Thursday, July 21, 2022

NCCoE Releases Draft Project Description for DevSecOps

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Software Supply Chain and DevOps Security Practices: Implementing a Risk-Based Approach to DevSecOps. Publication of this project description begins a process to solicit public comments for the project requirements, scope, and hardware and software components for use in a laboratory environment.

We want your feedback on this draft to help refine the project. The comment period is now open and will close on August 22, 2022.

The project will focus initially on developing and documenting an applied risk-based approach and recommendations for secure DevOps and software supply chain practices consistent with the Secure Software Development Framework (SSDF), Cybersecurity Supply Chain Risk Management (C-SCRM), and other NIST, government, and industry guidance. This project will apply these practices in proof-of-concept use case scenarios that are each specific to a technology, programming language, and industry sector. Both commercial and open source technology will be used to demonstrate the use cases. This project will result in a freely available NIST Cybersecurity Practice Guide.

We Want to Hear from You!

Review the project description and submit comments online on or before August 22, 2022. You can also help shape and contribute to this project by joining the NCCoE’s DevSecOps Community of Interest. Send an email to devsecops-nist@nist.gov detailing your interest.

We value and welcome your input and look forward to your comments.

Read More

 

Implementing the HIPAA Security Rule: NIST Releases Draft NIST SP 800-66, Rev. 2 for Public Comment

 The initial public draft of NIST Special Publication (SP) 800-66r2 (Revision 2), Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule: A Cybersecurity Resource Guide, is now available for public comment.

The HIPAA Security Rule specifically focuses on protecting the confidentiality, integrity, and availability of electronic protected health information (ePHI), as defined by the Security Rule. All HIPAA-regulated entities must comply with the requirements of the Security Rule.

This draft update:

  • Includes a brief overview of the HIPAA Security Rule
  • Provides guidance for regulated entities on assessing and managing risks to ePHI
  • Identifies typical activities that a regulated entity might consider implementing as part of an information security program
  • Lists additional resources that regulated entities may find useful in implementing the Security Rule

A public comment period is open through September 21, 2022. See the publication details for a copy of the draft and instructions for submitting comments.


NOTE: A call for patent claims is included on page v of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.

Read More

Wednesday, July 20, 2022

Submit Comments on NIST SP 1800-34, Validating the Integrity of Computing Devices

 Comment Period Extended for NIST SP 1800-34, Validating the Integrity of Computing Devices

The National Cybersecurity Center of Excellence (NCCoE) has published, for public comment, a draft of NIST SP 1800-34, Validating the Integrity of Computing Devices. Please download the document and share your expertise with us to strengthen the draft practice guide. The public comment period for this draft has been extended and will now close on August 8th, 2022.

The NCCoE relies on developers, providers, and users of cybersecurity technology and information to provide comments on our practice guides. The public is encouraged to review the draft and provide feedback for possible incorporation into the final version before the public comment period closes.

If you have any questions or would like to join our Supply Chain Community of Interest, please email us at supplychain-nccoe@nist.gov.

Comment Now

Tuesday, July 19, 2022

NIST Releases Draft IR 8409: Measuring the Common Vulnerability Scoring System Base Score Equation

 Today, NIST is seeking public comments on NIST IR 8409 ipd (initial public draft), Measuring the Common Vulnerability Scoring System Base Score Equation.

Calculating the severity of information technology vulnerabilities is important for prioritizing vulnerability remediation and helping to understand the risk of a vulnerability. The Common Vulnerability Scoring System (CVSS) is a widely used approach to evaluating properties that lead to a successful attack and the effects of a successful exploitation. CVSS is managed under the auspices of the Forum of Incident Response and Security Teams (FIRST) and is maintained by the CVSS Special Interest Group (SIG). Unfortunately, ground truth upon which to base the CVSS measurements has not been available. Thus, CVSS SIG incident response experts maintain the equations by leveraging CVSS SIG human expert opinion.

