DOCSLIB.ORG

Cyber Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Cyber Security Cyber security How to keep ahead of the threats……… Warren Dunn, Partner, Forensic Technology (FIDS) There has never been a more exciting time to be…… 2 What’s in a name ►Anonymous ►Computer Chaos Club (CCC) ►Energetic Bear ►Wannacry ►globalHell ►ILOVEYOU ►LulzSec ► Code Red ►Lizard Squad ► Melissa ►Magic Kitten ► Sasser ►Network Crack Program Hacker ► Zeus Group ► Conficker ►Numbered Panda ► Stuxnet ►OurMine ► Mydoom ►Syrian Electronic Army ► CryptoLocker ►The Level Seven Crew ► Flashback ►TeaMp0isoN 3 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation 4 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation 5 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation 6 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation Page 7 Page 8 Page 9 10 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation 11 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation EY’s Global Information Security Survey: It is no longer possible to prevent attacks or breaches ► Cybercrime is growing and damages an organisation and its brands ► The interconnectivity of people, devices and organizations opens up new vulnerabilities. ► New technologies, regulatory pressure and changing business requirements call for more security measures. ► What companies used to know and do to protect their information is no longer enoughenough. ► No longer just “an IT Problem”; Cybersecurity is a genuine business issue that has ramifications for the C-suite, Board, Directors ► The wrong question to ask is “Are we secure”; (because the answer is “No”) ► Mature organisations ask “are we doing enough to protect ourselves from cybercrime?”; how good is good enough? What data do you collect, store or generate that a cybercriminal would be most interested in? When and how would you identify a sophisticated attack – and how would you respond? 12 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation Today’s attackers are not opportunists ::: ► They have significant funding, are patient and sophisticated. 8 yrs ► They target vulnerabilities in people and $1Bn Length of time a hacking ring processes, as well as technology. targeted banks, payment The amount of financial ► processers and chain stores, loss allegedly suffered by a They are constantly inventing new tools and stealing more than 160m credit group of banks in the techniques to get to the information they want. and debit card numbers and money stealing campaign accessing 800k bank accounts known as Carbanak APT ► They are getting better at identifying gaps and (informationisbeautiful.net) (Kaspersky Labs February 2015) unknown vulnerabilities. Page 13 How confident are you that your organisation is not currently compromisedcompromised?? How do you know? Page 14 Industry vulnerability ►Your key concerns include…. ►Financial sustainability and stability ►Threats to your infrastructure ►Government at all levels are perceived “easy” targets for hackers ►State and local governments are especially vulnerable ►Valuable community/citizen data ►Aging infrastructure ►Constrained budgets ►Under-investment in IT consolidation and security initiatives ►War on talent - hard to attract necessary security skills 15 16 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation Costs of a data breach These can be significant $2.64 Million Average total cost of data breach for an Australian company in 2016 A slight drop from 2015 ($2.82 million). Research indicates data breaches are a “permanent cost” organisations need to be prepared to deal with $142 (US$355) Average cost per lost or stolen record $62 are direct costs incurred to resolve the data breach. Larger part, $80, is indirect costs including extrapolated value of customer loss. 17 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation How are the attacks carried out? Social engineering is the art of manipulating people so they give up confidential information. The types of information these criminals are seeking can vary, but when individuals are targeted the criminals are usually trying to trick you into giving them your passwords or bank information, or access your computer to secretly install malicious software – that will give them access to your passwords and bank information as well as giving them control over your computer. 18 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation 19 Do you have a complete view of what constitutes your ‘high value’ assetsassets,, where these are and how well they are protected Page 20 given the risks you face? What should you be asking? What is our risk appetite for How will we How will we technology and cyber risk? respond to a know when we cyber incident? are attacked? What threats What is our current state of maturity How do we give access are our peers for information security controls? to our data? seeing? Do our people know their role Are we proactively looking for Who is in cyber risk attacks on our organisation? accountable for mitigation? cyber? 21 Copyright © 2017 Ernst & Young Australia. