Cloud Computing, Cyber Security, cyber security legislation, IT Security, Security, Technology

Hackers Use Old Lure on Web to Help Syrian Government

To the young Syrian rebel fighter, the Skype message in early December 2013 appeared to come from a woman in Lebanon, named Iman Almasri, interested in his cause. Her picture, in a small icon alongside her name, showed a fair-skinned 20-something in a black head covering, wearing sunglasses.

They chatted online for nearly two hours, seemingly united in their opposition to the rule of Bashar al-Assad, the Syrian leader still in power after a civil war that has taken more than 200,000 lives. Eventually saying she worked “in a programing company in Beirut,” the woman asked the fighter whether he was talking from his computer or his smartphone. He sent her a photo of himself and asked for another of her in return. She sent one immediately, apologizing that it was a few years old.

“Angel like,” he responded. “You drive me crazy.”

What the fighter did not know was that buried in the code of the second photo was a particularly potent piece of malware that copied files from his computer, including tactical battle plans and troves of information about him, his friends and fellow fighters. The woman was not a friendly chat partner, but a pro-Assad hacker — the photos all appear to have been plucked from the web.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Business, Cloud Computing, Cyber Security, cyber security legislation, Defense, Finance, IT Security, Security, Technology

The Sony Hack Wrecked A LOT Of Equipment

The November hack of Sony “resulted in the destruction of about three-quarters of the computers and servers at the studio’s main operations,” David Sanger and Michael Schmidt reported this weekend in the New York Times.

American officials had previously concluded that North Korea was “centrally involved,” and intelligence officials told the Times that the US intelligence community “concluded that the cyberattack was both state-sponsored and far more destructive than any seen before on American soil.”
Read more: 

Standard
Business, Cloud Computing, cyber security legislation, Cybersecurity, Defense, Finance, IT Security, Security, Technology

North Korea Has A Dedicated Military Team To Keep The Interview Out Of The Country

North Korea has set up a dedicated military team given the task of keeping The Interview away from the eyes of its citizens.

Pyongyang has been widely blamed for a crippling cyber attack on Sony Pictures in an effort to halt the release of the film, a slapstick comedy starring James Franco and Seth Rogan that portrays the killing of Kim Jong-un, the North Korean leader.

Under pressure, Sony reversed an earlier decision to cancel the film and its notoriety immediately raked in $15 million in the first four days after it was made available online. More than 330 cinemas across the US also showed the film, earning Sony an additional $2.8 million in the same time frame.
Read more

Standard
Business, Cyber Security, cyber security legislation, Cybersecurity, Defense, Finance, IT Security, Security, Technology

Companies Are Freaked Out About Cybersecurity And Plan To Spend A Lot More On It This Year Read more

Reports of security breaches reached new heights in 2014, following the iCloud and Sony hacks. Many consider the Sony hack to be the worst cyberattack in US corporate history.

And it looks as if these attacks are having a direct impact on the amount companies are spending on computer security.

According to a survey by Piper Jaffray, security was ranked as the top spending priority for CIOs this year, with a whopping 75% of the respondents saying they would increase spending in 2015.

Read More

Standard
Cloud Computing, cyber security legislation, Security, Technology

The Sony Hack Question: If Not North Korea, Then Who?

Was the attack the work of a disgruntled ex-employee at Sony? Or were the attackers actually from a completely different country? Another plausible explanation is much more economic: attackers demanded a ransom; Sony refused to pay and suffered the consequences. This attack was most likely a “sophisticated ransom threat made for monetary gain,” Jeff Schilling, the CSO of Firehost and a retired U.S. Army colonel, told SecurityWeek.

Ransom attacks, where attackers unleash denial of service attacks or similar threats if the victim doesn’t pay, are on the rise, Schilling said. Ransomware, malware capable of locking up computers and destroying the data if the victim does not pay, is also gaining popularity. When considered against the case of Sony, the ransom was likely significant since the potential damage—to the network and the brand—would be in the “millions of dollars, if not billions,” he said. When Sony refused to pay—because they didn’t believe the threat or underestimated the extent of the damage—the attackers dumped the documents.

The leaked document and the resulting fallout also has a ripple effect that goes beyond Sony, warned Schilling. The next time a major corporation receives a ransom threat, it is more likely to comply with the demand in order to avoid Sony’s fate.

Read More

Standard
Business, Cloud Computing, Cyber Security, cyber security legislation, Defense, E commerce, Finance, IT Security, Security, Technology

Columbia looking into ways to increase cyber-security

Columbia is looking to bolster its cyber-security after a Christmas Eve attack shut down its website for nearly three days.

