Cloud Computing, Cyber Security, Defense, Finance, IT Security, Security, Technology

Neglected Server Provided Entry for JPMorgan Hackers

According to New York Times, the computer breach at JPMorgan Chase this summer — the largest intrusion of an American bank to date — might have been thwarted if the bank had installed a simple security fix to an overlooked server in its vast network, said people who have been briefed on internal and outside investigations into the attack.

A hack attack affected JPMorgan Chase this summer.

Big corporations like JPMorgan spend millions — $250 million in the bank’s case — on computer security every year to guard against increasingly sophisticated attacks like the one on Sony Pictures. But the weak spot at JPMorgan appears to have been a very basic one, the people said. They did not want to be identified publicly because the investigation into the attack is incomplete.

The attack against the bank began last spring, after hackers stole the login credentials for a JPMorgan employee, these people said. Still, the attack could have been stopped there.

Read More

Advertisements
Standard
President Obama is urging Xi Jinping to stop cyberattacks to steal trade secrets and allow foreign companies to compete equally.
Cloud Computing, Cyber Security, Cybersecurity, Defense, E commerce, Education, Finance, Government, IT Security, Security, Technology

President Obama is Urging China to Stop Cyberattacks to Steal Trade Secrets and Allow Foreign Companies to Compete Equally

China must create “a playing field where competition policy promotes the welfare of consumers and doesn’t benefit just one set of companies over another,” Obama said during remarks Monday at the Asia-Pacific Economic Cooperation (APEC) forum.

“We look to China to become an innovative economy that values the protection of intellectual property rights, and rejects cyber theft of trade secrets for commercial gain,” he added.

The two countries have clashed repeatedly over cyberattacks this past year.

Read more

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Finance, Government, IT Security, Security, Technology

5 Questions For Cybersecurity Expert Bruce Schneier After the Latest White House Hacking

Democrats didn’t need this: Another cyberattack on an unclassified White House computer network (and unconfirmed reports of Russian involvement) in the closing days of a midterm election in which voter frustration toward President Barack Obama,  government dysfunction and national security fears already are hurting their chances of hanging onto control of the Senate.

Read More

Standard
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Finance, Government, IT Security, Technology

Russian Malware Breaches U.S. Infrastructure Systems in Cyber Warfare Attacks

A bulletin from the Department of Homeland Security was issued this past week week warning that Russian hackers have penetrated and inserted malware into some of the nation’s most vital infrastructure systems.
Read more

Standard
Evan Dornbush, Chief Information Security Officer (CISO) and Cyber Security R&D Manager for TechGuard Security
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Education, Finance, Government, IT Security, Security, Technology

Evan Dornbush, Chief Information Security Officer for TechGuard Security, to Speak at Golden Networking’s Cyber Security World Conference 2014 New York City

Mr. Evan Dornbush, Chief Information Security Officer (CISO) and Cyber Security R&D Manager for TechGuard Security, LLC, will speak at Golden Networking’s Cyber Security World Conference 2014 New York City (http://CyberSecurityWorldConference.com), unique professional gathering where cybersecurity gurus are set to debate topics such as protecting individuals and companies against cyber-attacks, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks.

Prior to TechGuard Security, Mr. Dornbush was the Senior Network Analyst at Vulnerability Research Labs (VRL) which was acquired by CSC. Mr. Dornbush worked for The United States Department of Defense (Granted TS//SCI) from January 2005 to March 2009, where he was a Computer Network Operator, Systems Engineer and Global Network Exploitation and Vulnerability Analyst.

Mr. Dornbush earned an M.S. and B.A. in Computer Science and a B.A. in Criminal Justice from The George Washington University in 2004, and was a DoD/NFS Cybercorps Scholarship Winner in 2003 and 2004.

Standard
Golden Networking's Cyber Security World Conference 2014 New York City
Business, Cloud Computing, Cyber Security, Cybersecurity, Defense, Finance, Government, IT Security, Technology

How your Company can be the Weakest Link and how the Cybersecurity Framework can Help at Golden Networking’s Cyber Security World Conference 2014 New York City

A chain is only as strong as its weakest link, says Bill Buchanan, The Conversation. Computer security relies on a great number of links, hardware, software and something else altogether: you. The greatest threat to information security is actually people. Why strive to defeat encrypted passwords stored in computers, when those computers’ human users will turn them over willingly?

A huge problem with most types of digital communications, processing and storage is that it’s often very difficult to differentiate between a true communication and one which has been falsified. This stems largely from the internet’s background as an open, insecure system. In emails apparently from legitimate websites, the email address of the sender can be spoofed, that is, replaced with another that is not the sender’s actual address, as some email relay systems allow this.

Corporations are today targeted as never before, with growth in hacking attacks linked to nation states and overseas governments; in fact, sophisticated and sustained campaigns of phishing have succeeded in stealing information from firms and organizations all over the world. Symantec recorded a 62% rise in data breaches from spear phishing in 2013.

In response to the growing cyber threat, the Cybersecurity Framework, which was drafted by the Commerce Department’s National Institute of Standards and Technology (NIST), represents a tipping point in the evolution of cybersecurity, one in which the balance is shifting to proactive risk-management standards. While its application is voluntary, organizations across industries may gain significant benefits by adopting the guidelines.