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation An effective approach to manage cyber risk This sounds like a simple process, but given the complexities of the systems, data and vendor landscape and the increasing threats and risks, it can be difficult to practically achieve. Page 22 Limit the damage when cyber incidents occur Poor handling of cyber incidents (internally and externally) have led to harsh impacts on many companies. ► A centralised, enterprise-wide cyber breach responseresponse plan is vital ► Be confident that everyone knows exactly what to do if an attack takes place ► Be ready to set in motion the appropriate handling mechanisms for a breach ► Forensic handing of data and systems ► Consider stakeholders, customers, employees, PR, regulators, etc. ► Being in a state of readiness requires that the organisation will have already rehearsed many different attack scenarios ► Introduce board-level cybersecurity simulations and war gaming ► Regularly undertake cybercrime diagnostic assessments/reviews Page 23 The basics….. 1. Ensure vulnerability and patch management policies and procedures are up to date 2. Incident response and business continuity plan that is tested 3. Security awareness training program in place 4. Regular, tested backups are in place 5. Seek assurance from third parties who connect to your network 6. Implement endpoint monitoring 7. Identify critical systems and data and confirm these are connected to the Internet only when necessary 8. Test the security program with frequent penetration tests Page 24 Page 25 “It is going to be a continual and likely never-ending battle to stay ahead of [cybercrime] - and, unfortunately, not every battle will be won .” Jamie Dimon, after JP Morgan 26 Chase’s breach EYEYEY | Assurance | Tax | Transactions | Advisory About EY EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities. EY refers to the global organisation, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organisation, please visit ey.com. © 2017 Ernst & Young, Australia. All Rights Reserved. This material has been prepared for general informational purposes only and is not intended to be relied upon as accounting, tax, or other professional advice. Please refer to your advisors for specific advice. ey.com.
Load more

Recommended publications
  • Ransom Where?
    Ransom where? Holding data hostage with ransomware May 2019 Author With the evolution of digitization and increased interconnectivity, the cyberthreat landscape has transformed from merely a security and privacy concern to a danger much more insidious by nature — ransomware. Ransomware is a type of malware that is designed to encrypt, Imani Barnes Analyst 646.572.3930 destroy or shut down networks in exchange [email protected] for a paid ransom. Through the deployment of ransomware, cybercriminals are no longer just seeking to steal credit card information and other sensitive personally identifiable information (PII). Instead, they have upped their games to manipulate organizations into paying large sums of money in exchange for the safe release of their data and control of their systems. While there are some business sectors in which the presence of this cyberexposure is overt, cybercriminals are broadening their scopes of potential victims to include targets of opportunity1 across a multitude of industries. This paper will provide insight into how ransomware evolved as a cyberextortion instrument, identify notorious strains and explain how companies can protect themselves. 1 WIRED. “Meet LockerGoga, the Ransomware Crippling Industrial Firms” March 25, 2019; https://www.wired.com/story/lockergoga-ransomware-crippling-industrial-firms/. 2 Ransom where? | May 2019 A brief history of ransomware The first signs of ransomware appeared in 1989 in the healthcare industry. An attacker used infected floppy disks to encrypt computer files, claiming that the user was in “breach of a licensing agreement,”2 and demanded $189 for a decryption key. While the attempt to extort was unsuccessful, this attack became commonly known as PC Cyborg and set the archetype in motion for future attacks.
    [Show full text]
  • Country of Origin Information Report Syria June 2021
    Country of origin information report Syria June 2021 Page 1 of 102 Country of origin information report Syria | June 2021 Publication details City The Hague Assembled by Country of Origin Information Reports Section (DAF/AB) Disclaimer: The Dutch version of this report is leading. The Ministry of Foreign Affairs of the Netherlands cannot be held accountable for misinterpretations based on the English version of the report. Page 2 of 102 Country of origin information report Syria | June 2021 Table of contents Publication details ............................................................................................2 Table of contents ..........................................................................................3 Introduction ....................................................................................................5 1 Political and security situation .................................................................... 6 1.1 Political and administrative developments ...........................................................6 1.1.1 Government-held areas ....................................................................................6 1.1.2 Areas not under government control. ............................................................... 11 1.1.3 COVID-19 ..................................................................................................... 13 1.2 Armed groups ............................................................................................... 13 1.2.1 Government forces .......................................................................................
