Source: National Cyber Security – Produced By Gregory Evans The results of an attack on the industrial internet of things could be as bad a Bhopal or Chernobyl, warn some the largest corporations in the world. A consortium of some of the largest multinational corporations in the world has The…
Government Agencies Not Doing Enough To Protect IT Systems
Source: National Cyber Security – Produced By Gregory Evans NASA and the U.S. Department of State were among the federal agencies that received low marks on IT security, according to a recent report card issued by the New York-based firm Security Scorecard. Also receiving low grades were the states of…
Judge says evidence is strong enough to keep Daniel Heinrich in jail
An FBI special agent detailed in federal court on Wednesday why Daniel Heinrich has suddenly emerged as the “person of interest” in the disappearance of Jacob Wetterling 26 years ago. After hearing agent Shane Ball’s testimony, U.S. Magistrate Judge Tony Leung ruled that there was sufficient evidence to continue to…
NSA spying: judge tosses out case because Wikipedia isn’t widely read enough
Source: National Cyber Security – Produced By Gregory Evans Wikipedia’s parent org — has had its case against the NSA dismissed by a Federal judge who said that the mere fact that the site is one of the most popular destinations on the net was not a basis for assuming…
CISOs spend 77% of their time on tech, not enough time on strategy
Source: National Cyber Security – Produced By Gregory Evans According to the Deloitte CISO Transition Lab, a chief information security officer (CISO) has four faces — the strategist, the advisor, the guardian of business assets, and the technologist. The findings suggest that on average, CISOs spend 77 percent of their…
ISIS social media accounts are buzzing with a spreadsheet of personal data on employees of the American, British, and Australian governments, including military personnel. The Islamic State claims this list was compiled using data stolen from government systems by its “hacking division,” although some experts who have reviewed the list say most of it was more likely created using simple Google searches of publicly available data. There are about 1,400 individuals included on the list. The list was accompanied by a message from the “Islamic State Hacking Division,” transcribed by Sky News: O Crusaders, as you continue your aggression towards the Islamic State and your bombing campaign against the Muslims, know that we are in your emails and computer systems, watching and recording your every move. We have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands. So wait, we too are waiting. The Sydney Morning Herald criticizes Australian officials for being “caught on their heels” by the hit list, which includes Defense Force employees and a Victorian MP. Even though “Australia’s most senior Islamic State militant, former Melbourne man and terror recruiter Neil Prakash” was posting links to the hit list early Wednesday morning, at least half of the Australians targeted by ISIS said they were unaware of the threat until they were informed by the media… which contacted them using the phone numbers published by the Islamic State. “I’m completely at a loss,” said the aforementioned MP, who at least has access to a security detail assigned to protect elected officials. “What do I do? The police probably know less than you and I.” Defense Force employees on the list said they were in shock no one from the government had warned them. Various agencies of the Australian government declined to discuss the matter. In addition to Prakash – who crowed “Cyber war got em shook!” and “Kill them where you find them and enslave their women” on Twitter – the Herald reports “other prominent militants, including British man Junaid Hussain, who is third on a CIA kill list of Islamic State operatives, also used social media to promote the leak and encourage attacks.” Sky News reports the hit list includes British Foreign Office employees, plus a “local council employee.” Most of the names on the list are American, including personnel from the Air Force, Marines, NASA, FBI, and the Port Authority of New York and New Jersey. Russian state outlet RT.com says the list also includes “a worker in an Israeli magistrate’s court” and “someone in a college in Mississippi.” The RT.com article mentions some reasons for skepticism about the Islamic State’s claim that this list includes confidential information obtained by hackers: some of the phone numbers appear to be disconnected, while the purportedly stolen U.S. military passwords appearing on the list are “too weak to pass the guidelines of an official computer system operated by the Pentagon.” The Sydney Morning Herald also found some of the information published on the list to be outdated. “This is the second or third time they’ve claimed that and the first two times I’ll tell you, whatever lists they got were not taken by any cyber attack,” said Army Chief of Staff General Ray Odierno, as quoted by the UK Guardian. The Guardian also cites the opinion of computer security expert Troy Hunt, who said the of the supposedly hacked data: “It’s pretty clear that it’s been aggregated from different sources. It’s been put together on the basis of a .gov or .mil address. Even the passwords, they’re not strong enough to have come from a corporate or government. They’re not even strong enough to have come from an online service – you can’t create a Gmail account, for example, with a password of less than eight characters, and here we’re seeing some passwords of three letters.” The UK Daily Mail notes that Twitter administrators appear to have shut down the Islamic State Hacking Division’s account three times on Wednesday while it attempted to spread its hit list around, leading to the creation of a fourth terrorist account with the message, “Kuffar seem to be raging.”
Source: National Cyber Security – Produced By Gregory Evans ISIS social media accounts are buzzing with a spreadsheet of personal data on employees of the American, British, and Australian governments, including military personnel. The Islamic State claims this list was compiled using data stolen from government systems by its “hacking…
Leaked shell suggests iPhone 6s will be tough enough to prevent a ‘Bendgate 2’
The Bendgate ‘saga’, as you may remember, gained significant coverage in the early days of the iPhone 6 Plus. One or two early adopters reportedly claimed that the handset was bending out of shape, and YouTube channel Unbox Therapy subsequently proved that if you really wanted to, you could indeed…
The 30-day notice in Obama’s hacking law isn’t enough: Michael Sobol
Source: National Cyber Security – Produced By Gregory Evans President Barack Obama wants Congress to pass a new law that would require companies to inform customers within 30 days when their personal information — such as Social Security numbers — is exposed. Forty-seven states have their own data breach notification laws,…
Obamacare Cybersecurity Bill Not Enough to Protect Personal Info
Obamacare Cybersecurity Bill Not Enough to Protect Personal Info Today (Friday), the U.S. House of Representatives passed an “Obamacare cybersecurity bill” that helps protect people from the gaping security hole that is the Obamacare website. The Health Exchange Security and Transparency Act, H.R. 3811, is a one-sentence bill that simply requires customers to…
Obamacare Cybersecurity Bill Not Enough to Protect Personal Inf
Obamacare Cybersecurity Bill Not Enough to Protect Personal Info Today (Friday), the U.S. House of Representatives passed an “Obamacare cybersecurity bill” that helps protect people from the gaping security hole that is the Obamacare website. The Health Exchange Security and Transparency Act, H.R. 3811, is a one-sentence bill that simply requires customers…