Corporate IT security

  • Sony hackingU.S. says evidence ties North Korea to Sony cyberattack

    U.S. intelligence agencies said they have concluded that the North Korean government was “centrally involved” in the attacks on Sony’s computers. This conclusion, which will likely be confirmed today (Thursday) by the Justice Department, was leaked to the media only hours after Sony, on Wednesday, canceled the Christmas release of the comedy — the only known instance of a threat by a nation-state pre-empting the release of a movie. Senior administration officials, speaking on condition of anonymity, said the White House was still debating whether publicly and officially to accuse North Korea of the cyberattack.

  • Sony hackingSony cancels Christmas release of “The Interview”

    Sony Pictures announced it has cancelled the Christmas release of “The Interview,” the a film at the center of a hacking campaign, after dire threats to moviegoers and a decision by major movie theater groups to cancel screenings in the United States. “Those who attacked us stole our intellectual property, private e-mails, and sensitive and proprietary material, and sought to destroy our spirit and our morale — all apparently to thwart the release of a movie they did not like,” the company said in a statement.

  • CyberattacksSony hackers threaten attacks against movie goers who plan to see “The Interview”

    The hackers who attacked Sony networks are now threatening an attack on people who plan to go to see the movie “The Interview.” The hackers write in their message that they “recommend you to keep yourself distant” from movie theaters showing the movie. The hackers earlier promised to deliver a “Christmas gift.” It was not clear what they had in mind – some suggested they would release another batch of embarrassing data from Sony’s files — but it now looks as if the “gift” might well be a cyberattack on movie theaters.

  • Sony hackingCyber whodunnit: North Korea prime suspect but there are many potential culprits

    By Alan Woodward

    Many suspect North Korea to be behind the attack on Sony Pictures. North Korea quite possibly has motive, means, and opportunity to carry out this attack on Sony, but as with any successful prosecution, that isn’t enough. We need evidence. We will have to wait for the detailed forensic work to complete before we stand a realistic chance of knowing for certain. That may or may not be forthcoming, but in the meantime we should consider what this event tells us about the balance of power in cyberspace. In a world in which major disruption can be caused with scant resources and little skill, all enemies are a threat. North Korea might be the rogue state that everyone loves to hate but there are plenty of others who could have done it. There is no longer a tiered approach of superpowers fighting proxy wars in smaller, developing nations. Now those developing nations can fight back, and you might not even know it was them.

  • TECHEXPO - Exclusive Security-Cleared Hiring Events - Register Now!
    view counter
  • Personal securityQuantum physics makes fraud-proof credit cards possible

    Credit card fraud and identify theft are serious problems for consumers and industries. Corporations and individuals work to improve safeguards, but it has become increasingly difficult to protect financial data and personal information from criminal activity. Fortunately, new insights into quantum physics may soon offer a solution, as a team of researchers has harnessed the power of quantum mechanics to create a fraud-proof method for authenticating a physical “key” which is virtually impossible to thwart.

  • CybersecurityFIDO 1.0 specifications published aiming to promote stronger authentication

    The FIDO (Fast IDentity Online) Alliance, an open industry consortium promoting standards for simpler, stronger authentication, the other day published final 1.0 drafts of its two specifications — Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F).

  • CybersecurityMcAfee Labs report previews 2015 cyber threats, exploits, evasions

    McAfee Labs November 2014 Threats Report offers an analysis of threat activity in the third quarter of 2014, and the organization’s annual 2015 Threats Predictions for the coming year. The report details a third quarter filled with threat development milestones and cyber events exploiting long-established Internet trust standards. McAfee Labs forecasts a 2015 threat landscape shaped by more attacks exploiting these standards, new attack surfaces in mobile and Internet of Things (IoT), and increasingly sophisticated cyber espionage capabilities, including techniques capable of evading sandboxing detection technologies.

