• Insider Threat Control: Using Predictive and Real-Time Analytics
    FierceBigData (06/22/15) Baker, Pam

    Less than half of organizations have appropriate controls to prevent insider attacks, according to a Crowd Researchers Partners report. The study is based on cooperative analysis by and responses from the more than 260,000 members of the Information Security Community on LinkedIn and leading security vendors. The survey found privileged users pose the greatest insider threat to organizations, followed by contractors and consultants, and then regular employees. Although 62 percent of security professionals say insider threats have become more frequent in the last 12 months, only 34 percent expect additional budget to address the problem. In addition, fewer than 50 percent of organizations have appropriate controls to prevent insider attacks, 62 percent of respondents say insider attacks are far more difficult to detect and prevent than external attacks, and 38 percent estimate remediation costs to reach $500,000 per insider attack. Organizations should map threats into slices in order to organize and concentrate security monitoring to maximum effectiveness. Real-time analytics with machine learning also can detect small changes in insider behavior in regards to access, using, copying, and transferring data.

    Web Link

  • Password Manager LastPass Warns of Breach
    Krebs on Security (06/16/15)

    Users of LastPass, which allows users to centrally manage all of their online passwords, should change their master password after the company disclosed Monday that intruders had broken into its databases. The hackers stole data such as user email addresses and password reminders. LastPass said in an alert on its blog that there was no evidence that its encrypted user vault data was taken, or that user accounts were accessed. “LastPass strengthens the authentication hash with a random salt and 100,000 rounds of server-side PBKDF2-SHA256, in addition to the rounds performed client-side,” the company said. “This additional strengthening makes it difficult to attack the stolen hashes with any significant speed.” Passwords are “hashed” by taking the password and running it against a mathematical algorithm that turns it into a string of gibberish numbers and letters. By adding a unique element, or “salt,” to each user password, database administrators can complicate things for potential attackers who may rely on automated tools to crack user passwords.

    Web Link

  • Union Believes Data Breach Was Worse Than Disclosed
    Wall Street Journal (06/12/15) Paletta, Damian

    The American Federation of Government Employees (AFGE) has criticized the Office of Personnel Management’s (OPM’s) handling of a widespread breach of security data. The union called the event “an abysmal failure” on the part of OPM and argued that it was much worse than previously reported. AFGE alleges that hackers, who are believed by some officials to be based in China, were able to obtain “all personnel data for every federal employee” and millions of former employees, such as Social Security numbers. The union believes that the data were not encrypted. J. David Cox, the union’s national president, said that his figures on the breach were unclear, which he blamed on OPM and the “sketchy information” he received from the agency. Cox believes that OPM’s “Central Personnel Data File” was hacked, although the agency has not officially identified which of its many data networks was involved in the breach. Investigators believe that the hackers had access to the network for at least a year.

    Web Link | Return to Headlines

    New Chinese Security Laws Rattle U.S. and European Businesses
    Washington Post (06/10/15) Denyer, Simon

    American and European businesses are protesting a trio of proposed Chinese security laws that they say would make it much more difficult for them to operate in China. The proposed laws in question are a draft National Security Law, a piece of legislation reviewing national security issues in China’s free trade zones, and a law meant to regulate foreign non-governmental organizations (NGOs). Experts say that the laws reflect growing concern in the Chinese government that foreign forces are working to overthrow the Chinese Communist Party. However, the laws are meeting with a great deal of pushback from the international business community which sees them as overreaching and a potential threat to their ability to do business in China. Joerg Wuttke, president of the European Chamber of Commerce in China, says that the definition of national security in the laws is so broad that it could give the Chinese government very broad and arbitrary authority over foreign businesses. Recently, a group of more than 40 American trade and lobbying groups sent a letter to China’s National People’s Congress saying the NGO law could hamper their operations in China. That law would require foreign NGOs to partner with a government agency “sponsor,” provide detailed descriptions of their work and funding, and puts them under direct government supervision.

