Cloud Computing, Cybersecurity, IT Security, Security, Technology

N.S.A. Breached North Korean Networks Before Sony Attack, Officials Say

According to The New York Times, the trail that led American officials to blame North Koreafor the destructive cyberattack on Sony Pictures Entertainment in November winds back to 2010, when the National Security Agencyscrambled to break into the computer systems of a country considered one of the most impenetrable targets on earth.

Spurred by growing concern about North Korea’s maturing capabilities, the American spy agency drilled into the Chinese networks that connect North Korea to the outside world, picked through connections in Malaysia favored by North Korean hackers and penetrated directly into the North with the help of South Korea and other American allies, according to former United States and foreign officials, computer experts later briefed on the operations and a newly disclosed N.S.A. document.

A classified security agency program expanded into an ambitious effort, officials said, to place malware that could track the internal workings of many of the computers and networks used by the North’s hackers, a force that South Korea’s military recently said numbers roughly 6,000 people. Most are commanded by the country’s main intelligence service, called the Reconnaissance General Bureau, and Bureau 121, its secretive hacking unit, with a large outpost in China.

Read More

Advertisements
Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Data Breach, Defense, E commerce, Finance, IT Security, Security, Technology

Agencies fall short of White House targets for cybersecurity

The White House continues to see an upward trend in new cybersecurity practices governmentwide, but the Obama administration is finding that not all agencies are living up to the cyber standards it set forth in last year’s cross-agency priority goals.

Published with the 2015 budget, the cross-agency priority (CAP) goals focus on longstanding and critical issues affecting agencies across the federal government. Cybersecurity — one of the first mentioned of the White House’s 15 CAP goals — is a mission-based goal to “[i]mprove awareness of security practices, vulnerabilities, and threats to the operating environment, by limiting access to only authorized users and implementing technologies and processes that reduce the risk from malicious activity,” according to a goal statement. It says the president views cybersecurity as “one of the most serious national security, public safety, and economic challenges we face as a nation.”

Read More

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Data Breach, Defense, Finance, IT Security, Security, Technology

North Korea is doubling its skilled cyber security staffers

NORTH KOREA IS REPORTEDLYdoubling the number of its highly skilled cyber soldiers while still denying claims that it ever maliciously hacked anyone.

In case you missed it, North Korea has been accused of hacking like a dry cough. The country has had more fingers pointed at it than a button, and has got rather comfortable with denyingaccusations that it has done things like tear apart Sony Pictures Entertainment.

Now it is accused of doubling its cyber warfare posse, called Bureau 121, which the last time anyone checked was made up of some 3,000 skilled staffers.

Today, according to reports, including this one on Reuters, that number is 6,000 if South Korea is to be believed.

A white paper from the South Korean Defence Ministry said that the enlarged unit will be used to bring mischief on the South, and possibly other countries and their utilities.

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Data Breach, Defense, Finance, Government, IT Security, Security, Technology

SONY HACK SIGNALS ‘NEW NORMAL’ IN CYBERSECURITY

The Sony hack copied a multinational company’s financial documents, its employees’ personally identifiable information and years’ worth ofembarrassing – and poorly written, it must be said – emails from high-level executives and released them all for the world to see.

But for many cybersecurity observers, the real eye opener was how the hack illustrates today’s cyber landscape: It’s likely to get worse before it gets better.

A growing collection of high-level computer security experts believe evidence points to aninsider-orchestrated attack, while the U.S. government quickly blamed and sanctioned North Korea, whose leader, Kim Jong-un, is portrayed in an unflattering fashion in the Sony-backed film, The Interview.

Meanwhile, as Sony’s image continues to tarnish with each leaked, scandalous revelation, the company experienced an added layer of suffering other data-breached companies — Target, Neiman Marcus and Home Depot — had avoided.

Read More

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Data Breach, Defense, Finance, IT Security, Security, Technology

White House cyber czar: Even non-critical infrastructure vulnerable – Top Sony Corp. exec condemns hack at CES

WHITE HOUSE CYBER CZAR: EVEN NON-CRITICAL INFRASTRUCTURE VULNERABLE — The Sony hack demonstrated that attacks on non-critical infrastructure can still implicate fundamental American values, White House Cybersecurity Coordinator Michael Daniel tells Dave in a Q&A out this morning. The hack also means the Obama administration might need to expand its cybersecurity outreach to the private sector, Daniel said.

“Obviously, part of the issue with Sony is … the fact that it was aimed at, effectively, suppressing speech,” Daniel said. “While that’s not critical infrastructure, that’s a value the U.S. holds pretty dear.” As a result, the devastating Thanksgiving week attack on the studio “raises a very interesting question about exactly how broadly we have to cast the net” in cybersecurity information sharing and other policy areas, he said.

Daniel’s 2015 prognosis: “One of the things you can look for from us is continued effort to identify places where we can take executive action…We will be looking for all the cases where we can potentially take some executive action to further things like information sharing and improving cybersecurity. Another big area you should look for us to do is continue pressing on legislation…like information sharing, and there’s still the issue of getting a national data breach law.

Read More

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Data Breach, Defense, Finance, Government, IT Security, Security, Technology

Ex-Sony Employees Echo Cybersecurity Company’s Suspicion That Hack Was An Inside Job

WASHINGTON — A Silicon Valley cybersecurity firm is doubling down on its claim that at least one former Sony employee was involved in hacking Sony. Some former employees of the company are expressing that sentiment as well, even as the U.S. government stands by its conclusion that North Korea orchestrated the massive cyberattack.

