Kate Scarcella


Securing the Internet of Things – IoT

A popular question for cybersecurity professionals is what keeps us up at night? 

In the past, I often have found this to be a scare tactic, but lately I have been very concerned about securing IoT.  Why? 

As we retrieve real time data and count on this data as being accurate, it is important to know that the IoT devices are secure and transmitting data that has not been altered.

We are not ready to truly protect the Tsunami of devices that are presently online and transmitting data.  This is what keeps me up at night; but it turns out that it does not have to.

I have a drive, even a mission to change the way we think about cybersecurity.  It is a real shift in a traditional strategy which normally includes events and incidents which are displayed on one console.  These incidents are built upon applications, identity and access manager, and data bases. I believe we need to move to a more agile strategy. 

In order to help us address cyber security issues, arising from the wave of IoT devices inundating us with data, we need two capabilities.  First we must have End Point Detection and Response and secondly, Augmented Intelligence, which can provide behavior analytics.  Together these two elements provide a digital footprint to everywhere we travel on the internet. 

When I first began working in cyber security, I repeatedly encountered Windows as the transition from IT into OT.  Regardless of the industry, the source of their compromise would be Windows operating system, at level two; which represents the human machine interface into operational technology devices.

The solution we presented, while appearing elegant, would require a staff of highly qualified individuals to run it successfully.  CISO’s wanted to be able to hire someone with minimum technical training who would intuitively be able to run the solution.

Today we have the ability to deliver what the CISO’s were looking for; with two capabilities covering eighty percent of IoT, with only twenty percent of the effort.

How is this possible?  We are can offer advanced attack and insider threat detection to level two, it is very important to understand that the attack pattern by malicious adversaries is consistently the same.

So what do I mean by that?  If you look at the Purdue Enterprise Reference Architecture it shows you that beginning at level four, usually through phishing, which leads to reconnaissance, which leads to compromised accounts and machines, which lead to lateral movement, which leads to privileged escalation, which ultimately leads to a successful attack into critical infrastructure.  

Today we can profile our IoT devices just like we can profile malicious adversaries as well as rough devices. 

The fact is that for the first time in my career in cyber security, I do not have to be kept up at night.  There is a way for all of us to stay safely Connected. 


Words not Numbers


Elizebeth Smith Friedman, considered the first American female cryptanalyst, did not arrive at this job with a love for numbers, but rather a love for words.

Who was Elizebeth Smith Friedman, and how can we learn from her techniques and make them applicable for us in technology today?

Elizebeth was born in Huntington Indiana, in 1892, to Quakers, the youngest of nine children.  She was raised on a farm and later would attend, the University of Wooster for two years.  Elizebeth would transfer to Hillsdale College in Michigan, which was physically closer to her parents’ home, because her mother became ill.  There were demands placed on Elizebeth, and her father had expected her to quit school and come home to take care of her mother.  He did not understand why she needed to have a college degree.  However, she persisted, and would graduate with a degree in English Literature.

Elizebeth would find employment at Riverbank Laboratories in 1916, which was owned by George Fabyan, a textile merchant who was very wealthy.  Riverbank was Fabyan’s very own think tank, and he wanted to prove Elizabeth Wells Gallup, and her sister’s theory that Shakespeare’s plays and sonnets were actually written by Sir Francis Bacon.  Elizebeth would be employed to decrypt the enciphered messages which were held within Shakespeare’s work.  She was the perfect candidate, since she appreciated and knew well, Shakespeare’s body of work.

Elizebeth would join a team of people, who were already working on proving that Bacon wrote Shakespeare, and one of those people would become her husband, William Friedman; they would marry in 1917.  They would work at Riverside together for the next four years.  Their work in cryptanalysis would lead to them training different departments of the U.S. government.  In fact, one of the people they taught was Agnes Meyer Driscoll, whom I wrote about for a previous “Connected” article.


While the team at Riverbank never was able to prove the Gallup’s sisters belief, they did collect a massive amount of information on secret writings; Riverbank would become the only facility in the United States that was capable of solving enciphered messages.

