.

In order to design and build viable power storage systems, the industry will have to look at both lithium-ion and molten salt technologies. Lithium-ion is more of a short-term storage solution designed for excess power that will be quickly turned over and put back into the grid. Molten salt is designed for long-term storage needs.

The additional storage will enable California's power companies to make better use of both solar and wind generating capacity. At peak production times, excess energy can be stored for later use when the wind is not so strong and the sun is not shining. However, it should be noted that increased storage capacity, by itself, will not solve the inherent weaknesses of solar and wind power generation. Other forms of renewable energy must be added to the equation.

Benefits to the IT Sector

Adding energy storage to national power grids benefits everyone, but perhaps its biggest benefits are to the IT sector. The power and cooling needs of data centres, for example, represent one of the largest single commercial energy consuming components in the modern era. That's why so many new data centre projects are including infrastructure and strategies that take advantage of renewable energy sources.

The IT sector would most benefit from lithium-ion storage capacity because it stores electricity that is ready for immediate use. Molten salt storage is better suited for generating additional electricity that can be added to the grid at whatever time is most suitable.

In either case, power-hungry IT technology is only creating further need for renewable energy storage heading into the future. The failure or success of the plans in California will go a long way in determining the role of green energy as it relates to information technology.

Monday, 17 June 2013

Cloud Gives Rise to New School

When you were in school, did you ever have a teacher tell you to "get your head out of the clouds" and pay attention? That age-old saying may take on new meaning if the vision of MIT professor Sugata Mitra is realised. Mitra recently laid out his ideas at the TEDGlobal conference in Edinburgh.

TED conferences are events held all over the world to introduce innovative ideas across a wide range of sectors. Some have likened the conferences to a combination of educational lectures and live white papers. Mitra's "school in the cloud" presentation certainly fit right in with what previous TED conferences have touched on.

The subject of Mitra's presentation was a cloud-based school similar to another platform already in use. Known as edX, the platform is the brainchild of Professor Anant Agarwai, and has already enrolled one million students from underdeveloped countries around the world. Some of the biggest names in higher education are providing the materials for the online school.

Agarwai started the cloud-based school as a non-profit enterprise out of a sincere desire to change the current educational model. Agarwai believes continuing the centuries-old practice of bringing students together in a brick-and-mortar classroom is to waste the advantages offered by today's high-speed data communications.

By providing computer technology and Internet access to underdeveloped countries, the cloud makes it possible to offer a comprehensive education in places where it would otherwise not be possible. The edX platform goes beyond cultural and economic barriers to offer educational programs from a list of partners that now numbers more than two dozen.

Perhaps the crowning achievement of the platform is the fact that education powerhouses like Harvard and MIT have contributed tens of millions of pounds. If plans go forward as envisioned, edX will eventually be self-supporting through course licensing fees. For now, however, it will continue to operate through the generosity of its financial partners.

Getting back to Mitra, he was recently awarded a prize in excess of £630,000 to set up a series of similar cloud schools. The TED award will be used to set up three schools in India and an additional two in the UK. The schools will be built as individual buildings with one central room housing student computers and an oversized computer monitor. The schools will utilize Skype and other technologies to communicate with students remotely.

The Good Side of Technology

It is good to see individuals like Sugata Mitra and Anant Agarwai present their ideas to such receptive audiences. It shows that technology has a good side, despite all the stories we hear about negative things like hacking and cyber-spying. Here is a case in which the finest the IT industry has to offer is being put to the best possible use.

If the cloud school idea goes well enough to make the organisation self-sufficient, that would be optimal. However, here's hoping the generous donations keep flowing just in case. It would be unfortunate to lose such a valuable resource over lack of funding.

Thursday, 13 June 2013

Facebook Data Centre "Rainstorm"

Back in 2011, Facebook experienced a rather unexpected phenomenon occurring inside their Prineville, Oregon data centre. Apparently, the right set of conditions converged inside the data centre to create a rain cloud that soaked the company's servers in water. Workers inside the data centre could actually hear power supplies blowing, one pop after another.

The problem began when the building's cooling system malfunctioned. At that facility, Facebook uses only outdoor air to cool the data centre, primarily because it requires significantly less power than traditional cooling methods. This type of cooling is fine as long as air temperatures and humidity levels are kept in check. However, the malfunctioning system did not do that.

The system allowed air temperatures to exceed 26°C and the humidity to go above 95%. If you are guessing condensation was the result, you're absolutely correct. The condensation was great enough that it actually formed a visible rain cloud inside the data centre. When the building's cooling system eventually failed entirely and began circulating low humidity, high temperature air, that cloud turned to liquid.

Facebook VP of infrastructure and engineering Jay Parikh acknowledged the problem at the time saying, "this is one of those things." He went on to explain that when a data centre uses 100% external air for cooling purposes, the risk of such problems is always present. Unfortunately, Facebook did not anticipate issues serious enough to protect its servers. That has since changed.

The company is still using the outdoor air cooling system, but now all of their servers and power supplies are sealed in a layer of protective rubber. Should it ever rain at Facebook again, no damage will be done.

A Day in the Life of the Data Centre Manager

We are sure the Facebook episode put a smile on the faces of IT professionals everywhere. It just goes to show what a day in the life of a data centre manager can truly be like. No matter how advanced a power and cooling system is, no matter how robust the architecture, freak events do happen - serious events that can completely disable a server.

Although such events are rare in relation to total uptime, the possible risks are always in the minds of managers at hosting companies, collocation facilities, and data centres. As we reported earlier regarding Sears Holdings Corp., what appears to be a minor equipment breakdown can end up in a full-blown disaster capable of costing a company millions of pounds.

The other important component to this story is its demonstration of just how difficult cooling a data centre can be. When you are talking about hundreds of servers in an individual location, you're also talking about tremendous amounts of heat being generated around the clock. Without a good cooling system, it simply wouldn't be possible for us to maintain the Internet as it is.

It is fortunate that Facebook's rain cloud incident isn't something that's happening to the world's biggest servers every day. Otherwise, we'd all be very wet!