Oops, I accidently copied the Goldman Sachs “secret sauce”!
There has been much noise about the Goldman Sachs ex-employee who managed to leave the company with their secret solution to be faster and better than their financial services competitors. At first, the name of the company reporting the data breach was unclear, then more started whispering Goldman Sachs. Let’s sink into the juicy details.
It all started when a computer programmer was arrested for stealing classified application code that powerd his former employer’s, later identified as Goldman Sachs, high-speed financial trading platform. The programmer’s name, along with more details on the incident, were reproduced from an FBI affidavit by DarkReading:
According to an affidavit (PDF) filed by the arresting FBI officer and subsequently posted by news media, the programmer, Sergey Aleynikov, copied “proprietary trade code” from his company and uploaded it to a Website in Germany. He later quit his job at the New York firm and moved to a new company in Chicago that “intended to engage in high-volume automated trading” — and paid him around three times his old salary of $400,000, according to the affidavit.
The programmer says it was all a mistake. Apparently, he only wanted some open sourced files he was working on and ended up with the entire shabang. The fact he never sold the code or tried to otherwise use it plays in his favor. The fact he tried to hide all traces of the data transfer, doesn’t. But that’s somehting to be settled in a court.
What’s fascinating, as ZDNet’s Larry Dignan explained on one of the network’s blogs, is that Goldman Sachs, “a master at gauging risk”, was able to overlook the danger of inside threats. Especially when it’s something all security experts have been talking about for a long while.
When you think about it, nothing happened to Goldman Sachs. Other than a much needed wake up call. What could have happened? The competition actually improving their own platforms and taking over more and more clients from Goldman Sachs. I have a feeling adding up the numbers of this potential loss would make us all dizzy!.
T-Mobile USA – Was it or wasn’t it a data breach?
Did a data breach occur at T-Mobile USA? According to a group of hackers it did. They claimed to have gained access to all customer information of the company and posted network scans to prove it on the Full Disclosure web site. They also said they were trying to sell all the private records to T-Mobile’s competitors, who wouldn’t take them on the offer. Yet they’re still doing their best to sell all stolen info to the highest bidder.
T-Mobile has a different view on the story though. They said, and were quoted by ChannelWeb, that there is no proof whatsoever of any breach. And although the document posted online did in fact belong to T-Mobile, it contained to sensitive date, nor was it obtained while their system had been hacked into.
“The document in question has been determined to be a T-Mobile document, though there is no customer information contained in the document,” the company said in a statement. “There is no evidence to indicate that the T-Mobile security system was hacked into nor any evidence of a breach.”
While ChannelWeb seems to incline to believe T-Mobile on this one, their security experts say large mobile carriers often fall pray to hackers who harest their confidential customer records for their own benefit, mostly because the security systems they’re using are outdated. If I were T-Mobile right now, I’d make sure to check everything 100 times and find out exactly how the harmless file get posted online. Cause you can never know, can you?
Verizon: Application logs monitoring helps prevent data breaches. Really?
“Given the nature of data breaches today, organizations are better off saving money and doing ‘lightweight’ security testing across more of their infrastructure than conducting deep assessments across a few systems,” this is what Peter Tippet, vice president of innovation and technology for Verizon Business stated at a the CSI/SX held in Las Vegas, according to a DarkReading quote.
Tippet thinks application logs are more effective than logs of signature based devices and firewalls. He’s probably right. But only for the scenarios he has chosen: data theft caused by outside attacks, most frequently using stolen, but valid passwords and attacking idle, old and forgotten machines.
While Tippet’s method might just prove effective for those using Verizon software and fearing outside attacks, what happens to unencrypted and stolen or lost hardware? What about insiders who can copy/paste an entire database on a thumb drive? Yes, ongoing attacks or failed attempts can be discovered. But that gets businesses nowhere near a comprehensive and effective data loss prevention solution!
Months later, consequensces knocking on breached door
One might think that if several months have passed since an embarrsing data breach and nothing has happened, it’s all cool. One can relax, mind their own business and forget all about security.
That’s not the case if we’re talking UK health authority. Namely, London-based Camden Primary Care Trust. They thought, sometime last August, that dumping PCs containing 2,500 patients’ names, addresses and medical histories beside a skip inside the grounds of St Pancras Hospital was a good idea. They might reconsider now, as the Information Commissioner’s Office has given Camden Primary Care Trust until the end of the month to improve security, consequence of its breaching the Data Protection Act.
According to the Register, “data on the obsolete computers was left unencrypted. The machines were subsequently swiped without authorisation and never recovered”. Given such gross negligence and obvious proof of being completely irresponsible, I cannot help being extremely happy they are forced to do something about their security!
CoSoSys uses humor to teach about security threats
As you’ve probably seen on this blog, there are news about security breaches, people who’ve been affected by identity theft and fraud, billions of dollars in losses every single day. More a day in really bad cases. Although there’s a ton of information out there, individuals and companies still fail at protecting themselves against such breaches and at keeping their private data safe.
CoSoSys, leading developer of endpoint security and data loss prevention solutions, has chosen a different approach to raise awareness about the risks we face everyday: humor, namely a series of comic strips showing what can really happen. As CNET puts it, they put the fun back in security threats.
The first comic, originally published on CoSoSys’ EndpointProtector.com site shows how easy it is for an employee to copy your entire data base and take it to your main competitor. A simple thumb drive, three minutes left alone in the office, and that’s it!
But as fun and laughing are not the only goals of the strip, each of them also helps you find out what to do and how you do it. Designed to promote the company’s most popular DLP, endpoint security and device management solution, Endpoint Protector, each issue will show how everything can be prevented.
“Recent research performed in both the US and the UK shows a troubling trend: data breaches are rising in numbers and in costs as well. Millions of people have their data exposed to identity theft or fraud each year and few of those affected or those responsible of the incidents know that most of these instances could easily be prevented. Making sure that your private records and all endpoints in your network are secured is not a difficult task. That is why we are committed to put our best efforts into raising awareness and educating the public about staying safe without making any lifestyle compromises”, explained Roman Foeckl, CoSoSys CEO.
The next issues of the strip will be published each Thursday for the next 7 weeks. You can see them here or register to get them on your email. Easier if you asked me, as remembering to visit a link every week is not something I usually do.