The Friedman’s would leave Riverbank for Washington D.C., William would go to work for the War Department in 1921.  Elizebeth would work for the U.S. Treasury Department and would be given credit for breaking many of the encrypted codes used by smugglers and drug-runners; her work was invaluable to law enforcement.  She would be hired by the U.S. Navy in 1923, as a cryptanalyst with the U.S. Treasury Department’s Bureau of Prohibition and of Customs.  A joint effort was established with the Coast Guard to monitor criminal activity domestically and internationally against smuggling and drug-running.  The criminals used encrypted radio messages to communicate their activities.  During a period of twelve years, 1927 to 1939, Elizebeth would decode over twelve thousand messages and twenty-four different encoding systems, without a computer!  During her time at the Treasury department, she would be one of the individuals who helped to indict Al Capone.

Elizebeth also helped convict Velvalee Dickinson, known as the Doll Woman, who through her business contacts gave Japanese agents encrypted messages on naval vessel movement in Pearl Harbor.

During World War II, the Nazi’s saw an opportunity to get local support in South America.  It was the Coast Guards job to monitor the communications of the Nazi networks in South America.  Again, we would see Elizebeth and her team decode over four thousand messages from forty-eight different radio circuits.

After World War II, Elizebeth would create a secure communication system for the International Monetary Fund.

One of the last acts that her and her husband would achieve during “retirement”, would be to revisit Shakespeare.  Through their work, they were able to prove beyond any doubt, that Shakespeare actually wrote his own plays and sonnets.  In fact, their work, The Shakespearean Ciphers Examined, earned several literary awards.

It is interesting, that her career comes full circle, back to her love of words.  She was not only the first female cryptanalyst, but perhaps the greatest.

Elizebeth kept walking through doors that Connected her to challenges which turned into opportunities. I hope that the next time Jill and I are traveling in Virginia, that we can see the George C. Marshall Research Library, which houses the Friedman’s work and is the largest private collection of cryptographic material in the world.




Hut Six


“We must not neglect the nonmilitary means by which an enemy may seek to undermine our national will.”

~ Gordon Welchman~

I am reading a very interesting book by Gordon Welchman called, The Hut Six Story: Breaking the Enigma Codes. Welchman was recruited to work at Bletchley Park, by Alastair Denniston.

Denniston was responsible for decrypting the enemy messages for Great Britain, in the First World War.  After World War I, Denniston continued to work with codebreaking, which led to creation of the Government Code and Cypher School GCCS.

He would be put in charge of GCCS and would start to make preparations for the next war, as he started to see Hitler rise.  The first action that Denniston took, was to acquire Bletchley Park, which was 47 miles North of London, (note to Jill and I, when we go visit), and on the main railway line, which also connected Oxford and Cambridge Universities.  The second action that Denniston undertook, was to recruit mathematicians from these Universities, thus the railway connections to these top two academic institutions became vitally important.  Denniston would be a guest lecture at both of the schools and would inquire of the student, that in the event of war, would they be willing to work at Bletchley Park, cracking codes?  Welchman became one of Denniston’s first recruits, and also interestingly, so was Alan Turing.

The morning that Britain declared war on Germany, Welchman reported to Bletchley Park, and with other recruits, would immediately start to work on two Enigma machines that were provided to England by the Poles.  Later, history would report that the two Enigma machines provided by Polish mathematicians were given to Denniston, in July of 1939, just a little over a month before Germany would invade Poland.

The work on the Enigma machines would be referred to as Hut 6 Ultra.  Hut 6, was the location of the building within Bletchley Park.  Welchman would be the leader of Hut 6 and focused on traffic analysis for encrypted German communications.  While the information collected was encrypted, it is Welchman who understood that you could deduce important information through traffic patterns such as; frequent signals meant planning, rapid and short signals meant negotiations, lack of signal meant lack of activity or completion of plan, frequent signals to one station meant a chain of command, and these are just a few examples of movement and activity by the enemy which he discovered, but his main contribution would be in helping to crack the Enigma code.

Welchman after the war would immigrate to the United States; and go to work at the MITRE Corporation, which is a primary source for cybersecurity intelligence today.  While at MITRE, Welchman conducted research wanting to design secure communications, for the future battlefield.  He noticed that what he had learned from his work during World War II, was still valid.  While technology had changed tremendously, the principles of handling coded traffic were much the same.

I have only begun to read The Hut Six Story: Breaking the Enigma Codes; even so, I am amazed at the forethought that Denniston had, not only in understanding the importance of cryptography, but in knowing that he would need to establish a safe work environment, away from the disruptions of war.  He would leave London, and find a place away from the city and near transportation.  I am impressed that Polish mathematicians would have the forethought to share what they knew about the Enigma with the British.