This work evaluates the accuracy of the CVSS “base score” equations and shows that they represent the CVSS maintainers' expert opinion to the extent described by these measurements. NIST requests feedback on the approach, the significance of the results, and any CVSS measurements that should have been conducted but were not included within the initial scope of this work. Finally, NIST requests comments on sources of data that could provide ground truth for these types of measurements.

The public comment review period for this draft is open through July 29, 2022. See the publication details for instructions on how to submit comments.

 

NOTE: A call for patent claims is included on page iv of this draft. For additional information, see Information Technology Laboratory (ITL) Patent Policy – Inclusion of Patents in ITL Publications.

Read More

NIST Requests Public Comments on FIPS 180-4, Secure Hash Standard (SHS)

 NIST is in the process of a periodic review and maintenance of its cryptography standards and guidelines.   

This announcement initiates the review of Federal Information Processing Standard (FIPS) 180-4Secure Hash Standard (SHS), 2015.

NIST requests public comments on all aspects of FIPS 180-4. Additionally, NIST would appreciate feedback on the following two areas of particular concern:

  1. SHA-1. In recent years, the cryptanalytic attacks on the SHA-1 hash function have become increasingly severe and practical (see, e.g., the 2020 paper "SHA-1 is a Shambles" by Leurent and Peyrin). NIST, therefore, plans to remove SHA-1 from a revision of FIPS 180-4 and to deprecate and eventually disallow all uses of SHA-1. The Cryptographic Module Validation Program will establish a validation transition schedule.

     *  How will this plan impact fielded and planned SHA-1 implementations?

     *  What should NIST consider in establishing the timeline for disallowing SHA-1?

  1. Interface. The "Init, Update, Final" interface was part of the SHA-3 Competition submission requirements. Should a revision of FIPS 180-4 discuss the “Init, Update, Final” hash function interface?

 The public comment period is open through September 9, 2022. Comments may address the concerns raised in this announcement or other issues around security, implementation, clarity, risk, or relevance to current applications.  

Send comments to cryptopubreviewboard@nist.gov with “Comments on FIPS 180-4” in the Subject. 

For more information about the review process, visit the Crypto Publication Review Project page

Read More

Using Business Impact Analysis to Inform Risk Prioritization and Response: NIST IR 8286D available for public comment

 Traditional business impact analyses (BIAs) have been successfully used for business continuity and disaster recovery (BC/DR) by triaging damaged infrastructure recovery actions that are primarily based on the duration and cost of system outages (i.e., availability compromise). However, BIA analyses can be easily expanded to consider other cyber-risk compromises and remedies.

This initial public draft of NIST IR 8286D, Using Business Impact Analysis to Inform Risk Prioritization and Response, provides comprehensive asset confidentiality and integrity impact analyses to accurately identify and manage asset risk propagation from system to organization and from organization to enterprise, which in turn better informs Enterprise Risk Management deliberations. This document adds expanded BIA protocols to inform risk prioritization and response by quantifying the organizational impact and enterprise consequences of compromised IT Assets.

The public comment period for this draft is open through July 18, 2022. See the publication details for a copy of the draft and instructions for submitting comments.

 

NOTE: A call for patent claims is included on page iii of this draft. For additional information, see Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Read More

NIST opens first online comment period using the SP 800-53 Public Comment Site

NIST is leveraging the new Special Publication (SP) 800-53 Public Comment Site for its first round of public comments. Participate in the inaugural 30-day public comment period for a minor (errata) release of SP 800-53, Revision 5, Security and Privacy Controls for Information Systems and Organizations. The minor release will result in corrections to the current publication but will not introduce new technical information or requirements. Submit your comments on proposed changes using the Public Comment Site through August 12, 2022.

All proposed changes to SP 800-53 ("candidates") for review and comment are available online. Candidates can be filtered by control family, control name, and submission date. To view the specific changes for each control or control enhancement and provide your feedback, select the Tracking Number on the Candidates page.