    [Show full text]
  • Officials Say Flynn Discussed Sanctions
    Officials say Flynn discussed sanctions The Washington Post February 10, 2017 Friday, Met 2 Edition Copyright 2017 The Washington Post All Rights Reserved Distribution: Every Zone Section: A-SECTION; Pg. A08 Length: 1971 words Byline: Greg Miller;Adam Entous;Ellen Nakashima Body Talks with Russia envoy said to have occurred before Trump took office National security adviser Michael Flynn privately discussed U.S. sanctions against Russia with that country's ambassador to the United States during the month before President Trump took office, contrary to public assertions by Trump officials, current and former U.S. officials said. Flynn's communications with Russian Ambassador Sergey Kislyak were interpreted by some senior U.S. officials as an inappropriate and potentially illegal signal to the Kremlin that it could expect a reprieve from sanctions that were being imposed by the Obama administration in late December to punish Russia for its alleged interference in the 2016 election. Flynn on Wednesday denied that he had discussed sanctions with Kislyak. Asked in an interview whether he had ever done so, he twice said, "No." On Thursday, Flynn, through his spokesman, backed away from the denial. The spokesman said Flynn "indicated that while he had no recollection of discussing sanctions, he couldn't be certain that the topic never came up." Officials said this week that the FBI is continuing to examine Flynn's communications with Kislyak. Several officials emphasized that while sanctions were discussed, they did not see evidence that Flynn had an intent to convey an explicit promise to take action after the inauguration. Flynn's contacts with the ambassador attracted attention within the Obama administration because of the timing.
    [Show full text]
  • Crypto Ransomware Analysis and Detection Using
    CRYPTO RANSOMWARE ANALYSIS AND DETECTION USING PROCESS MONITOR by ASHWINI BALKRUSHNA KARDILE Presented to the Faculty of the Graduate School of The University of Texas at Arlington in Partial Fulfillment of the Requirements for the Degree of MASTER OF SCIENCE IN COMPUTER SCIENCE THE UNIVERSITY OF TEXAS AT ARLINGTON December 2017 Copyright © by Ashwini Balkrushna Kardile 2017 All Rights Reserved ii Acknowledgements I would like to thank Dr. Ming for his timely guidance and motivation. His insights for this research were valuable. I would also like to thank my committee members Dr. David Levine and Dr. David Kung for taking out time from their schedule and attending my dissertation. I am grateful to John Podolanko; it would not have been possible without his help and support. Thank you, John, for helping me and foster my confidence. I would like to thank my colleagues for supporting me directly or indirectly. Last but not the least; I would like to thank my parents, my family and my friends for encouraging me and supporting me throughout my research. November 16, 2017 iii Abstract CRYPTO RANSOMWARE ANALYSIS AND DETECTION USING PROCESS MONITOR Ashwini Balkrushna Kardile, MS The University of Texas at Arlington, 2017 Supervising Professor: Jiang Ming Ransomware is a faster growing threat that encrypts user’s files and locks the computer and holds the key required to decrypt the files for ransom. Over the past few years, the impact of ransomware has increased exponentially. There have been several reported high profile ransomware attacks, such as CryptoLocker, CryptoWall, WannaCry, Petya and Bad Rabbit which have collectively cost individuals and companies well over a billion dollars according to FBI.
    [Show full text]
  • Sample Iis Publication Page
    https://doi.org/10.48009/1_iis_2012_133-143 Issues in Information Systems Volume 13, Issue 1, pp. 133-143, 2012 HACKERS GONE WILD: THE 2011 SPRING BREAK OF LULZSEC Stan Pendergrass, Robert Morris University, [email protected] ABSTRACT Computer hackers, like the group known as Anonymous, have made themselves more and more relevant to our modern life. As we create and expand more and more data within our interconnected electronic universe, the threat that they bring to its fragile structure grows as well. However Anonymous is not the only group of hackers/activists or hacktivists that have made their presence known. LulzSec was a group that wreaked havoc with information systems in 2011. This will be a case study examination of their activities so that a better understanding of five aspects can be obtained: the Timeline of activities, the Targets of attack, the Tactics the group used, the makeup of the Team and a category which will be referred to as The Twist for reasons which will be made clear at the end of the paper. Keywords: LulzSec, Hackers, Security, AntiSec, Anonymous, Sabu INTRODUCTION Information systems lie at the heart of our modern existence. We deal with them when we work, when we play and when we relax; texting, checking email, posting on Facebook, Tweeting, gaming, conducting e-commerce and e- banking have become so commonplace as to be nearly invisible in modern life. Yet, within each of these electronic interactions lies the danger that the perceived line of security and privacy might be breached and our most important information and secrets might be revealed and exploited.