There are many elements that I find fascinating about this book, but relevant to my work today and all of us staying safely Connected, are these principles established during this time period that are still practiced today.  For example, in order to create a complete picture of a cyber-attack, we need to bring together data from various places, applying the same principles Welchman used in signal intelligence.



The Voting Ecosystem

The United States voting system is not made up of just voting machines. 

What do I mean by this? 

Electronic systems, including the voting machines are tied into a much larger infrastructure, that includes operating systems and applications, that run on many different hardware components, that communicate to even a much larger system, that hosts the data, on databases, that run on additional hardware components and additional operating systems and software applications.

Gaining access to any of these components would not necessarily be difficult, extracting data would be difficult but doable, altering data in any part of this process would be extremely difficult. 

Why do I say this?

When we study cybersecurity breaches, we often find that the cyber attacker spent an enormous amount of dwell time.  Dwell time is the length of time the cyber attacker first breached the account and remains in the account until they are eradicated.  Dwell Time is measured in days and it is measured by adding Mean Time to Detect, MTTD, plus Mean Time to Repair, MTTR.  These are common terms in cybersecurity.  If we examine any of the top breaches, we would find the dwell time to be over a hundred days.

Thus, cybersecurity attacks in our voting ecosystem would be extremely difficult because the cyber attacker would first have to find the vulnerability to hack.  Once the vulnerability was found, and access was gained, they would need to understand how to move throughout the entire system, undetected.  And let’s say the cyber attacker has gone undetected, the next step would be the designer malware, that may or may not work, but usually requires days to install and gather the targeted information.  The cyber attacker would also need admin rights to the entire system, which means not just the operating system, but also the application, the network, and the database.

I have read a few articles that stated that the data concerning the recent election was altered.  Again, this would be very difficult because databases have referential integrity, and admin access would be needed in order to change any data. 

What is referential integrity in databases

Referential integrity is the accuracy of the data across multiple tables.  The tables will include a primary key and a foreign key.  A foreign key always needs to reference a valid primary key in a parent table or it can be orphaned, because values in a primary table were changed. 

While our voting ecosystem was not physically compromised, it certainly has been undermined by the disinformation campaign, which in turn has actually compromised our voting ecosystem, in a way that undercuts our entire democracy.

If I was looking at this as a hacker, I would say, that I have succeeded in undermining one of the first democracies.  I studied the target, I was able to gain access through social media, so I successfully phished my target, which was millions of voters in the United States, I dropped my designer malware, and have altered the outcome of the election, and have gone undetected, because I have not been eradicated  from your system as of yet. 

While there may be other questionable elements involved in this election, the voting ecosystem is not one of the culprits.  Stay safely Connected. 



Industrial Revolution 5.0


The Industrial Revolution 5.0 has officially started, even though many of us in technology are still addressing cybersecurity challenges of the Industrial Revolution 4.0.

Industrial Revolutions are marked by economist and historians as they record shifts in societies.  The first Industrial Revolution was identified by English economic historian, Arnold Toynbee.  https://tinyurl.com/y4glae8g    The Industrial Revolution 1.0 started in the latter half of the 18th century, and humans would see the first benefits of working with machines.  Some of the inventions of the first Industrial Revolution include the steam engine, the cotton gin, and the power loom, which would birth several new industries.  For example, the steam engine would give birth to the travel industry, and the power loom would usher in the manufacturing industry.

Machines would provide humans with a greater capacity to do more, better and faster; and each invention would enable another invention.  The invention of the steam engine would be the foundation for not only ships and locomotives but also machines in warehouses.

The timelines for the Industrial Revolutions overlap, and the second Industrial Revolution, would begin in the late 19th century.  The Industrial Revolution 2.0 would include inventions such as the assembly lines, and electricity which would provide advance machinery in factories.  While economist and historians discuss societal changes with each revolution, I see that humans and machines take another step in working together.

Industrial Revolution 3.0 begins in the 20th century, around 1970.  I have to say that Industry 3.0 is one of my favorite industrial revolutions because this would be the time period that computers would be introduced, which would help us land on the moon.  Another invention of this time period is the Programmable Logic Controller, PLC, which lays the groundwork for automation.  PLC’s are located throughout our critical infrastructure in all industries, such as energy, water, trains, pharmaceutical, and manufacturing; and I still work with them today!