The SP 800-53 Public Comment Site is designed to:

  • Reduce the level of effort needed for stakeholders to review and comment on proposed changes (“candidates”)
  • Feature new and updated controls and control enhancements and highlight specific changes
  • Increase transparency and promote community engagement by making comments on candidates publicly available
  • Provide traceability on submitted feedback through automatic updates

Learn more about the SP 800-53 Comment Site, and leverage the online User Guide for step-by-step instructions on how to participate in the public comment process, available under "View Candidates" and "Provide comments on candidates."

NIST looks forward to stakeholder feedback on the proposed changes ("candidates") for the first minor release using the online platform. The end result of this effort will be the second update of SP 800-53 Rev. 5. Please direct your questions to 800-53comments@list.nist.gov.

Read More

Protecting Controlled Unclassified Information: Pre-Draft Call for Comments on the CUI Series

Protecting Controlled Unclassified Information: Pre-Draft Call for Comments on the CUI Series

NIST is seeking information for a planned update of the Controlled Unclassified Information (CUI) series of publications, starting with Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. This Pre-Draft Call for Comments solicits feedback from interested parties to improve SP 800-171 and its supporting publications, SP 800-171A, SP 800-172, and SP 800-172A.

NIST seeks your feedback on the use, potential updates, and opportunities for ongoing improvement to the CUI series. Potential topics for comments and feedback range from how organizations are currently using the CUI series of publications – including how the series is being used with other frameworks and standards (e.g., NIST Risk Management Framework, NIST Cybersecurity Framework, GSA Federal Risk and Authorization Management Program [FedRAMP], DOD Cybersecurity Maturity Model Certification [CMMC], etc.) – to suggestions for features of the CUI series that should be modified, added, or removed. 

How to Comment?

View the Pre-Draft Call for Comments for details on how to submit your comments by September 16, 2022.

Questions about this call for comments?  Contact us at 800-171comments@list.nist.gov.

Read More 

Monday, July 18, 2022

Supply Chain Issue

A Florida-based CEO was charged with selling $1 billion worth of counterfeit Cisco equipment imported from China, according to the Department of Justice.

 The Justice Department announced in a release on Friday that they arrested 38-year-old Onur Aksoy for allegedly running multiple stores that sold fraudulent Cisco hardware. The DOJ alleged that Aksoy imported the fake equipment from China and resold them to included hospitals, schools, government agencies, and the military under the company name "Pro Network" to make it appear legitimate.

 According to a DOJ complaint filed in 2013, Aksoy bought counterfeit hardware at "95 to 98%" lower than authentic Cisco products. The counterfeit hardware malfunctioned, damaging the users' network and operations and costing them tens of thousands of dollars.

 Aksoyn"allegedly ran at least 19 companies formed in New Jersey and Florida as well as at least 15 Amazon storefronts, at least 10 eBay storefronts, and multiple other entities," the

 According to the DOJ statement, between 2014 and 2022, Customs and Border Protection seized 180 shipments of counterfeit Cisco devices being shipped to Pro Network. Under the alias of "Dave Durden," Aksoy falsely submitted paperwork to CBP to avoid investigation. In July 2021, federal agents obtained a warrant to search Aksoy's warehouse, where they seized 1,156 counterfeit Cisco hardware valued at over 7 million dollars.

 "We are committed to maintaining the integrity and quality of Cisco products and services. Cisco is grateful to law enforcement and customs officials for their tremendous collaboration in this investigation and to the DOJ for bringing the perpetrator to justice," Cisco said in a statement to PC Mag.

 According to the DOJ, Aksoy is charged with conspiracy to traffic in counterfeit goods and to commit mail and wire fraud, three counts of mail fraud, four counts of wire fraud, and three counts of trafficking in counterfeit goods. Prosecutors have set up a website for anyone who believed they were a victim of Aksoy's companies.