    Web Link | Return to Headlines

    Weak Internet Security Leaves U.S. Elections Agency Vulnerable to Hackers, Reports Find
    Wall Street Journal (06/11/15) Mullins, Brody; Ballhaus, Rebecca

    A trio of reports composed late last year say the Federal Election Commission has failed to implement improvements to its Internet security following a successful hack of the agency in 2013, leaving it vulnerable and potentially impairing its ability to carry out some of its primary functions. The hack, linked to China, occurred in October 2013, during the government shutdown. It took the FEC weeks to get its campaign-finance disclosure system back in action. However, the reports show the agency has failed to take adequate action to protect itself both before and after the 2013 hack. “Due to a lack of proper planning, FEC has struggled in prior years to implement corrective actions that address the vulnerabilities to FEC’s information and information systems,” concluded one of the reports from an independent auditor, adding the FEC’s systems “remain at risk.” Among the agency’s deficiencies is the fact that it does not adhere to government-wide standards for data security and lacks a full-time employee overseeing IT security. However, the reports did note the FEC began making significant improvements last year, including partnering with the Department of Homeland Security to assess its network vulnerabilities, and increasing its IT budget by $2.6 million.

    Web Link | Return to Headlines

    Response to Cyber Threats Found Lacking
    CFO (06/15) Heller, Matthew

    Seventy-six percent of risk managers said the loss of confidentiality of information was the biggest cyber risk, followed by 16 percent who cited service interruption and 5 percent who cited government intrusion, according to a recent The Hartford Steam Boiler Inspection and Insurance Company (HSB) survey conducted at the Risk & Insurance Management Society (RIMS) conference in April. About 70 percent of U.S. businesses experienced at least one hacking incident in 2014, and more than 50 percent of risk managers say that their businesses are not doing enough to prevent cyberattacks. Fifty-three percent of risk managers were concerned about the breach of personally identifiable information, 33 percent were concerned about the breach of sensitive corporate information, and 14 percent were concerned about the breach of financial information. Thirty-two percent of risk managers surveyed said they would be interested in intrusion detection/penetration testing, 25 percent would be interested in employee education programs, and 25 percent were interested in encryption. About 36 percent of businesses do not have any level of cyber insurance, while 46 percent said their business had purchased cyber insurance for the first time or increased its coverage levels in the last year.

    Web Link | Return to Headlines

    China’s Hack of U.S. Data Tied to Health-Care Record Thefts
    Bloomberg (06/05/15) Riley, Michael; Walcott, John

    The disclosure by U.S. officials that Chinese hackers stole records of as many as 4 million government workers is now being linked to the thefts of personal information from health-care companies. Forensic evidence indicates that the group of hackers responsible for the U.S. government breach announced Thursday likely carried out attacks on health-insurance providers Anthem Inc. and Premera Blue Cross that were reported earlier this year, said John Hultquist of iSight Partners Inc. The cyber-intelligence company works with federal investigators. The thefts are thought to be part of a broader effort by Chinese hackers to obtain health-care records and other personal information stored on millions of U.S. government employees and contractors from various sources, including insurers, government agencies and federal contractors, said a U.S. intelligence official, speaking on condition of anonymity. The data could be used to target individuals with access to sensitive information who have financial, marital or other problems and might be subject to bribery, blackmail, entrapment and other espionage tools, the official said.

    Web Link

  • Five Simple Steps to Protect Corporate Data
    Wall Street Journal (04/20/15) Yadron, Danny

    A Wall Street Journal survey of security firms, government officials, and ex-hackers uncovered five basic steps organizations can follow to sustain good cyber hygiene and protect corporate data, starting with installing software patches regularly. Other steps include not leaving entry points into networks insecure and keeping only necessary systems online and protected. Data encryption is also recommended, as is the phaseout of passwords and deployment of more secure protective measures; the fifth step is to run thorough security checks on the vendors and third parties the company uses. Following these steps is increasingly important in a time when attacks are at record highs and preparedness is unsatisfactory. Investing time and energy into security is essential, because studies have shown that the number one reason breaches have increased is due to insufficient preparation and understanding. Funding must be provided to the security side of the company, and it must be shown the same attention as other aspects.

    Web Link

« Previous Entries