IDC: Most Insider Leaks are Accidents

September 3rd, 2009 by Agent Smith (1) In The Spotlight,Research and Studies,security breach

When it comes to security breaches leading to data loss, accidents caused by insiders are more frequent and generally do more damage than those caused by insiders with malicious intents, shoes a new study published by industry research firm IDC industry research firm and sponsored bu RSA.

According to a report, 52 % of respondents characterized their insider threat incidents as predominantly accidental, while only 19% believed the threats were deliberate. Another 26 % said their insider issues were an equal combination of accidental and malicious threats.

“One of the things that jumped out at us from the study was how many insider incidents are unintentional,” says Chris Young, senior vice president of RSA products, quoted by Dark Reading. “These are individual actors who often are just trying to do their jobs and don’t understand that what they are doing is dangerous.” Read more

Obama’s Cybersecurity plan, a resignation marathon

August 29th, 2009 by Agent Smith (0) In The Spotlight,security breach

The White House might have a bright, shiny plan for cybersecurity, but it seems unable to keep the security heads it needs to manage and further implement it. No less than the people holding key positions related to the USA’s cybersecurity have resigned in the past few months.

The trend was started in March by Rod Beckstrom, who at the time resigned from his position as head of the National Cybersecurity Center within the Department of Homeland Security. The said center coordinates the defense of civilian, military, and intelligence networks. The reason for Beckstrom’s resignation? As he stated in a letter quoted by the Register, the post was underfunded and unduly controlled by the National Security Agency.

The next person to announce their resignation was Obama’s top cybersecurity director, Melissa E. Hathway. What led to her decision was the long months of delays by the Obama administration in appointing a permanent director to oversee the safety of the nation’s vital computer networks. As the Register points out, Hathway was one of the best candidates for the “cybersecurity czar” position. The czar would hold the authority for securing networks and infrastructure that serve US banks, hospitals and stock exchanges.

Endpoint Protector

The third and most recent top cat in the US government to go is Mischel Kwon, the head of the US Department of Homeland Security’s Computer Emergency Readiness Team. Washington Post rumor has it that Kwon  had grown frustrated by bureaucratic obstacles and a lack of authority to fulfill her mission. And it seems people in her position don’t stick around for too long, she was the fourth US-CERT director in five years.

Hopefully, the critical cybersecurity plan will eventually be implemented, without any further delays and resignations. Let’s keep our fingers crossed!

Second Hand Hard Drive with Missile Defense Data

May 30th, 2009 by Agent Smith (1) Identity Theft,In The Spotlight,Research and Studies

Buying second hand PCs might be quite an adventure. Especially if they contain sensitive information that could blow one’s mind out, as it happened for a group of researchers from the University of Glamorgan in Scotland. According to a DarkReading article, the researchers found their used hard drives to contain details of test-launch procedures for a U.S. defense missile.

The researchers have included these findings in the results of a a five-year study that aimed to show the dangers of poor hard drive and device data-wiping and disposal practices. Acording to this years’ results, which are not yet final, the research also led them to sensitive data from Ford Motor, Laura Ashley, and other businesses.

This year, the researchers found personal or sensitive data on 34 percent of 300 hard disks bought randomly at computer fairs and online auctions in the U.K., U.S., Germany, France, and Australia. The information was enough to expose individuals and firms to fraud and identity theft, they said.

So if someone indulged in the idea of starting a fraud or theft based scam, all they needed is to start buying used computer parts. It’s easy and far less dangerous than actually atemtping to steal the data directly from the businesses currently using them.

I Spy with My Little Eye….

May 13th, 2009 by Agent Smith (0) Data Theft & Loss,In The Spotlight

…70 GB of stolen data behind a new botnet that has caught researchers’ full attention. Security researchers have managed to infliltrate, through the Torpig botnet, one of the well known zombie networks in the virtual world. According to their findings, this impressive amount of data was stolen in only 10 days.

As the Register reports, Torpig bots manage to steal more than 8,300 credentials corresponding to 410 different financial institutions.  The research team from the University of California at Santa Barbara, over 21% of the accounts belonged to PayPal users. Almost 298,000 unique credentials were intercepted from more than 52,000 infected machines.

How could this happen so fast? It’s all due to the “unusually large haul is Torpig’s ability to siphon credentials from a large number of computer programs”.

After wrapping its tentacles around Mozilla Thunderbird, Microsoft Outlook, Skype, ICQ, and 26 other applications, Torpig constantly monitors every keystroke entered into them. Every 20 minutes, the malware automatically uploads new data to servers controlled by the authors. Because the software runs at such a low level, it is able to intercept passwords before they may be encrypted by secure sockets layer or other programs.

Definitely scary!

Dark Reading Starts Educational Series

February 20th, 2009 by Agent Smith (0) DLP,Data Theft & Loss

The Dard Reading reporters have set their mind on educating their readers and helping them understand IT security better. The series is also designed to help IT people explain such topics to atechnical employees easier and faster. They have started with a piece explaining Data Loss Prevention (DLP) – the concept, what DLP solutions can and can’t do.

Here’s a short excerpt of the article defining and explaining what a Data Loss Prevention solution is and does:

teachingIn a nutshell, DLP is a type of software that is designed to seek out sensitive data — either traversing the network or sitting idle on your computer systems — and enforce policies for handling it. If a user attempts to send out sensitive data via email, post it to a Website, or copy it to a USB storage drive, DLP technology can identify that activity and record it.

More important, most DLP applications are also designed to prevent the user from executing tasks that might compromise the data or cause it to leak out to unauthorized sources. The DLP software might turn off the “write” capability that would allow a PC to copy certain data to an external storage device, or it might disallow an email user from sending the data to another user.

Read more on Dark Reading and make sure to read the next articles on this subject as well.

Photo credit.

« Previous Entries
Next Entries »
© Endpoint Security Info 2010. Wordpress Theme by Arcsin

blogarama - the blog directory Technology Blogs - BlogCatalog Blog Directory Blog Directory Find Blogs in the Blog Directory
valid CSS valid XHTML