Kurt Stammberger, senior vice president at Norse, which provides cyber intelligence to customers in financial services, technology and government, told The Huffington Post that the company remains “pretty confident” that “at least one ex-employee was involved, probably more” in the Sony hack.

As evidence, Stammberger said that Norse has samples of malware used in the Sony hack that existed as early as July, “completely in English with no Korean whatsoever.” Sony credentials, server addresses and digital certificates were already built into the malware, he added.

Read more

Standard
The Speed Traders and Knightmare on Wall Street's Edgar Perez
Cyber Security, Cybersecurity, Data Breach, Finance, IT Security, Security, Technology

What Consumers and Investors can Learn from Morgan Stanley and Sony’s Data Breaches with The Speed Traders and Knightmare on Wall Street’s Edgar Perez at Golden Networking’s Cyber Security World Conference 2015 New York City

Morgan Stanley joined a growing list of prominent corporate brands to suffer a data breach, after it revealed one of his financial advisors stole the information of as many as 350,000 wealth management clients, and that some of the data was posted online for sale. The event reminds consumers and investors of the ever-evolving and ubiquitous threat of data breaches.

Many other large companies including Adobe Systems, Automated Data Processing, Citigroup, E*Trade Financial, Fidelity Investments, Home Depot, HSBC, JPMorgan Chase, Nasdaq OMX, Neiman Marcus, Sony, Target and Wal-mart had suffered high-profile cyber security breaches. It is not beyond the realm of possibilities to think that today the information of every American has already been compromised in any of these publicly disclosed attacks.

The Speed Traders and Knightmare on Wall Street's Edgar Perez

The Speed Traders and Knightmare on Wall Street’s Edgar Perez

Amidst these pressing challenges, Edgar Perez, author of Knightmare on Wall Street, will discuss what consumers and investors can learn from recent cybersecurity incidents in the United States at Cyber Security World Conference 2015 New York City. The forum will provide a platform for information security authorities and innovative service providers to distil their latest research for hundreds of senior executives focused on protecting enterprise and government valuable assets. Cyber security experts will discuss subjects such as protecting individuals and companies against cyber-attacks, biometrics as the future of security, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks.

Mr. Perez has been engaged to present at the Council on Foreign Relations, Vadym Hetman Kyiv National Economic University (Kiev), U.S. Securities and Exchange Commission (Washington DC), Quant Investment & HFT Summit APAC 2012 (Shanghai), CFA Singapore, Hong Kong Securities Institute, Courant Institute of Mathematical Sciences at New York University, University of International Business and Economics (Beijing), Hult International Business School (London and Shanghai) and Pace University (New York), among other public and private institutions.

Mr. Perez is widely regarded as the preeminent global expert in technology and investing. He is the author of Knightmare on Wall Street and The Speed Traders and has been interviewed on CNN, CNBC, FOX BUSINESS, Bloomberg TV, CNN en Español, CCTV China, BNN, Bankier.pl, Leaderonomics, TheStreet.com, GPW Media, Channel NewsAsia’s Business Tonight and Cents & Sensibilities. Mr. Perez has been globally featured on FXFactor, Columbia Business, OpenMarkets, Sohu, News.Sina.com, Yicai, eastmoney, Caijing, ETF88.com, 360doc, AH Radio, CNFOL.com, CITICS Futures, Tongxin Securities, ZhiCheng.com, CBNweek.com, Caixin, Futures Daily, Xinhua, CBN Newswire, Chinese Financial News, ifeng.com, International Finance News, hexun.com, Finance.QQ.com, Finance.Sina.com, The Korea Times, The Korea Herald, The Star, The Malaysian Insider, BMF 89.9, iMoney Hong Kong, CNBC, Bloomberg Hedge Fund Brief, The Wall Street Journal, The New York Times, Dallas Morning News, Valor Econômico, FIXGlobal Trading, TODAY Online, Oriental Daily News and Business Times.

Mr. Perez was a vice president at Citigroup, a senior consultant at IBM, and a strategy consultant at McKinsey & Company in New York City. Mr. Perez has an undergraduate degree from Universidad Nacional de Ingeniería in Lima, Peru (1994), a Master of Administration from Universidad ESAN in Lima, Peru (1997) and a Master of Business Administration from Columbia Business School in New York, with a dual major in Finance and Management (2002). He belongs to the Beta Gamma Sigma honor society. Mr. Perez resides in the New York City area and is an accomplished salsa and hustle dancer.

About Cyber Security World Conference 2015

Renowned information security experts and innovative service providers will present at Cyber Security World Conference 2015 their latest thinking to hundreds of senior executives focused on protecting enterprises and governmental agencies. Topics that Cyber Security World Conference 2015 will discuss include:

  • Cyber Security Megatrends Security Professionals can’t Ignore Today
  • Strengthening the Security of Industry-wide Technology Infrastructure
  • How Hackers Really Operate to Obtain Financial Data
  • Cyber Security and its Role in the Overall Security of the United States
  • Key Considerations about Security in the Internet of Things Age
  • Designing and Managing Effective Information Security Programs

Cyber Security World Conference 2015 is produced by Golden Networking, the premier networking community for business and technology executives, entrepreneurs and investors. Panelists, speakers and sponsors are invited to contact Golden Networking by sending an email to information@goldennetworking.com.

Standard