Around 2010, the Industrial Revolution 4.0 began, bringing the Internet and cyber physical systems which run algorithms, on collected data.  Artificial Intelligence and machine learning are all words commonly used, but the concept of machine thinking like a human is not successful.  The expectation for Industry 4.0 was that machines would be able to completely take over human tasks, such as driving.  However, we have found that humans are still needed for critical decision, and thus Industry 5.0 has been officially introduced, and of course, it would be the year 2020.

Industrial Revolution 5.0 will provide a way for machines and humans to work together better.  Human/machine partnerships are already a part of our daily lives. For example, I use my phone to control the security cameras, in my home; the idea of working with a device, my phone, which connects to another device, the home base, which provides me with the ability to see the house any time.  And in manufacturing, there are robots already moving items around a warehouse, as a human uses a device to connect to the robot to give it commands.  I do not think it will be long before we all have robots working with us side by side.

It is worth noting the time frame between Industry 1.0 and Industry 2.0 is about one hundred years, Industry 2.0 to Industry 3.0 is about ninety years, Industry 3.0 to Industry 4.0 is about forty years, and Industry 4.0 to Industry 5.0 has been ten years.  Inventions continue to build on previous inventions and delivering unimaginable technology; however humans are still needed.  Stay safely Connected.


The Anatomy of a Cybersecurity Attack


I have felt lately like we, in the cyber security community, are failing at our posts.  Our clients are suffering from real day to day cybersecurity threats, turning off their computers at night, to wake up to the same scenario that they just left.

We keep saying if you do a little more, you will be okay, you are more secure.  But then another data breach and they are back at square one, wondering what do they need to do, to be better.

I thought it might be interesting to understand the anatomy of a cybersecurity attack, because I had someone ask me about a VPN and what if they bought additional technology.  While the attack below is on an industrial control system, the method of the attack is often the same.

The first step shown as number 1 is the Planning and Preparation Stage, which lists Reconnaissance, Weaponization, and Targeting.  Reconnaissance is about the bad actor selecting their Target, doing research and attempting to identify vulnerabilities.  Weaponization is about the bad actor creating remote access malware, or buying remote access malware, which is readily available on the Internet, towards a discovered vulnerability.

The second step shown as number 2 lists the attempt and or success of the designer malware.  If not successful the first time, it is not unusual for the attempt to be multiple times, in the thousands if not more.  There are some tools that are able to pick up multiple attempts and the malware can be thwarted at this stage, but unfortunately, this does not happen often.  But if the attempt is successful, then the bad actor now has their launching pad, a place where they may set up a backdoor to the system as an example.

The third step shown as number 3 is the command & control, known as C2, and the actually execution of the attack, will take place.  This is an area where they may just observe and you will not even realize that the bad actor is in your system.  It is not unusual for these attacks to have a dwell time of over a 100 days.

The fourth step shown as number 4 is the act.  This is the area that the bad actor will use for data theft, ransomware or data destruction, and can just repeat their goal over and over again, until they are caught.  As an example, data exfiltration may happen a little every night, this way they can remain under any thresholds that might be set in the cybersecurity tools.

The fifth step shown as number 5 are the actually use cases that have made the bad actor successful, and the sixth step, shown as number 6, takes the attack one step further in to the Industrial Control Systems, such as the electrical grid.


Covid-19 and the Data

There is a lot of misinformation about Covid-19.  I am fortunate to work with, what I consider, the best data modeling tool presently available. 

Interset, is the name of the technology, which is being used to help provide a predictive model for Covid-19. 

What is Interset?  How do I use it for cyber security and why is it used for Covid-19 forecast models?

Interset is a user entity and behavior analytics UEBA, engine, and is able to ingest many types of data.  For example, to be able to find a compromised account, I would be interested in collecting data from user logs, network flows, organizational folders, and applications.  Separately, data from each entity listed, would not help uncover malicious intent in an organization.  But a very powerful picture could be created if all the pieces were brought together in one model, and this is what Interset is able to complete.  A baseline can be created for every entity, making a “unique normal”.

How is this helpful in cybersecurity?  Rules and thresholds are created manually to establish alerts.  When an alert has come into the queue, a person will open the alert and further investigate the incident.  But often we have created rules that do not scale, causing too many false positives and alert fatigue.  It would be similar to having a paint by numbers canvas and using a large paint brush, with only one color of paint. The results would lack detail, making it undistinguishable.

Interset uses multiple machine learning algorithms, as well as, unsupervised machine learning, to extract the information and provide in depth details about possible fraud, malicious insider threat, and even espionage.  Supervised learning requires data that has already been labeled.  This is easily accessed since the cyber community has decade’s worth of malware examples, both malicious and accidental.  Unsupervised learning is a self-discovery of patterns.