    [Show full text]
  • Bank & Lender Liability
    Westlaw Journal BANK & LENDER LIABILITY Litigation News and Analysis • Legislation • Regulation • Expert Commentary VOLUME 17, ISSUE 6 / AUGUST 1, 2011 Expert Analysis Once More Into the Breach: Are We Learning Anything? By Cynthia Larose, Esq. Mintz Levin Cohn Ferris Glovsky & Popeo I’m a guy who doesn’t see anything good having come from the Internet. … [The Internet] created this notion that anyone can have whatever they want at any given time. It’s as if the stores on Madison Avenue were open 24 hours a day. They feel entitled. They say, “Give it to me now,” and if you don’t give it to them for free, they’ll steal it. –Sony Pictures Entertainment CEO Michael Lynton, May 14, 20091 How ironic. This comment two years ago by Lynton created a minor firestorm and drove him to post a lengthy rebuttal on The Huffington Post,2 but at the time, Lynton was referring to content piracy, not data breaches. Given the events since Sony’s massive data breaches in April3 (and subsequent breaches in May and June), he might as well as have been referring to user informa- tion held by Sony and its various properties. As a matter of fact, the Sony Pictures hackers said, “Sony stored over 1 million passwords of its customers in plain text, which means it’s just a matter of taking it.”4 Since the April PlayStation Network breach that exposed more than 100 million user accounts, Sony has been hacked more than 10 times. Sony Europe,5 Sony BMG Greece,6 Sony Thailand,7 Sony Music Japan8 and Sony Ericsson Canada9 all suffered some intrusion and compromise of user information.
    [Show full text]
  • Analysis of the Teslacrypt Family and How to Protect Against Future
    Sophia Wang COMP 116 Final Project Analysis of the TeslaCrypt Family and How to Protect Against Future Ransomware/Cyber Attacks Abstract Ransomware accounts for a large majority of the malicious attacks in the cyber security world, with a company hit with a ransomware attack once every 40 seconds. There was a 300% increase in ransomware attacks from 2015 to 2016 — and it’s only going up from there. One family of Trojan-style ransomware technology that introduced itself in early 2015 is TeslaCrypt. TeslaCrypt affected Windows users from the US, Germany, Spain, Italy, France, and the United Kingdom, targeting mostly gamers. This form of ransomware would encrypt the victim’s files using a highly complicated encryption key and demand $250 to $1,000 for ransom. The creators of TeslaCrypt eventually released the master decryption key in May of 2016, so in the end the victims were able to recover their files and systems. This paper will explore the process by which the TeslaCrypt ransomware infected a system, the steps that were taken to ameliorate this issue, and what steps should be taken to avoid an incident like this in the future. Introduction Ransomware is a special form of malware that can infect a system through either encrypting and denying users access to their files, or restricting access and locking users out of their systems. Once the ransomware has the target’s files and/or system on lock, it demands a ransom be paid, usually through some form of cryptocurrency. In February of 2015, a new family of file-encrypting Trojan-style ransomware technology was introduced — TeslaCrypt.
    [Show full text]
  • Newmind-Ransomware-Ebook.Pdf
    Contents What Is Ransomware? ............................................................................................................................. 3 Who Is It Affecting? ................................................................................................................................. 4 Common Forms Of Ransomware .......................................................................................................... 5 Protect Yourself With These Tips: ........................................................................................................ 9 How To Handle An Infection: ................................................................................................................ 11 Your Next Step ........................................................................................................................................ 12 There’s a malware threat online, maybe lurking in your inbox or spam folder, called Ransomware. It’s been around for a while, but recent months have seen it gaining traction, under different names you may have heard, such as Cryptolocker, Cryptowall, and TeslaCrypt. What is Ransomware? One of the ways that Ransomware makes its way to end users is through a well-crafted email with an attachment. The attachment is malicious and when you click to download it, the ransomware encrypts (locks) certain types of files (.docx, .pdf, .jpg, etc) stored on local and mounted network drives, such as a server shared drive at the office. It then displays a message which offers to decrypt
    [Show full text]
  • A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX
    In Collaboration With A PRACTICAL METHOD OF IDENTIFYING CYBERATTACKS February 2018 INDEX TOPICS EXECUTIVE SUMMARY 4 OVERVIEW 5 THE RESPONSES TO A GROWING THREAT 7 DIFFERENT TYPES OF PERPETRATORS 10 THE SCOURGE OF CYBERCRIME 11 THE EVOLUTION OF CYBERWARFARE 12 CYBERACTIVISM: ACTIVE AS EVER 13 THE ATTRIBUTION PROBLEM 14 TRACKING THE ORIGINS OF CYBERATTACKS 17 CONCLUSION 20 APPENDIX: TIMELINE OF CYBERSECURITY 21 INCIDENTS 2 A Practical Method of Identifying Cyberattacks EXECUTIVE OVERVIEW SUMMARY The frequency and scope of cyberattacks Cyberattacks carried out by a range of entities are continue to grow, and yet despite the seriousness a growing threat to the security of governments of the problem, it remains extremely difficult to and their citizens. There are three main sources differentiate between the various sources of an of attacks; activists, criminals and governments, attack. This paper aims to shed light on the main and - based on the evidence - it is sometimes types of cyberattacks and provides examples hard to differentiate them. Indeed, they may of each. In particular, a high level framework sometimes work together when their interests for investigation is presented, aimed at helping are aligned. The increasing frequency and severity analysts in gaining a better understanding of the of the attacks makes it more important than ever origins of threats, the motive of the attacker, the to understand the source. Knowing who planned technical origin of the attack, the information an attack might make it easier to capture the contained in the coding of the malware and culprits or frame an appropriate response. the attacker’s modus operandi.