Golden Networking‘s Cyber Security World Conference 2014 New York City (http://www.CyberSecurityWorldConference.com) will provide a platform for hundreds of senior executives focused on protecting today’s enterprises to learn more about the Cybersecurity Framework and how to apply it to their organization. Topics that Cyber Security World Conference 2014 will discuss include:

  • Cyber Security Megatrends Security Professionals can’t Ignore Today
  • Designing and Managing Effective Information Security Programs
  • Is Biometrics the Key to Personal and Corporate Security?
  • How Hackers Really Operate to Obtain Financial Data
  • Key Considerations about Security in the Internet of Things Age
  • Strengthening the Security of Industry-wide Technology Infrastructure
  • Cyber Security and its Role in the Overall Security of the United States

About Cyber Security World Conference 2014

Cyber security is never again a term to ignore for individuals or corporations. The daily activities of all Americans, the country’s global economic prominence and worldwide security rely on a safe and resilient cyberspace. Unfortunately, the number of cyber-attacks has increased dramatically over the last years, exposing confidential personal and business data, disrupting critical operations, and imposing exorbitantly high costs on the economy overall.

Just recently, J.P. Morgan Chase, America’s largest commercial bank with $2.39 trillion in assets, announced that about 76 million households and 7 million of small-business customers had been affected by a cyber attack in one of the most sweeping known global breaches. The company said the unknown attackers stole customers’ contact information, which included names, email addresses, numbers and addresses, affected an amount equivalent to almost two-thirds of American households.

A brief walk down memory lane of some the biggest recent cyber-attacks now include Adobe Systems, Automated Data Processing, Citigroup, E*Trade Financial, Fidelity Investments, Home Depot, HSBC, Nasdaq OMX, Neiman Marcus, Target and Wal-mart. It is not unlikely to consider that the information of every American has already been compromised in any of these publicly disclosed attacks.

Renowned information security experts and innovative service providers will present at Cyber Security World Conference 2014 their latest thinking to hundreds of senior executives focused on protecting enterprises and governmental agencies.

Cyber Security World Conference 2014 is produced by Golden Networking, the premier networking community for business and technology executives, entrepreneurs and investors. Panelists, speakers and sponsors are invited to contact Golden Networking by sending an email to information@goldennetworking.com.

Standard
Anders Corr, founder of Corr Analytics
Cloud Computing, Cyber Security, Cybersecurity, Defense, Government, IT Security, Technology

Anders Corr, Russia and Ukraine Political Risk Expert, to Join Top Cyber Security Conference in New York City

Dr. Anders Corr, founder of Corr Analytics, will provide his well-known strategic analysis of international politics at Golden Networking‘s Cyber Security World Conference 2014 New York City (http://www.CyberSecurityWorldConference.com), forum that will provide a platform for information security authorities and innovative service providers to distil their latest thinking for hundreds of senior executives focused on protecting enterprise and government valuable assets. Dr. Corr will join cyber security experts to discuss topics such as protecting individuals and companies against cyber-attacks, biometrics as the future of security, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks.

Dr. Corr is the Editor of the Journal of Political Risk with his areas of expertise including cyber-security, global macro analysis, quantitative analysis, and public opinion, and he maintains a global network of regional and subject-specific political risk experts. He has researched Russia and Ukraine for the US Department of Defense, as well as China, Philippines, Vietnam, Israel and the Palestinian territories for private clients. He led the US Army Social Science Research and Analysis group in Afghanistan, which oversaw 600 Afghan contract employees on 44 survey projects, and conducted quantitative predictive analysis of insurgent attacks. Dr. Corr conducted analysis at US Pacific Command (USPACOM) and US Special Operations Command Pacific (SOCPAC) including on catastrophic risks for US national security throughout Asia, such as cyber-war and cyber-attacks, and with additional foci on China, the Philippine insurgency, instability in Nepal, and security in Bangladesh. Dr. Corr conducted red team conceptualization, modeling and simulation for the Defense Department of cyber and terrorist attacks, including against extremely sensitive military installations, and worked on social networking for early warning of biological weapons of mass destruction.

Dr. Corr’s research focuses on effects of military technology on the likelihood and outcome of war, predictors for revolutions and coups, and terrorist use of weapons of mass destruction. South End Press published his book, No Trespassing: Squatting, Rent Strikes, and Land Struggles Worldwide (1999), and the peer-reviewed journal Nonproliferation Review published his work on deterrence of nuclear terrorism. He peer reviews for the Journal of Conflict Resolution, the Journal of Urban History, and Routledge Press. He frequently appears in the press, including Bloomberg, Financial Times, Forbes, New York Times, Nikkei Asia Review, United Press International, and Business Week.

About Cyber Security World Conference 2014

Welcome to Cyber Security World Conference 2014 where renowned information security authorities and innovative service providers will bring their latest thinking to hundreds of senior executives focused on protecting today’s enterprises. Cyber security experts will discuss topics such as protecting individuals and companies against cyber-attacks, biometrics as the future of security, risks brought by mobile computing, and protecting corporate and national infrastructure against foreign attacks.

Cyber Security World Conference 2014 is produced by Golden Networking, the premier networking community for business and technology executives, entrepreneurs and investors. Panelists, speakers and sponsors are invited to contact Golden Networking by sending an email to information@goldennetworking.com.

Standard