So how does this help us provide a forecast for Covid-19?  First, Interset is able to observe and quantify, establishing a “unique normal”.   Second, Interset has been provided data; including death data from the Center for Systems Science and Engineering at John Hopkins University, and intervention data from Oxford Covid-19 Government Response Tracker, and Covid Local Analysis and Mapping of Policies, to build an application.

The application provides a visual model to help illustrate past, present and a fourteen day future prediction.  Thus far, the model has been accurate and the data scientist at Interset hope that people can see what impact their actions may have for not only today, but for the future. Stay safely Connected. 

Covid – 19 Forecast


Defend Forward

The cybersecurity community has had a Defense in Depth strategy for well over a decade.  What does that mean?

From a practical home application, Defense in Depth, would start with a fence around your property as an example, then a lock on all points of entry into the house, such as doors and windows, an alarm system, and even a safe for your valuables from not only a threat of being stolen, but for the threat of fire or water.  Defense in depth, basically puts up many defenses around what you value.  From a digital perspective, Defense in Depth, would include a firewall on your router and an antivirus on all you digital devices, as just another example.

However, in the past couple of years, there has been a new cybersecurity strategy, from the Department of Defense called Defend Forward.  The Defend Forward cybersecurity strategy was also included in “The John S. McCain National Defense Authorization Act for Fiscal Year 2019, which created the Cyberspace Solarium Commission, CSC, to develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences”.  https://www.congress.gov/bill/115th-congress/house-bill/5515/text

The Cyberspace Solarium Commission CSC, co-chairman Senator Agnus King, released in March of 2020, a 182 page report that first provides a reality check to not only our nations cybersecurity weakness, but to us as individuals.  The report discusses the heavy reliance on networks and digital devices and the fact that our country has “lost hundreds of billions of dollars  to nation-state sponsored intellectual property theft using cyber espionage”. The report also provides an outline and makes over 80 recommendations to help our nation to become more secure including the defend forward cybersecurity strategy. https://www.solarium.gov

The defend forward strategy started with misconceptions that the strategy was just a really good cybersecurity defense.  But that is not the case, defend forward includes disrupting cybersecurity campaigns and defeat advance persistent threats.  In addition, the United States government will “actively observe, pursue, and counter adversaries”.  The United States government will now respond consistent within international law, which will include monetary fines.

For me, it is exciting to see how our government is embracing the need to address cybersecurity.  We want to stay Connected safely.


Covid-19 and Changes to the Cybersecurity Landscape

Covid-19 has changed the cybersecurity threat landscape. Often, the cybersecurity community looks to reduce the attack surface and provide less opportunity for bad actors. But Covid-19 has opened a very wide door and Advance Persistent Threats are on the rise, targeting businesses and individuals.

Personally, I have had calls from individuals who are working at home, from companies that have my personal identifying information. I have no idea what type of security controls they are using and how they are protecting my information. Thus, individuals have become a very real target.

What is happening and simple steps to protect yourself.

First, beware of scams and terms that lure you with the title; Covid-19. Identity thieves are taking advantage of the fear that has been created with the Coronavirus pandemic. Individuals, who are looking for financial information, medical advice, and basic protection and treatment of Covid-19, are going to malicious websites. The fake websites are collecting personal information stating that updates will be provided to you, if you provide personal information. They have also set up donation sites for victims of Covid-19. Be very aware, before donating money. If you would like to donate money, check the traditional sites such as Red Cross, and Samaritan Purse, as examples of a couple of good organizations which individuals can donate money.

Additionally, fraudulent e-commerce vendors are promoting sale of personal protection equipment, such as face masks, hand sanitizer and even test kits. I would avoid nontraditional websites and look online at Walmart, Amazon, Home Depot, as examples of companies that will be able to provide certain protections for the consumer. And presently, there is only one authorized Covid-19 at home test kit, and you cannot buy it online. The home test kit for Covid-19 is from Pixel by LabCorp, is only provided to healthcare workers and first responders. If you have tried to buy a home kit and provided your medical information, call your insurance company and look for email alerts with explanation of benefits, EOB.

