Archives For hack

Here are some important words from my friend and colleague, author and speaker, John Sileo.  We can stop talking about TJ Max now…The Target Hack was big.  And even though the bank tends to cover the stolen card issues, Target did report significant drops in both sales (6%) and profit –  cutting it’s profit forecast by (20%). How many companies can stand this kind of loss?

It’s interesting that even after this event – Gartner Group’s recent report shows that Information Security has dropped from the #1 CIO concern, down to #8.  This is not a good sign…

 

© 2014, David Stelzl

Advertisements

Photo taken by David Stelzl

Heading home from New York this afternoon after a great two day trip.  I spent day one working with sales people on effectively presenting security strategies to their clients in a series of one-on-one meetings.  Day two, I was invited by Symantec and one of their top partners, to speak to a group of executives over lunch at Jack’s Steakhouse.  A couple of things that make this particular time in history interesting….

If you’re not up to date on Stuxnet and how malware evolved to a new level over the past 18 months, you need to be.  It’s rare that I read Vanity Fair, but this a linked article is worth a read to catch up on over a year of analysis and developments – cyberwar is finally a reality!  But just as important – this kind of technology poses an entirely new level of threat to your clients.  (Read it!)

Secondly – while Wikileaks and the fiasco involving Pvt. Mannings is not new news, the implications are significant.  Reading through the developments between the Anonymous group, Mastercard, Paypal, and Amazon demonstrate that groups like this do have the power to affect large corporate networks at will.  Add Gawker in there and you see that stealing the account database and decrypting it is not that difficult when dealing with real hackers.

Most of my audience didn’t know our power girds, airforce traffic control, and F-35 databases have been hacked over the past year.  Why?  These are important events that demand companies take action and start thinking seriously about securing data.  This is not a simple task…learn to articulate this and you may find yourself advising these firms at the highest levels.

© 2011, David Stelzl

More on Cloud Computing and Google in today’s WSJ:  These sound bites are relevant when selling against cloud computing giants that threaten to take over your business:

1. Google apps = Cloud computing.  Let’s not mix words here…this is cloud computing. This is not about Google – it’s about any major online target that causes someone outside the company to want or need something inside.

2. China is not happy with Google – this could be anyone not happy with a company you are dealing with such as customer dissatisfaction issues.

3.”gained access to computer code for the software that authenticates users of Google’s email, calendar and other online programs,…”  Simply put, online programs means Google applications that may contain personal or business related content.  Google hosts email for businesses and individuals, as well as a number of online apps that are used in both cases.

4. Hundreds of companies…it’s spreading:  Quote from the Journal…

“But some security experts suspect a group of attackers that has penetrated hundreds more companies since Google went public with its attacks in January. “The exact same group has been exceptionally active,” said one person familiar with the attacks Google announced.

The group, which is believed to be Chinese and has been identified by investigators by its attack methods, has broadened its victims to include law firms and utility companies, this person said. It’s been penetrating companies at a rate of at least 20-50 new companies a week, this person added.”

Also note my video comments following a recent talk I did on protecting assets to Tampa based business leaders: https://davidstelzl.com/2010/03/30/tampa-event-post-interview-part-ii-cloud-computing/

© David Stelzl, 2010

Here’s a scam that attracts users to a torrent web site – a site used to distribute large files (generally used in music and video sharing).  The idea is to attract users and grow the population for what appears to be a well constructed and useful tool.  Once enrolled, users are infected by malware, allowing the hackers that actually run the site, to gain access to end-user computers.

In this case Twitter was used to attract these people. Once members, passwords were compromised.  The hackers are playing on the belief that most people use the same name and password on many accounts, so if they can steal the credentials used to set up their torrent account, they may then be able to use these credentials to break into other accounts including social networking sites or even online banking accounts.

This provides a great case for strong authentication technology and access control policies that are managed and enforced through technology solutions you provide!  Check out the actual article and explain this to your clients.  Education is the key to business development in this economy:

http://www.scmagazineus.com/twitter-accounts-compromised-in-torrent-site-scam/article/163080/?DCMP=EMC-SCUS_Newswire

I’ve commented before on computing- how secure is it?  Well, it turns out that the provider of cloud service you’re using is not the only security consideration; what about the internet service provider?  Check this out…two woman on Facebook reported being redirected to other peoples pages while trying to access their own.  No passwords other than their own were required, and their access completely unintentional.

Of course this is not a hack; however, what if someone is redirected to something highly sensitive including your personal finances, intellectual capital, or military secrets?  And  what if that person thinks it’s funny and posts it on the web or is connected with something harmful such as a terrorist organization?  This could have major effects on a business brand, homeland security or personal reputation!  Once again, I hear IT calling out, “We’ve got it covered”.  You can read the details in the FOX link below:

http://www.foxnews.com/scitech/2010/01/16/network-flaw-causes-scary-web-error/

32 million clear-text passwords taken captive through an SQL vulnerability!  RockYou.com, which provides applications and services for social networking sites like Facebook and MySpace was hacked this week – earlier in the week I posted a blog on social networking sites and hackers, mentioning some of the issues with cloud computing as well.  This is the world we’re headed for as more people move to cloud services.  If you’re going to use the cloud, and in some cases this is the only way to go, you have to consider security as a top priority, not price!

If you’re in the business of selling a cloud type service, whether it’s SaaS, hosted email, or online backup, or some managed service that stores data for the client (of any kind),  make sure you move security into first place as part of your value proposition.  These passwords were stored in clear text – and that is the problem.  Every site can be broken into, the question is, will the perpetrators be detected before they get what they want. Security steps such as encryption make stealing much more difficult, to the point that many won’t even attempt it.

Here’s the RockYou article reported by SC Magazine.  http://www.scmagazineus.com/rockyou-hack-compromises-32-million-passwords/article/159676/?DCMP=EMC-SCUS_Newswire

If you’ve been to my workshop on selling security, I talk about the information stored in university systems which are targeted by identity thieves.  Here’s a report on recent attacks against public school systems.  Hackers are cyphoning off data, transferring it to money mules for laundering, and making off with amounts from 100,000 to 200,000…no one’s been caught according to this report.  At the end of the article, a link takes you to some information on small/medium business, another sought after target.  Both generally have poor security and have not wanted to invest in the past.  Justification requires a demonstration of how easy it is – generally through an assessment of some sort.  The long term potential of these type of accounts is great for small resellers with strong managed security offerings.

http://voices.washingtonpost.com/securityfix/2009/09/cyber_mob_targets_public_priva.html