Thursday, July 7, 2022

NIST Preliminary Draft Practice Guide (Vol. B) From The Zero Trust Architecture Team

The Zero Trust Architecture (ZTA) team at NIST’s National Cybersecurity Center of Excellence (NCCoE) has published volume B of a preliminary draft practice guide titled “Implementing a Zero Trust Architecture” and is seeking the public’s comments on its contents. This guide summarizes how the NCCoE and its collaborators are using commercially available technology to build interoperable, open standards-based ZTA example implementations that align to the concepts and principles in NIST Special Publication (SP) 800-207, Zero Trust Architecture. As the project progresses, the preliminary draft will be updated, and additional volumes will also be released for comment.

As an enterprise’s data and resources have become distributed across the on-premises environment and multiple clouds, protecting them has become increasingly challenging. Many users need access from anywhere, at any time, from any device. The NCCoE is addressing these challenges by collaborating with industry participants to demonstrate several approaches to a zero trust architecture applied to a conventional, general purpose enterprise IT infrastructure on premises and in the cloud.

We Want to Hear from You!

The NCCoE is making volume B available as a preliminary draft for public comment while work continues on the project. Review the preliminary draft and submit comments online on or before August 8th, 2022.

Comment Here

We welcome your input and look forward to your comments. We invite you to join nccoe-zta-coi@list.nist.gov to receive news and updates about this project.  

- Zero Trust Architecture Project Team


Read More

FBI: Business Email Compromise: The $43 Billion Scam

This Public Service Announcement is an update and companion piece to Business Email Compromise PSA I-091019-PSA posted on www.ic3.gov. This PSA includes new Internet Crime Complaint Center complaint information and updated statistics from October 2013 to December 2021.

DEFINITION

Business Email Compromise/Email Account Compromise (BEC/EAC) is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests.

The scam is frequently carried out when an individual compromises legitimate business or personal email accounts through social engineering or computer intrusion to conduct unauthorized transfers of funds.

The scam is not always associated with a transfer-of-funds request. One variation involves compromising legitimate business email accounts and requesting employees’ Personally Identifiable Information, Wage and Tax Statement (W-2) forms, or even crypto currency wallets.

STATISTICAL DATA

The BEC/EAC scam continues to grow and evolve, targeting small local businesses to larger corporations, and personal transactions. Between July 2019 and December 2021, there was a 65% increase in identified global exposed losses, meaning the dollar loss that includes both actual and attempted loss in United States dollars. This increase can be partly attributed to the restrictions placed on normal business practices during the COVID-19 pandemic, which caused more workplaces and individuals to conduct routine business virtually.

The BEC scam has been reported in all 50 states and 177 countries, with over 140 countries receiving fraudulent transfers. Based on the financial data reported to the IC3 for 2021, banks located in Thailand and Hong Kong were the primary international destinations of fraudulent funds. China, which ranked in the top two destinations in previous years, ranked third in 2021 followed by Mexico and Singapore.

The following BEC/EAC statistics were reported to the FBI IC3, law enforcement and derived from filings with financial institutions between June 2016 and December 2021:

Domestic and international incidents:241,206
Domestic and international exposed dollar loss:$43,312,749,946
The following BEC/EAC statistics were reported in victim complaints to the IC3 between October 2013 and December 2021:
Total U.S. victims:116,401
Total U.S. exposed dollar loss:$14,762,978,290
Total non-U.S. victims:5,260
Total non-U.S. exposed dollar loss:$1,277,131,099
The following statistics were reported in victim complaints to the IC3 between June 2016 and December 2021:
Total U.S. financial recipients:59,324
Total U.S. financial recipient exposed dollar loss:$9,153,274,323
Total non-U.S. financial recipients:19,731
Total non-U.S. financial recipient exposed dollar loss:$7,859,268,158

BEC AND CRYPTOCURRENCY

The IC3 has received an increased number of BEC complaints involving the use of cryptocurrency. Cryptocurrency is a form of virtual asset that uses cryptography (the use of coded messages to secure communications) to secure financial transactions and is popular among illicit actors due to the high degree of anonymity associated with it and the speed at which transactions occur.

