Cyber attacks are a danger we face on a grand scale, not just as individuals, but as a country.
The past few years, America has been quietly (and not-so quietly) hit by one wave after another of devastating hacks. Last week, as this blog discussed, the government gave a long-overdue response to the matter of cyber-security. During his State of the Union address, President Obama announced that he had signed an executive order taking action against digital security breaches.
The President went on to identify key areas of our infrastructure that might come under attack, saying, "our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems."
If it still sounds far-fetched, consider that just this past year has seen an astounding number of attacks on oil, natural gas and electricity structures in the U.S. Hackers raided these systems for information, and the number of strikes was up more than 50 percent higher than what it was in 2011, according to the Department of Homeland Security (DHS).
February 26-28 will mark the presentation of the National Association of Federal Credit Unions (NAFCU)'s Technology and Security Conference in Austin, Texas. A keynote speech at the event entitled "Thieves, Hackers, and Facebook Attackers: Credit Union Privacy Survival in a Social World," will be given by fraud expert John Sileo. The talk will present credit unions with the knowledge they need to help stop fraud before it starts.
Online security is more perilous and precious than ever. In times of constant attack, how will you keep your information safe?
Social media, data sharing and the wonders of the cloud all offer so many advantages to modern commerce that the myriad dangers often go unseen. Who has access to your data? What kind of habits are you enforcing? We live in a time where we are asked to scatter our personal information to the wind without a second thought – and we often do.
Myth: Mac users are armored against viruses, malware and identity theft.
Apple has a reputation for building computers with strong cyber security and protection from online threats. Remember those commercials where PCs were mocked for being more likely to "get sick"? Over the years, devoted iFans may have developed the belief that nothing can touch them and they are always safe. But recent news reports show that the same attacks launched against Facebook recently were also made on the computers of Apple employees earlier this week. This underlines a key point: When it comes to online attacks, no one is bulletproof.
Sources say that, as with Facebook, the source of a breach was a dangerous piece of software that hijacked the Java plug-ins of various web browsers. It was also distributed through a seemingly secure website for mobile developers. Although once again no data has been reported as being compromised, this still represents a red flag for anyone with sensitive material on the net – and these days, that's almost everybody. If some of the biggest names in the business can be susceptible to breaches like this, what makes your business safe?
Viruses are the biological weapons of the internet: once someone gets infected, it's only a matter of time before the contagion starts to spread. Evenasocial media giant like Facebook isn't immune to the kinds of digital "superbugs" that cause data security breaches.
You would think that corporate titans – with their advanced defenses – would be most immune to the effects of malware, but the reality is that the bigger the service provider, the more vulnerable it can be to hackers and cybercriminals. Recently, we saw Twitter get hit with a massive hack that targeted the data of a quarter-million people. Now, Facebook has been victimized by a vicious strain of software.
Last Friday, Facebook security posted a statement on its blog detailing what it called a "sophisticated attack" on its system that occurred in January.
Almost 20 billion packages will be delivered through the mail this holiday season. Even at $5 per package, that’s more than $100 Billion in value going through the mail–a scale too large and tempting for criminals to ignore.
Why do thieves target us during the holidays? In addition to the volume and value of holiday mail, criminals are taking advantage of the perfect winter storm:
Trucks are overloaded, mail & UPS carriers are overworked and shoppers are overwhelmed, which makes theft easy and attractive
Thieves take advantage not just of our good nature during the holidays, but of how distracted we are
Criminals see our generosity of giving as a goldmine waiting to be exploited
Cyber Thieves are officially out today to steal your credit card information or any other private personal information they can intercept as you shop online during Cyber Monday (and for the rest of the holiday season). In less that 60 seconds, you can know what they are up to and what to watch out for. Only 50 seconds left, so here they are (note: some of the “for more info” links will only become live over the next few weeks in our 12 Days of Christmas series, so please check back):
Be extremely careful when using free Wi-Fi hotspots to shop online, as you are being watched by data sniffers.
Only shop on secure, reputable websites that: A. You know via other means (the press; you shop at their store) B. Look for “https” in the URL, C. The website has a small padlock icon in the bottom right corner of your browser or the URL turns green, signaling a “safe” site.
South Carolina Governor Nikki Haley blamed an outdated Internal Revenue Service standard (see below) as a source of a massive data breach that exposed the SSNs of 3.8 million South Carolina taxpayers plus credit card and bank account data. The identity information, nearly 75 GB worth, was stolen from computers that belonged to the SC Department of Revenue.
The breach reveals some shocking realizations for the people of South Carolina, and the rest of us:
South Carolina is compliant with IRS rules, but the IRS DOES NOT REQUIRE THAT SSNs BE ENCRYPTED. In other words, the keys to your financial buying power (your credit profile via SSN) is protected in no material way by the IRS, and therefore by your state government.
Technology isn’t the only source of blame. As is the case in nearly every data breach I’m brought in to help clean up, a HUMAN DECISION is at the heart of the breach.
Every dollar counts, now more than ever, as the government searches for ways to wisely spend our money. It’s dismaying to learn that an audit report from the Treasury Inspector General for Tax Administration (TIGTA) has found that the impact of identity theft on tax administration is significantly greater than the amount the IRS detects and prevents. Even worse, the “IRS uses little of the data from identity theft cases…to detect and prevent future tax refund fraud” according to Mike Godfrey, Tax-News.
The IRS is detecting far fewer fake tax returns than are actually falsely filed. 938,700 were detected in 2011. On the other hand, TIGTA identified 1.5M additional undetected tax returns in 2011 with potentially fraudulent tax refunds totaling in excess of $5.2B.
The study predicted that the IRS stands to lose $21B in revenue over the next 5 years with new fraud controls, or $26B without the new controls.
Get monthly strategies and tips for protecting yourself and your business delivered right to your Inbox. Signup now and you'll immediately receive John's 7 Survival Strategies for Starving Data Spies!