Second, beware of Phishing and Vishing, voice calls looking for information. Individuals and businesses, wanting more information on Covid-19, are more susceptible to fake coronavirus emails, texts and voicemails, such as alerts. Do not click on any links provided in emails or texts. And if someone calls wanting information, just hang up. Be aware, like I stated above, I had calls from my insurance company that appeared at first to be potential spam. I did not provide them information, but had them provide me with the information, on the reason for the call. Companies have their employees working from home, and are masking the individual’s phone number. So not all calls are spam, but remember, there is no reason to ever provide your full social security number. There are other ways in which to identify you, such as your zip code. These times are unprecedented, and policies are changing, being less restrictive on identification as an example.

Third, employees have also been a target, when they are looking for updates, on work conditions. Legitimate looking websites have been spun up, collecting personal information of the employee and even capturing sensitive business data and customer information. Businesses will provide the means on how employees will connect. Again, be aware of how you interact with your personal and business devices.

Fourth, spoofed government communications has also provided another threat vector, personally connecting with a lot of people who want information. While many of us do not go to local news sites, in this instance, I would recommend this avenue. The reader will be able to get the latest information, on what is happening in their community, and what efforts are underway for legitimate help.

Fifth, job sites and applying for unemployment has provided another opportunity, for bad actors to collect all of your personal identifying information, even what you were earning. Fraudulent websites appear legitimate, so again, be aware and know your social security number will never be needed, when applying for a job. And applying for unemployment should only be done at the state department of labor site.

As we emerge from the Coronavirus shutdown, the world will be a different place for us, personally and digitally. We need to stay safely Connected at home as well.


What Does the Data Tell Us?

We have a belief that more data equals better decisions. But many times the data that we receive is not accurate and complete, and we are only getting a partial view of what we really need to know, in order to make solid decisions.

Recently, it was discovered that location data was being collected from cellphone users to provide information on social distancing patterns because of the coronavirus. We all understand and many of us accept, at this point, that our data is being collected and then used to make decisions, especially for public safety.

But I wonder how much data will be enough and if the coronavirus has opened Pandora’s Box to our privacy?

Let us start with who is doing what and explore if it is a good idea. Did you know that:

1) China uses a tracking system via a smart phone app. The app is called Alipay Health Code, developed by Ant Financial, which is the sister company of Alibaba, which uses the wallet app and downloads a QR Code. The QR Code will appear in three color schemes and provides real time data of the contagion risk of that person. The three colors of the QR Code are; green, allowing the person to travel and be in public places, yellow, stay home seven days and red indicates a two week quarantine. The app also provides a hidden feature that sends the persons location with an identifying code number to the Police. It should be noted here that many of the people who were healthy, still had a red code, preventing them from going out and illustrating that the data was not completely accurate. https://nyti.ms/32Hyr4z

2) Taiwan is the first to use an “electronic fence” via the smart phone. The police will be alerted if a person moves outside of their quarantined area or if they turn off their phone. Additionally, assigned people will call the quarantined person twice a day for verification that they are home and have not just left the phone on. Taiwan has been praised by many for keeping the spread of the coronavirus low.

3) Israel has been authorized to use cell phone location data to use contact tracing of people who have the coronavirus. They will use the data to identify all people who have been in contact with the infected person, and quarantine those people as well.

4) European countries have had a more difficult time because of the General Data Protection Regulation GDPR, which prevents the data sharing of personal information. However, there has been a temporary suspension and carriers are sharing data with these nations to verify that people are complying with limitations of movement.

Now, what are we doing in the United States to help slow the spread of the coronavirus and what data is being used to assist us in this endeavor? Unlike other countries, where there is overt data that is being collected and used by the government in collusion with mobile providers and other businesses, our data actually comes from all those apps that we download and many consumers do not even realize what information we have willingly provided. For example, one study just released last week states that iPhones have over five thousand hidden app trackers. Companies such as Unacast are able to collect location data from games, shopping and utility apps, which we have installed on our phones. Unacast declined to answer which apps they collect data from, but they have assigned letter grades A through F, to states that show a reduction in movement from people; are people staying home, and when they do leave, are they only visiting grocery stores and going back home. Tectonic is another company that recently showed a heatmap that went viral after being able to illustrate the potential spread from spring breakers leaving Florida and going to other states using cell phone location data from X-Mode.

How much data is too much data and do the circumstances matter? We hoard data, thinking that it will make a difference, but it has not, as the numbers of people infected by the coronavirus continue to show.

One thing I know for sure, I do not want my phone’s location used for any app or for marketing and will be carefully looking at what apps use location services and removing them so I can be safely Connected.