The IC3 tracked two iterations of the BEC scam where cryptocurrency was utilized by criminals. A direct transfer to a cryptocurrency exchange (CE) or a "second hop" transfer to a CE. In both situations, the victim is unaware that the funds are being sent to be converted to cryptocurrency.

DIRECT TRANSFER – Mirrors the traditional pattern of BEC incidents in the past.

Graphic depicting the direct transfer iteration of the BEC/Cryptocurrency scam. Bad Actor has already arranged control of a named cryptocurrency wallet for the funds to be converted to

SECOND HOP TRANSFER - Uses victims of other cyber-enabled scams such as Extortion, Tech Support, and Romance Scams. Often, these individuals provided copies of identifying documents such as driver's licenses, passports, etc., that are used to open cryptocurrency wallets in their names.

Graphic depicting the Second Hop Transfer iteration of the BEC/Cryptocurrency scam. Moves funds to cryptocurrency account controlled by Bad Actor

In the past, the use of cryptocurrency was regularly reported in other crime types seen at the IC3 (e.g., tech support, ransomware, employment), however, it was not identified in BEC-specific crimes until 2018. By 2019, reports had increased, culminating in the highest numbers to-date in 2021 with just over $40M in exposed losses. Based on the increasing data received, the IC3 expects this trend to continue growing in the coming years.

Chart depicting Reported Loss Associated with BEC/Cryptocurrency Complaints for the years of 2018, 2019, 2020, and 2021.

SUGGESTIONS FOR PROTECTION

  • Use secondary channels or two-factor authentication to verify requests for changes in account information.
  • Ensure the URL in emails is associated with the business/individual it claims to be from.
  • Be alert to hyperlinks that may contain misspellings of the actual domain name.
  • Refrain from supplying login credentials or PII of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate.
  • Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender's address appears to match who it is coming from.
  • Ensure the settings in employees' computers are enabled to allow full email extensions to be viewed.
  • Monitor your personal financial accounts on a regular basis for irregularities, such as missing deposits.

If you discover you are the victim of a fraud incident, immediately contact your financial institution to request a recall of funds. Regardless of the amount lost, file a complaint with www.ic3.gov or, for BEC/EAC victims, BEC.ic3.gov, as soon as possible. 

FBI warns of deceptive and deepfaked job applicants for remote work

The FBI Internet Crime Complaint Center (IC3) warns of an increase in complaints reporting the use of deepfakes and stolen Personally Identifiable Information (PII) to apply for a variety of remote work and work-at-home positions. Deepfakes include a video, an image, or recording convincingly altered and manipulated to misrepresent someone as doing or saying something that was not actually done or said.

The remote work or work-from-home positions identified in these reports include information technology and computer programming, database, and software related job functions. Notably, some reported positions include access to customer PII, financial data, corporate IT databases and/or proprietary information.

Complaints report the use of voice spoofing, or potentially voice deepfakes, during online interviews of the potential applicants. In these interviews, the actions and lip movement of the person seen interviewed on-camera do not completely coordinate with the audio of the person speaking. At times, actions such as coughing, sneezing, or other auditory actions are not aligned with what is presented visually.

IC3 complaints also depict the use of stolen PII to apply for these remote positions. Victims have reported the use of their identities and pre-employment background checks discovered PII given by some of the applicants belonged to another individual.

Report It

Companies or victims who identify this type of activity should report it to the IC3, www.ic3.gov.

If available, include any subject information such as IP or email addresses, phone numbers, or names provided.

