Archive

Posts Tagged ‘cyber attacks’

Energy cyber concerns are real, report reveals hacks

September 11, 2015 Leave a comment

powergridIt was reported this week that cyber attackers compromised the security of U.S. Department of Energy computer systems over 150 times between 2010 and 2014. The information came from a review of federal records and confirms what many of us have long feared was the case, that the cyber attacks against our energy infrastructure are a reality and could be potentially devastating.

USA Today, with the help of various reporters across the country, obtained access to federal energy records and found that nearly every four days, part of the nation’s power grid is struck by a cyber or physical attack, potentially leaving millions in the dark. The records obtained by USA TODAY through the Freedom of Information Act, confirm the vulnerability of such an attack on our critical energy infrastructure. Read more…

Emerging encryption matters are the next wave of cyber concerns

lock

In a day and age when hackers are persistently attempting to break into networks, an organization that fails to encrypt its sensitive data is taking a huge risk with both its financial resources and reputation. Unprotected data is a legitimate business problem that is no longer confined to IT, especially when it comes to healthcare organizations where the loss of sensitive unprotected data can result in fraud, identity theft, and stolen financial resources from employees and customers. In these cases the burden or blame ultimately falls upon the most senior executive leaders at an organization. And when it comes to the senior teams knowing their areas of risk, encrypting data and building protections have become the latest concern in evaluating them.  Read more…

The New York Stock Exchange network crash — a false sense of (cyber) security?

stocksMost people were relieved when investigators determined that the recent electronic disruptions at the New York Stock Exchange and United Airlines were caused by internal glitches and not by hackers. The NYSE system crash, caused by a faulty software upgrade, and the United Airlines outage, caused by a faulty router, received great attention as pictures of (and tweets by) idle traders and travelers appeared seemingly everywhere.

Because they involved computers and networks, these outages were discussed by the media with the vocabulary normally used to describe “cyber” events. That’s not surprising, given the initial fear that the NYSE crash in particular was caused by hacking. Read more…

Social engineering fraud – are you prepared?

Social Engineering Fraud is not a new phenomenon.  Who hasn’t received an e-mail asking to voluntarily send personal information to another so we can receive some sort of a large reward?  Most are aware of it, perhaps not by that name.

It comes in the form of an email or a trusted site. Hackers have learned how to trick their targets into falling for their scheme by taking advantage of human nature. There are stages to the attacks that mimic abuse: information gathering, relationship development, exploitation and execution. This grooming of the victim can result in claims of up to 100,000 or more for just one attack. Read more…

Report cites criminal attacks as primary cause of healthcare data breaches

healthbreachIn the fifth annual Ponemon Institute privacy and security report, cyber attacks were listed as the top cause of healthcare breaches. Officials studied privacy and security trends for healthcare covered entities and their business associates. Over the course of the five years Ponemon has been publishing its annual breach report, criminal activity has grown 125 percent. Officials at the institute discovered 69 percent of healthcare organizations uncovered the breach via an audit or assessment. Forty four percent were discovered by an employee, while another 30 percent were found after a patient complained.

Ponemon stated, “Historically, the main cause of the data breach was the negligence or incompetence or system glitches within the organization, not necessarily criminal activity. This year, criminal activity was the number one cause.” Forty-five percent of respondents in the report claimed criminal attacks were directly responsible for Read more…

Significant data breach hits Partners HealthCare

health_passwordPartners HealthCare, a non-profit health care organization which includes Brigham and Women’s Hospital, Massachusetts General Hospital, North Shore Medical Center, and Newton-Wellesley Hospital, released a statement that it suffered a major data breach after a group of employees received phishing emails on November 25, 2014. Phishing scams usually strike in the form of fraudulent email messages that direct people to a website infected with malware in an attempt to obtain private information such as passwords and credit card numbers. The hackers gained unauthorized access to the email accounts of employees within the Partners HealthCare network. Read more…

Insurance industry leads the way for cyber best practices

April 27, 2015 Leave a comment

computers_techIt was reported earlier this month in the Wall Street Journal that many Corporate Information Security Officers (CISOs) are turning to the insurance sector for assistance and guidance when it comes to understanding cyber security.

Normally late to the party, insurance carriers tend to thoroughly examine years and years of loss experience in order for actuaries to set the rates for new areas of risk. But it is not the case when it comes to the rapidly developing area of cyber threats. Instead it is the insurance sector that many are turning to for guidance on how to deal with the uncertainty of cyber security. Read more…