    [Show full text]
  • Forces Shaping the Cyber Threat Landscape for Financial Institutions
    SWIFT INSTITUTE SWIFT INSTITUTE WORKING PAPER NO. 2016-004 FORCES SHAPING THE CYBER THREAT LANDSCAPE FOR FINANCIAL INSTITUTIONS WILLIAM A. CARTER PUBLICATION DATE: OCTOBER 2, 2017 The views and opinions expressed in this paper are those of the authors. SWIFT and the SWIFT Institute have not made any editorial review of this paper, therefore the views and opinions do not necessarily reflect those of either SWIFT or the SWIFT Institute. 1 Contents I. Executive Summary II. Introduction III. Consumer fraud: New defenses and mobile banking are transforming the landscape a) New defenses are transforming consumer fraud and carding b) As consumer bank fraud becomes harder, business customers are being targeted c) Mobile malware is the new frontier of consumer bank fraud d) ICT4C: Financial inclusion is creating new threats in the developing world IV. Targeted Attacks on Bank Networks: What is changing? a) Attackers are becoming more sophisticated, persistent b) Law enforcement still struggling to keep up c) Banks in Asia are top targets d) Vectors of compromise – new twists on old themes. e) Attacks are changing V. Conclusion: More Threats, More Complexity, More Sophistication 2 I. Executive Summary Financial institutions have long been the leading targets for cybercrime, but the tools and tactics used are changing. New technologies are increasingly incorporated into financial networks and the broader internet, transforming the attack surface that adversaries can exploit. The incentives for attackers are also shifting, forcing banks to face more numerous and sophisticated adversaries. And as cyber awareness grows in the financial sector and firms continue to invest billions in new defenses, attackers are changing their approaches to stay one step ahead.
    [Show full text]
  • Reporting, and General Mentions Seem to Be in Decline
    CYBER THREAT ANALYSIS Return to Normalcy: False Flags and the Decline of International Hacktivism By Insikt Group® CTA-2019-0821 CYBER THREAT ANALYSIS Groups with the trappings of hacktivism have recently dumped Russian and Iranian state security organization records online, although neither have proclaimed themselves to be hacktivists. In addition, hacktivism has taken a back seat in news reporting, and general mentions seem to be in decline. Insikt Group utilized the Recorded FutureⓇ Platform and reports of historical hacktivism events to analyze the shifting targets and players in the hacktivism space. The target audience of this research includes security practitioners whose enterprises may be targets for hacktivism. Executive Summary Hacktivism often brings to mind a loose collective of individuals globally that band together to achieve a common goal. However, Insikt Group research demonstrates that this is a misleading assumption; the hacktivist landscape has consistently included actors reacting to regional events, and has also involved states operating under the guise of hacktivism to achieve geopolitical goals. In the last 10 years, the number of large-scale, international hacking operations most commonly associated with hacktivism has risen astronomically, only to fall off just as dramatically after 2015 and 2016. This constitutes a return to normalcy, in which hacktivist groups are usually small sets of regional actors targeting specific organizations to protest regional events, or nation-state groups operating under the guise of hacktivism. Attack vectors used by hacktivist groups have remained largely consistent from 2010 to 2019, and tooling has assisted actors to conduct larger-scale attacks. However, company defenses have also become significantly better in the last decade, which has likely contributed to the decline in successful hacktivist operations.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]