Local Field Office Locations: www.fbi.gov/contact-us/field-offices

Wednesday, July 6, 2022

CISA Alert (AA22-181A) StopRansomware: MedusaLocker

 This uses vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks

Summary

Actions to take today to mitigate cyber threats from ransomware:
• Prioritize remediating known exploited vulnerabilities.
• Train users to recognize and report phishing attempts.
• Enable and enforce multifactor authentication.

Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn more about other ransomware threats and no-cost resources.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, and the Financial Crimes Enforcement Network (FinCEN) are releasing this CSA to provide information on MedusaLocker ransomware. Observed as recently as May 2022, MedusaLocker actors predominantly rely on vulnerabilities in Remote Desktop Protocol (RDP) to access victims’ networks. The MedusaLocker actors encrypt the victim's data and leave a ransom note with communication instructions in every folder containing an encrypted file. The note directs victims to provide ransomware payments to a specific Bitcoin wallet address. MedusaLocker appears to operate as a Ransomware-as-a-Service (RaaS) model based on the observed split of ransom payments. Typical RaaS models involve the ransomware developer and various affiliates that deploy the ransomware on victim systems. MedusaLocker ransomware payments appear to be consistently split between the affiliate, who receives 55 to 60 percent of the ransom; and the developer, who receives the remainder. 

Download the PDF version of this report: pdf, 633 kb

Technical Details

MedusaLocker ransomware actors most often gain access to victim devices through vulnerable Remote Desktop Protocol (RDP) configurations [T1133]. Actors also frequently use email phishing and spam email campaigns—directly attaching the ransomware to the email—as initial intrusion vectors [T1566].

MedusaLocker ransomware uses a batch file to execute PowerShell script invoke-ReflectivePEInjection [T1059.001]. This script propagates MedusaLocker throughout the network by editing the EnableLinkedConnections value within the infected machine’s registry, which then allows the infected machine to detect attached hosts and networks via Internet Control Message Protocol (ICMP) and to detect shared storage via Server Message Block (SMB) Protocol. 

MedusaLocker then: 

  • Restarts the LanmanWorkstation service, which allows registry edits to take effect. 
  • Kills the processes of well-known security, accounting, and forensic software. 
  • Restarts the machine in safe mode to avoid detection by security software [T1562.009].
  • Encrypts victim files with the AES-256 encryption algorithm; the resulting key is then encrypted with an RSA-2048 public key [T1486]. 
  • Runs every 60 seconds, encrypting all files except those critical to the functionality of the victim’s machine and those that have the designated encrypted file extension. 
  • Establishes persistence by copying an executable (svhost.exe or svhostt.exe) to the %APPDATA%\Roaming directory and scheduling a task to run the ransomware every 15 minutes. 
  • Attempts to prevent standard recovery techniques by deleting local backups, disabling startup recovery options, and deleting shadow copies [T1490].

MedusaLocker actors place a ransom note into every folder containing a file with the victim's encrypted data. The note outlines how to communicate with the MedusaLocker actors, typically providing victims one or more email address at which the actors can be reached. The size of MedusaLocker ransom demands appears to vary depending on the victim’s financial status as perceived by the actors. 


To read the Full Report go here

Tuesday, July 5, 2022

NIST Announces the Release of Draft NIST IR 8323 Revision 1: Foundational PNT Profile

 NIST Announces the Release of Draft NIST IR 8323 Revision 1 | Foundational PNT Profile: Applying the Cybersecurity Framework for the Responsible Use of Positioning, Navigation, and Timing (PNT) Services. 

PNT

Credit: Shutterstock

About Revision 1 of the Profile

The PNT cybersecurity profile is part of NIST’s response to the February 12, 2020, Executive Order (EO) 13905, Strengthening National Resilience Through Responsible Use of Positioning, Navigation, and Timing Services. The EO notes that “the widespread adoption of PNT services means disruption or manipulation of these services could adversely affect U.S. national and economic security. To strengthen national resilience, the Federal Government must foster the responsible use of PNT services by critical infrastructure owners and operators.” The Order also calls for updates to the profile every two years or on an as needed basis.

