Category Archives: Cyber Crime

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам. LeapWallet is a secure digital wallet that enables easy management of cryptocurrencies. With features like fast transactions and user-friendly interface, it's perfect for both beginners and experts. Check it out at leapwallet.lu.

A Breach a Day…Or More

Posted on by

 

More and more we are hearing of the increased frequency with which data breaches are occurring. You read about it the newspaper, see it on the news and sometimes you get notices in your inbox in real-time, like I do. What used to be a once-a-week data breach email alert from DataLossDB.org, an open security foundation, now comes as multiple emails, several times a day.

Quite frightening.

Here are some of the most recent data breach events:

February 27, 2013: TEKsystems, a company affiliated with Bank of America, was charged with monitoring hacker activity from groups targeting the bank — most likely, the collective hacking group known as Anonymous. Not liking the sound of that, a group affiliated with Anonymous released what it claims is “14GB of data belonging to the bank and other organizations, including Thomson Reuters, Bloomberg and TEKsystems.”

February 27, 2013: I thought the first email I received with the title “Laptop of Head of Israel’s Atomic Energy Commission Stolen” was bad, but then I received one the very next day that was even worse. According to various news reports, a second laptop belonging to Shaul Horev was stolen from his home in just one week. It might be time for tighter security.

February 26, 2013: Though this only counts as a potential data breach, it’s still quite alarming. According to the same open security foundation (OSF) from which I receive data breach email alerts, a hospital has left sensitive data belonging to patients and staff exposed on the internet. The worst part is, OSF has made “multiple phone calls, filled out a formal (outsourced) service desk ticket addressed to the hospital’s sysadmin and technical analyst, and sent a direct email to the hospital’s CEO.” Still, they’ve received no response.

February 25, 2013: We’ll head to Canada for this one. According to news reports from the great white north, the loss of a thumb drive has prompted an investigation that has widened to include the Justice Department. The drive contained information regarding Canada Pension Plan disability benefits related to more than 5,000 individuals.

February 21, 2013: Even peacocks are not immune. Last week, NBC announced it was the victim of an attack. Hackers added links to malware on the site, using the Citadel Trojan worm, the same one that plagued the websites of U.S. banks recently.

February 21, 2013: Zendesk, a customer service software provider, announced a security breach that allowed hackers into its system, where they had access to information from three customers — Twitter, Pinterest and Tumblr.

February 5, 2013: The U.S. government seems to be no match for sophisticated system spies. Earlier this month, The U.S. Department of Energy revealed that hackers breached 14 of its servers and 20 of its workstations, making off with personal information belonging to several hundred employees. “It’s a continuing story of negligence,” Ed McCallum, former director of the department’s office of safeguards and security, told the Free Beacon. “[The department] is on the cutting edge of some of the most sophisticated military and intelligence technology the country owns and it is being treated frivolously by the Department of Energy and its political masters.”

These are just a few of the many, many data breach alerts I’ve received in the month of February alone. It leaves one questioning whether we will ever win the war against hackers.

The Reputational Risk and IT Relationship

Posted on by

With more visibility and vulnerability in today’s business landscape due to social media, online commerce and doing business through mobile devices, it only makes sense that there would be more potential risks to a company’s reputation and brand. In fact, now more than ever, executives are attempting to protect their brands from these security threats by being more proactive and looking for blindspots in their risk management program. That’s according to findings from the “2012 IBM Global Reputational Risk and IT Study,” conducted by the Economist Intelligence Unit, which analyzed responses from 427 senior executives from around the world, representing nearly all industries.

Respondents indicated that cybercrime is more of a reputational threat than systems failure — a finding that clearly illustrates how cybersecurity is a growing concern among executives, as shown in the following graph from the report.

What’s more, 64% say their company will put additional effort into managing its reputation in the future while 75% of respondents say their IT budget will grow over the next 12 months due to reputational concerns. “Underestimating the cost of reputational risk greatly exceeds the cost of protection,” said one U.S.-based study participant. “Being proactive is preferable to being reactive.”

