Posts tagged "Cyber Security"

Cyber theft ring scoffs at fraud prevention in $45 million heist

Fraud Prevention ATM Heist

Airtight fraud prevention is not possible but just how vulnerable are we if thieves can heist $45 million in a matter of hours?

We recently got a taste of the possible consequences of unchecked hacker prowess following an ATM scam of catastrophic proportions. An international group of thieves managed to walk away with money from the prepaid debit cards of innocent users in countries all over the world.

U.S. Attorney Loretta Lynch announced charges against eight defendants on Thursday. Thieves hacked into banks’ systems in the United Arab Emirates and Oman to increase the amount available on pre-paid MasterCard debit cards. Then they used those cards to withdraw money from ATMs. This heist shows that cyber security in the global financial system is only as strong as the weakest link, and the weakest link in this an other breaches is usually a human being.
While the hackers were sophisticated in gathering and manipulating information within the banks, common criminals made the ATM withdrawals. Lynch described the group as a “virtual criminal flash mob.” Money.CNN.com states that during the first attack in December 2012, the New York group allegedly withdrew $400,000 in 750 separate ATM transactions in more than 140 different NY locations in less than three hours.

Though eight of the members involved have been caught and police throughout the world are working to put this right, the sheer technical scope of the attack shows how sophisticated hackers have become.

Posted in Fraud Detection & Prevention by Identity Theft Speaker .
Tags: , ,

Cyber security expert: SEC chairman pointing efforts in right direction

Cyber Security Expert SEC Chairman

To this somewhat hopeful cyber security expert, it appears that Mary Jo White, the new chairwoman of the SEC, is interested in making investors’ online security a priority. Will it make you safer? Not without action. Shortly after being officially confirmed in her new role this week, White held a meeting to establish stricter identity theft prevention measures – an initiative that was started back in 2011. Specifically, the measures encouraged businesses to disclose their security vulnerabilities and any history of prior cyber attacks for the purpose of better informing constituents.

White’s initiative was sparked in part by West Virginia Senator John Rockefeller, who has reached out to her to increase efforts in this area. In a letter to White sent this week, Rockefeller urged the SEC to put stronger regulations in place to help enforce cyber security. His statements of concern requesting “formal guidance from the SEC” hit the nail on the head.

Posted in Cyber Data Security by Identity Theft Speaker .
Tags: ,

Do you have the right cyber security training to take a joke?

Cyber Security Training Email

What does cyber security training have to do with jokes, you ask? Well, you’re sitting at work when someone sends you an email that promises funny pictures, a joke or a viral video. You go ahead and click, forgetting everything you learned in your company’s cyber awareness sessions …but your company may be tricking you into training.

For many, the negative outcomes of ineffective cyber security remain invisible until they hit close to home. A large number of breaches to security occur not just because of the efforts of hackers, but also because of the naïve practices of employees. Anyone can compromise their workplace’s security unintentionally if they aren’t careful. Fortunately, one company named PhishMe is using this as an opportunity to call us out on our bad habits.

Posted in Cyber Data Security by Identity Theft Speaker .
Tags: ,

Data security breach attacks intensify as banks’ websites are struck

Data Security Breach Banks

Several major American banks saw hackers take over their websites recently. We’re not talking covert fraud or spying here, but an explicit data security breach disabling official websites. It’s debilitating, it’s devastating-and it’s becoming more prevalent.

American Express and JP Morgan have been the targets of sophisticated strikes that resulted in their websites being disastrously compromised. Even if the effects were only temporary, the fact that hackers were able to accomplish such a significant breach should serve as a major warning to corporations and government officials alike.

A data security breach is always an alarming state of affairs, but this current rash of criminal activity seems to focus more on aggressive tactics than is usually the case. And these data security breaches may be the result of nationally sponsored efforts. According to the New York Times, one group, known as “Izz ad-Din al-Qassam Cyber Fighters” seems to have come forward in relation to these attacks. The U.S. isn’t the only one to be the subject of such nasty attention: South Korea lost access to thousands of computers last month, and the European web protection group known as Spamhaus has been the target of an attack of staggering proportions.

Posted in Cyber Data Security by Identity Theft Speaker .
Tags: , ,

Fraud Training (Not Technology) is the Achilles Heel of Cyber Security

Fraud Training

Ignoring fraud training as the foundation of your cyber security strategy is like counting on Google to educate your kids. Technology is a critical tool in the fight, but without well educated users, guided by knowledgeable teachers, the tools are a waste of your money.   