Based on NIST’s interaction with public and private sector stakeholders and their efforts to create “sector specific” profiles, it was decided to create Revision 1. No substantive changes were made to the original Foundational Profile; NIST is only seeking comments on the changes made in this Revision. Among the most noteworthy are: the addition of five new Cybersecurity Framework (CSF) Subcategories, and the addition of two appendices; Appendix D; Applying the PNT Profile to Cybersecurity Risk Management, and Appendix E; Organization Specific PNT Profiles.

All changes are captured in Table 26: “Change Log” for easy reference to reviewers.

The PNT Profile was created by applying the NIST CSF to help organizations:

  • Identify systems dependent on PNT
  • Identify appropriate PNT sources
  • Detect disturbances and manipulation of PNT services
  • Manage the risk to these systems

Organizations may continue to use this profile as a starting point to apply their own unique mission, business environment, and technologies to create or refine a security program that will include the responsible use of PNT services.

The public comment period for this publication is now open through August 12, 2022. 

Email comments directly to: pnt-eo@list.nist.gov.

Submit Comments

A Tale of Two Cities - Exploring the future of work - A Data AI Hackathon

 This is an IN-Person Event

The pandemic is (mostly) behind us now, but have perceptions and mindsets of city dwellers changed forever?
Do young people see the world in the same way?
Is there any evidence that people in cities now value work-life balance?
At the Artificial Intelligence: Cloud and Edge Implementations course at the University of Oxford, last year, we worked with Open data from Transport for London and explored the behaviour of people in the pandemic

But is this a global trend?

Created in partnership with Microsoft and University of Oxford, the A tale of two cities - Exploring the future of work - A Data AI hackathon addresses the above questions

We present the findings from London open data and the hackathon will ask the same questions based on open data in New York

What will we find in this saga of two cities? Do we see a pattern with wider implications? What does it mean for the future of work?

We invite you to join us in reviewing datasets from these two cities using Data and AI tools to develop new insights and solutions that emerge from data captured before, during, and after the pandemic.

✨ Rules: Form a team of maximum (3) individuals to take the data and process results. Choose your team prior to the event or on-site amongst attendees.
✨ Suggested Tools: PowerBI, Python, AI builder, Synapse, CosmosDB, and Percept.
✨ Prerequisites: We recommend that attendees are data professionals and possess skills related to the above tools. If you are not fully knowledgeable with the above tools, you are free to apply what you learn in our offered workshop content or you can use the hackathon as a learning opportunity / opportunity to work with others.

✨ If participants do not currently have an Azure subscription, we have a limited supply (25) of Azure passes with some credit available.

✨Prize: The winning team (of 3), currently will get (3) $100 Amazon gift cards and (1) free placement to the Oxford University Digital Twins course (online)- team will have to decide who receives the course. Additional prizes are TBD✨

Agenda:
• Day 1: July 21st 530PM – 8PM : Introduction to the problem, London data comparison, details for the hack shared to group.
• Day 2: July 22nd 9AM – 5PM : Hackathon / Informative Presentations

  • 9:00 AM : KickOff presentation with introduction to additional Data & AI tools – Paul DeCarlo & Ruth Yakubu
  • 10:00 AM : NoSQL 101 and Intro to Cosmos DB – Jay Gordon
  • 10:30 AM : Introduction to Azure Percept – Amira Youssef
  • Office hours - work on Hackathon/Ask questions of available experts

• Day 3: July 23rd 9AM – 1PM : Present Hackathon findings and solutions; choose winner

We hope to share insights from this work, widely building on our experience at the University Of Oxford.
Rikesh Shah, Head of Open Innovation @ Transport for London said "I am pleased to see that the open data and innovation journey we started at University of Oxford is now expanding to the city of New York. I look forward to hearing about the learnings from New York"


Register HERE