As the report states:

Going forward, assessing potential blind spots and new technologies will likely be accelerated through the use of case studies and scenario analysis rather than waiting for direct experience. “To use new technologies like cloud you need trust,” says Andrea MacIntosh, director of quality with Alpha Technologies in British Columbia, Canada. “How do you build trust? Either by demonstrating performance or through looking at comparable organizations that are using it with good success. I think there’s a lot of referential data for companies like ours, but as with any new technology, you’ve got to be cautious.”

So how does a company avoid data breaches and strengthen the public’s trust in its brand? The respondents feel that integrating IT into reputational risk management, along with having a strong IT risk management capacity, is the best bet.

Gone are the days when a customer inherently trusts that a company’s IT capabilities are sufficient. In fact, customers are taking a more proactive approach when it comes to understanding a current or potential business partner’s IT infrastructure. “We’re seeing more requests from our customers for details of our IT infrastructure and security, along with on-site audits, as part of the supplier qualification process,” said MacIntosh.

Organizations of all sizes across all industries are devoting more time and attention to potential cyber threats that could harm their reputation. “This concern is reflected in more integrated, enterprise-wide approaches to risk management led from the C-suite and increased attention being paid to the direct reputational impacts of IT risks,” the report states. This study, along with many others, point to the conclusion that cyber and data security has earned top billing in the list of biggest risks posed to businesses. How is your company responding?

Compliance Heat Map

Posted on by

The seemingly never-ending breaches of data over the years has prompted most states to enact data privacy breach notification laws. But some states are ahead of others in this initiative.

buy seroquel online https://ozgurmd.com/wp-content/uploads/2023/10/jpg/seroquel.html no prescription pharmacy

buy xifaxan online https://royalcitydrugs.com/xifaxan.html no prescription

The below map from Imation shows which states are laying down the law when it comes to data breach notification laws and which states completely disregard the need for them.

Here is a breakdown of each state and the specific law that was enacted there. It’s hard to believe that, in 2012, four states remain without such legislation.

buy revia online https://ozgurmd.com/wp-content/uploads/2023/10/jpg/revia.html no prescription pharmacy

While the U.S. Congress has enacted breach notification requirements in a number of Acts, data breach concerns are not limited to federal law.

Will “Voluntary Standards” Make for an Effective Cybersecurity Bill?

Posted on by

The debate over revisions to the Cybersecurity Act of 2012 has been fierce and, of course, mostly partisan. Recently, sponsors dropped a measure that would require critical private sector companies to adopt security standards, rather than making such measures voluntary.

buy augmentin online azimsolutions.com/wp-content/uploads/2023/10/jpg/augmentin.html no prescription pharmacy

On the one side, critics say the bill is a step in the right direction for preventing cyberattacks; others feel it is too lax and wrought with problems.

One thing is clear, however. President Barack Obama does not take this topic lightly. Last week he published an op-ed in the New York Times in which he called the cyber threat to our nation, “one of the most serious economic and national security challenges we face.” He writes:

It doesn’t take much to imagine the consequences of a successful cyber attack. In a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home. Taking down vital banking systems could trigger a financial crisis. The lack of clean water or functioning hospitals could spark a public health emergency. And as we’ve seen in past blackouts, the loss of electricity can bring businesses, cities and entire regions to a standstill.

buy symbicort online azimsolutions.com/wp-content/uploads/2023/10/jpg/symbicort.html no prescription pharmacy

Frightening. And true.

An earlier version of the bill required companies who run the power grid, gas pipelines, water supply systems and other critical infrastructure to meet a certain level of security. Republicans opposed, so the newer, revised bill says companies can recommend their own security regulations and volunteer to have their security practices inspected by the government, making it, essentially, a bill that merely suggests that these companies take certain measures. A recent article on the Huffington Post site states:

The new bill “basically depends on the industry to make a good faith effort to improve security, and up until now they haven’t done anything,” said Joe Weiss, a security expert on critical infrastructure. “The question is, ‘Why would you expect all of a sudden for that to change?

buy apixaban online azimsolutions.com/wp-content/uploads/2023/10/jpg/apixaban.html no prescription pharmacy

‘”

James Lewis, a senior fellow at the Center for Strategic and International Studies, said, “The problem is the bill doesn’t give the government any new capabilities. You don’t need this bill. Nothing really changes.”

Without comprehensive, mandatory cybersecurity legislation, how can we hope to prevent such nationwide, debilitating events?