The Columbia Daily Tribune reports that the city website, gocolumbiamo.com, experienced a distributed denial of service attack beginning around 11 p.m. Dec. 24. The website was flooded with requests from multiple computers, and remained offline until around noon Dec. 27.

Read More

Standard
Business, Cloud Computing, Cyber Security, cyber security legislation, Cybersecurity, Defense, Finance, IT Security, Security, Technology

Cyber Security Professionals Predict Their Biggest Concerns For 2015

With 2014 in the rear view mirror, it is fun to look forward to the year ahead and see if we can predict what may happen over the next twelve months. At the same time, predictions can prove to be very useful for businesses that are planning budgets and spending. So every December, cyber security experts begin to make their predictions on the future of information and network security.

“While no one can totally reliably predict the future, there are often good indications in what we see that provide likely directions for the coming year,” said Geoff Webb, senior director, security strategy with NetIQ. “For example, it was pretty clear at the end of last year, after the details of the Target TGT -1.79% breach become public, that it wasn’t going to be a one-off incident.  Rather, it was the opening salvo in what has proven to be a year-long attack on the retail industry.”

Read More

Standard
Business, Cloud Computing, Cyber Security, cyber security legislation, Cybersecurity, Defense, IT Security, Security, Technology

Sony hack shadow looms over new Congress – ICYMI: U.S. slaps sanctions on North Korea – This week: FBI hosts cyber conference

SONY HACK SHADOW LOOMS OVER NEW CONGRESS – Continuing fallout from the devastating hack of Sony Pictures Entertainment could be just the kickstart cyber legislation needs this Congress, as lawmakers return to Washington today and tomorrow for the 114th. Insiders say the attack makes an appealing issue for new faces to jump into cybersecurity on, and it could change the conversation on the Hill about what needs to be done.

Already two incoming chairmen have moved to create new panels on their committees to deal with cyber issues, and the chorus of lawmakers discussing the hack has expanded from the usual cyber-savvy suspects. With plenty of retirements and leadership changes from the last Congress, that could help the 114th hit the ground running on cybersecurity. Your emcee’s story: http://politico.pro/1AeTGsx

ICYMI: U.S. SLAPS SANCTIONS ON NORTH KOREA – In one of its patented Friday afternoon news dumps, the White House announced that the president authorized a fresh set of sanctions against North Korea in response to the Sony hack. It’s the first time the U.S. has sanctioned another country in direct response to a cyberattack, said a senior administration official, who also repeatedly told reporters the attack “clearly crossed a threshold” regarding “its destructive and coercive nature.”

Read More

Standard
Business, Cloud Computing, Cyber Security, cyber security legislation, Cybersecurity, Defense, Finance, IT Security, Security, Technology

What Should the 114th Congress Do About Cybersecurity in 2015?

It’s 2015 and the GOP-dominated 114th congress returns to Washington tomorrow.  After years of maintaining a hands-off approach toward cybersecurity, the new Republican-led Congress is poised to jump all over this issue – mostly because of the December data breach at Sony Pictures and the subsequent brouhaha over the release of the now infamous movie, The Interview.

While no one was voting for anything in late December, there were a few consistent cybersecurity themes coming from Congress:

  1. Blame the President.  Senator John McCain (R-AZ) the incoming chair of the Senate Armed Services Committee, blamed the Sony Picture’s data breach on the Obama administration, citing a lack of leadership on national cybersecurity.  Note that this is the same Senator McCain who sided with the Chamber of Commerce in 2012 in blocking the passage of Cybersecurity legislation that had bipartisan support in the Senate Homeland Security and Government Affairs (HSGAC) committee.
  2. Declare a Cyberwar Against North Korea.  Before exiting Washington, retiring Congressman Mike Rogers (R-MI) and others have suggested that the U.S. should declare a cyberwar on North Korea and take out its ability to launch another cyber-attack on the U.S.  I guess no one told the Congressman about North Korea’s minimal attack surface or explained how the IP protocol works to him.    Read More
Standard
Business, Cloud Computing, Cyber Security, cyber security legislation, Cybersecurity, Defense, Finance, Government, IT Security, Security, Technology

Sony hack could be game changer

The high-profile hack at Sony Pictures has injected new urgency into the years-old push for cybersecurity legislation, with a broad spectrum of lawmakers suddenly vowing to take action in the new Congress.

“It’s basically fair game for everything cyber” after the cyberattack on Sony, said Jessica Herrera-Flanigan, a lobbyist at Monument Policy Group, which represents tech giants like Microsoft.

The recent cyber assault caused Sony to briefly pause the release of a multi-million dollar movie, spurred a White House response and escalated tensions between the U.S. and North Korea, which the FBI has blamed for the attack.

It has also transformed what some viewed as a stale debate on Capitol Hill over cybersecurity issues.

Read More

Standard