Tech Friday with Dave Hatter- January 8th 2021 - SPONSORED BY INTRUST IT


Digital Currency:

- The money we use is changing fast thanks to the convergence of various technologies including encryption and distributed ledgers (blockchain)

- The future of money is digital. The technology is rapidly advancing and governments are scrambling to catch up

- Most of the world’s central banks are now experimenting with some form of central bank digital currency.

- China is planning to roll out the digital yuan for use at Beijing restaurants, hotels and stadiums during the 2022 Olympics

- "A cryptocurrency is a digital or virtual currency that is secured by cryptography, which makes it nearly impossible to counterfeit or double-spend. Many cryptocurrencies are decentralized networks based on blockchain technology—a distributed ledger enforced by a disparate network of computers. A defining feature of cryptocurrencies is that they are generally not issued by any central authority, rendering them theoretically immune to government interference or manipulation." - Investopedia

- The most well-known cryptocurrencies are Bitcoin, Ethereum, Ripple and EOS

- Bitcoin, the first cryptocurrency, has skyrocketed value in recent years, as of this email, a single "coin" is trading at $39,092.10

- Cryptocurrencies allow the transfer of funds with no intermediary institution. A user's "wallet," has a public key, while the private key is known only to the owner and is used to sign transactions

- Fund transfers are completed with minimal processing fees, allowing users to avoid the steep fees charged by banks and financial institutions for wire transfers. And their anonymity benefits whistleblowers, activists living under repressive government and people who want to maintain privacy

- Some cryptocurrencies are more private than others

- There are some drawbacks. Fund can be lost or stolen, and prices can be unpredictable may swing wildly, see Bitcoin for example

- The fluctuation make them hard to depend on for everyday people as does the need to convert physical to digital

- Another disadvantage is that the private nature of cryptocurrency transactions can lead to their use for criminal activities

- Stablecoins are one attempt to stop the fluctuation by tying the value of to stable assets, often fiat. Fiat is government-issued currency which tends to stay stable over time

- Usually the entity behind the stablecoin will set up a “reserve” where it securely stores the asset backing the stablecoin, maybe money in a bank account

- Governments are way behind and in many cases seem to be making decision that will hinder the use and limit the privacy of these technologies

- For example, a recent a U.S. Treasury Department proposal would apply know-your-customer (KYC) requirements to private cryptocurrency wallets

- This rule imposes government surveillance on transactions by people who store cryptocurrency in their own wallets rather than professional wallet service

- J. Christopher Giancarlo, former chairman of the U.S. Commodity Futures Trading Commission, said "A free society deserves better than to explore the future of money in a truncated, year-end comment period. The Treasury Dept. should extend it. Ultimately, Congress must step up and balance the competing interests of state surveillance and law enforcement versus the economic privacy rights of a sovereign people. Congress is long overdue in shaping a constructive regulatory framework for cryptocurrency. Without it, we are squandering our chance to shape a digital future of money that’s worthy of the world’s oldest democracy."

- There is a good guide to cryptocurrency here:https://financialpost.com/sponsored/business-sponsored/digital-currency-101

The SolarWinds hack is a disaster:

- The SolarWinds hacking began as early as October 2019

- Hackers infiltrated SolarWinds systems to embed malicious code into the legitimate software of their Orion product

- This is known as a supply chain attack because attackers exploited the Orion management software to attack client's systems

- 18,000 customers got compromised updates giving attackers an entry into their network

- The attackers also took over years-old but abandoned internet domains to help cover their tracks

- Once FireEye identified suspicious activity from Orion, their malware analysts scoured roughly 50,000 lines of code, eventually spotting a few dozen lines of suspicious code. Further analysis confirmed it was the source of the hack

- SolarWinds Quickly released a patch. Experts warned that blocking the attacker's access through Orion doesn't assure their removal

- The Cybersecurity and Infrastructure Security Agency (CISA) release an alert that said it had evidence the attackers also broke into computer networks using bugs other than the SolarWinds software

- The CISA alert called the attack a “grave threat” to compromised victims including critical infrastructure entities and private sector companies

- The Russia-linked attack may have affected as many as 250 federal agencies and businesses

- American officials are working to determine if this is just an espionage operation or if attackers inserted “backdoor” access

- Intelligence officials say it could be months or years before they have a full understanding of the attack

- SolarWinds has a history of lackluster security according to current and former employees and government investigators

- Some of the compromised software was written in Eastern Europe

- None of the SolarWinds customers contacted by The New York Times were aware they were using software maintained in Eastern Europe

- The breach was not detected by government agencies responsible for cyberdefense: the military’s Cyber Command, the National Security Agency and the Department of Homeland Security, it was detected by cybersecurity company FireEye

- U.S. government agencies hit include the Treasury Department, the State Department, the Commerce Department, the Energy Department and parts of the Pentagon among the agencies confirmed to have been infiltrated

- The Justice Department said that its email system had been compromised as part of the SolarWinds hacking

- The electronic filing system used by federal courts has likely been compromised federal judiciary officials said,

- Data stolen could include "Black Start", the detailed technical blueprints for how the United States plans to restore power in the event of a cataclysmic blackout

- Microsoft said earlier this week its systems were infiltrated. The hackers were able to “view source code in a number of source code repositories,” but could not modify it

- Microsoft said it found “no evidence of access to production services or customer data,” and “no indications that our systems were used to attack others."