  • Cybersecurity businessGrowing cybersecurity threats offer opportunities for cybersecurity businesses

    A 2013 report from the U.S. Computer Emergency Readiness Team(US-CERT) noted that the number of cyberattacks reported by federal agencies had skyrocketed 782 percent since 2006, to nearly 49,000, in 2012. Today, the figure is much higher. The increasing threat of cyberattacks from domestic and foreign actors has opened up opportunities for cybersecurity professionals, many of whom held positions with the U.S. military or intelligence agencies. For the private sector, cybersecurity spending is expected to reach $71.1 billion this year, and expected to grow about 9 percent annually through 2016.

  • CybersecurityDOJ’s new cyber unit to provide legal guidance on electronic surveillance

    The Justice Department is creating a cybersecurity unit within its Computer Crime & Intellectual Property Section (CCIPS) to provide legal guidance on electronic surveillance investigations.The unit will also work with Congress on cybersecurity legislation and focus on cybercrime prevention.

  • CybersecurityChina says U.S. does not appreciate China’s own vulnerability to cyberattacks

    At the seventh annual China-U.S. Internet Industry Forum held on 2-3 December, Lu Wei, minister of China’s Cyberspace Affairs Administration, which manages Internet information in China, urged U.S. officials and the private sector to stop claiming Chinese cyberespionage against U.S. systems and instead understand China’s Internet information policies. China has become the world’s largest Internet market with over four million websites, 600 million Web users, and four of the world’s top ten Internet firms.

  • CybersecurityFBI cautions U.S. firms of hackers trying to overwrite companies’ data files

    On Monday, several cybersecurity officers of U.S. businesses received a five-page “flash” warning from the FBI to be cautious of hackers that may use malware to override all data on hard drives of computers, including the master boot record, which prevents them from booting up. “The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods,” the warning read.

  • CybersecurityHackers well-versed in Wall Street vernacular hack publicly traded companies

    Security firm FireEye’s recent reporton a group of hackers who have been infiltrating e-mail correspondence from more than 100 organizations, differs from the company’s previous reportson cyber criminals operating from China or Russia. This time, the hackers are based in North America or Western Europe, and are well-versed in Wall Street vernacular. The hackers, who FireEye named “FIN4” because they are one of many groups that hack for financial gain, targeted mostly publicly traded healthcare or pharmaceutical companies, along with their advisory firms, in pursuit of information that could affect global financial markets.

  • CybersecurityInternet security market to reach $42.8 billion globally by 2020

    According to a new report by Allied Market Research, the global Internet security market is expected to reach $42.8 billion by 2020, registering a CAGR of 8.1 percent during 2014-2020. The market, driven by demand for software solutions, would experience a shift toward the adoption of cloud-based systems. About 80 percent of the top companies today identify with cloud-based security services which have become a prominent market trend.

  • CybersecurityMore companies adopt active defense to thwart hackers

    Some U.S. companies are beginningto counter-hack cybercriminals by using intelligence shared within industry circles. Federal officials have not openly endorsed active defense, but measures like tricking hackers into stealing fake sensitive data, then tracking its movements through the Web, are gaining support. Some firms have gone as far as hacking alleged criminals’ servers. “The government is giving ground silently and bit by bit on this [active defense] by being more open,” said former National Security Agencygeneral counsel Stewart Baker. “I have a strong sense from everything I’ve heard. . . that they’re much more willing to help companies that want to do this.”

  • CybersecurityU.S. government networks vulnerable despite billons spent on protecting them

    Experts say that cybersecurity has leaped over terrorism as the top threat to U.S. security, and with the awareness of the threat comes funding better to secure government systems. There are currently 90,000 information technology security professionals working for the government, 33 percent of them are contractors. The federal government is projected to hire more cyber professionals and spend $65 billion on cybersecurity contracts between 2015 and 2020, but today, federal cybersecurity officials are still struggling to keep sensitive data from hackers and cyber criminals. Some have warned of a “Cyber Pearl Harbor” — but Pearl Harbor was a surprise. No one in business or government today can continue to plead surprise when it comes to the possibility of cyberattack.