Thanks to President Obama’s state-of-the-union plug for increased cyber security, the Chinese hacking of the New York Times and Wall Street Journal, and the hacking of a prominent celebrities, America is waking up to the tangible value of virtual data. Awareness is definitely the first step, but it is only the tip of the privacy iceberg. Just as in the age before the internet, the only thing keeping employees from selling secrets or participating in fraudulent activity are the human controls that discourage the practice. But it’s all the more hair-raising to think of the amount of digital secrets an employee has access to at any given time. The new tale of a Reuters journalist gone cyber-rogue adds a chilling wrinkle to the perils of protecting the data that keeps corporate profits ticking.  

Posted in Cyber Data Security, Fraud Detection & Prevention by Identity Theft Speaker .
Tags: , , , ,

Celebrity hackers target Michelle Obama, Hollywood stars and… you!

It can't be said enough: these days, any of us can become a victim of identity theft, and those in power are even more at risk. Whether they want to or not, many of America's most familiar faces are being forced to realize the reality of what hackers can do.

You heard it from the leader of the free world himself. This week, President Obama told George Stephanopoulos of ABC News that "we should not be surprised" at the abilities of hackers to access our personal data. Still, you have to wonder if he was at all surprised when AnnualCreditReport.com (the credit monitoring site that is a joint venture between Equifax, Experian and TransUnion designed to help consumers like you and me to make sure we aren't the victims of identity theft) revealed the credit reports, Social Security numbers and other pieces of information on many noted public figures, including the First Lady. In a bitter chunk of irony, even the tools we use to protect ourselves against identity theft are being targeted by hackers.

Posted in Identity Theft Prevention by Identity Theft Speaker .
Tags: , , ,

More information revealed on Facebook hackers

Remember those strikes against Facebook, Apple and Microsoft a few weeks ago? New data has given us a little more info on where these attacks came from.

Even if you think you've locked your private information down, social media exposure is always a risk. We already knew a little bit about the source of the breach that recently compromised Facebook and other major companies. Now we have the name of one of the websites that launched the hack: iPhoneDevSDK.com, a mobile app development site that acted as a "watering hole" for malware. It was only one of many, however, and the source of these attacks is still somewhat murky.

The name of the particular species of malware that infiltrated Macs has also been identified. According to the Security Ledger, it's called Pintsized.A, and it's a Trojan that can disguise itself as an innocuous file while subtly corrupting your device. The attacks were disseminated through the use of a critical security loophole in Java, something that has been a source of criticism for cyber security professionals in the past.

Posted in Cyber Data Security by Identity Theft Speaker .
Tags: , ,

CEOs taking notice of online privacy threats?

Threats to online security have been coming thick and fast. But a new study shows that CEO's may finally be taking notice. Is that enough?

If there's an upside to the recent rash of hacks and digital subterfuge, it may be that businesses are beginning to see the ugly reality of online privacy exposure. According to the Wall Street Journal, a study by analysts at AIG recently showed that more executives are concerned about breaches than harm to their property. Eighty-five percent of executives polled placed more emphasis on their information and digital reputation than their physical holdings. 

Awareness is one thing, but are these executives putting their money where their mouth is?

It appears so. Studies show that there has been a corresponding increase in the amount of money recently spent by retail companies on cyber security measures and experienced anti-fraud experts. It's remarkable what a little bad press (hacking of the New York Times, Wall Street Journal, Twitter, Evernote) will do to motivate previously complacent companies.

Posted in Cyber Data Security by Identity Theft Speaker .
Tags: , , ,

Major cyber attack likely to happen this year, experts say

It's no secret that the U.S. is currently vulnerable to a debilitating online attack. But many top IT security professionals have predicted that something catastrophic is coming – and it could happen in 2013. 

"Spear phishing." 

It sounds kind of silly – the sort of phrase used to make these dramatic events even more sensational. But it's a real threat, and it skewered our gas pipeline systems repeatedly last year, as infiltrators scoured for information and wreaked all sorts of structural havoc. And that could be just the beginning.

Before the parade of high-profile hacks of the last few weeks, industry experts were already foreseeing a huge cyber security disaster. In January, the conference of the Information Systems Security Association sent a survey to IT gurus asking about the current strength of American online safety. Without specifying exactly which kind of disaster would occur, members of the conference were asked if they thought a major act of cyberterrorism could happen soon. The results were chilling, though unsurprising for anyone who's been paying attention: 79 percent of those surveyed said that a significant attack on our infrastructure will occur this year, and nearly 60 percent believed the government should step up and make more of an effort to keep Americans safe.

Posted in Cyber Data Security by Identity Theft Speaker .
Tags: , ,