Traitor or Whistleblower?

We are currently watching three different but somewhat related events in the area of breaching national security secrets. 

The first is the trial of Pvt. Bradley Manning, who released classified information about the war in Afghanistan to Wikileaks in 2010.  He is currently being court-martialed, the verdict is due tomorrow.  Pvt. Manning is 26 years old.

The second, of course, is the saga of Edward Snowden, the NSA contractor who also released classified information about the NSA and it’s domestic spying ...

Continue Reading →
0

SysAdmin Day 2013–Friday July 26

Friday is System Administrators Day, and this post is just a gentle reminder that gifts, food,  appreciation, and, dare I say it, even tokens of affection are appreciated by those of us who toil in the hot and noisy server rooms, dusty equipment closets, and under your desk kneehole as we work to keep the networks secure and the computers humming.

There are some splendid gift ideas on the SysAdmin Day website.  I am not sure that ...

Continue Reading →
0

Should You Be Using Encryption?

With everyone and their Uncle Sam spying on your online activities these days, the question is: should you be using encryption to keep your online communications private.  The answer is: you probably are already.

For instance, any time that you are using a web site that has an HTTPS address, such as, https://www.mybank.com, that session between your computer and the bank’s server is encrypted.

Some of us are using encrypted email systems.  You may be doing so without even knowing you ...

Continue Reading →
0

Cyber Attackers Take Aim At Manufacturing Systems

Manufacturing automation and control systems, and SCADA (supervisory control and data acquisition)systems are being targeted by cyber attackers, due to the weak and often missing security controls on these systems.  Unfortunately, due to the widespread perception that “there is nothing interesting here,” managers of these systems take the attitude that convenience and ease of use is better than security with a little more inconvenience and difficulty.

In 2012, an anonymous researcher created an "Internet Census" tracking all of the open embedded ...

Continue Reading →
0

Hacker Wars – USA vs. China

Thanks to Edward Snowden, the NSA whistleblower, we now know for certain what many of us suspected all along – the government of the United States is spying on its citizens – on everyone with a cell phone, landline, or Internet connection.

This revelation broke as President Obama was meeting with the new premier of China, Xi Jinping.  Part of the meeting was Obama telling the Chinese Premier to knock it off with all the hacking that China has mounted against ...

Continue Reading →
0

Security Policy for On-line Banking

If my last post made you want to tear out your Internet connection and go back to burying your money in coffee cans in the backyard, despair not.  Here is a really great idea that will allow you to secure your online banking in ways that will be hard to defeat.  This comes to us courtesy of Krebs on Security.

Cyber-criminals gain a foothold on your business network by infecting your computer with some sort of malware, ...

Continue Reading →
0

NC Fuel Company Loses $800K to Cyber-Thieves

Here is a perfect example of what I was talking about in my last post.   To read the full gruesome details go to the Sophos blog.

Basically, a small, 15 employee fuel distribution company in North Carolina suffered an $800,000 loss due to changes that their bank made to the security of the online banking system.  The old system required a user to log in from a known and approved IP address, enter a password and a ...

Continue Reading →
0

Vulnerable to Cyber Crime–Survey Says Only 36% of Small Businesses Apply Security Updates

Ok, so this number is from a recent study in England, but I am willing to bet that the numbers are about the same in the U.S.

This study was reported by Sophos recently, and it supports my own observations of my own clients.  Not very many of my small business clients have a security policy that is followed by the workers in the company.  Most companies opt for convenience over security, and are using short, easily broken passwords, ...

Continue Reading →
0

How to Rob Two Arabian Banks of $45 Million Dollars

You can’t pull this off with a ski mask and a gun.  A major bank heist that cleared a $45 million haul from two banks on the Arabian peninsula was pulled off by an international cyber-crime crew during two days, one in December 2012 and and the other in February 2013.  The story reads like a crime novel or Hollywood movie.

First, in December, cyber-criminals gained access to the databases of an Indian company that handles the debit card transactions of ...

Continue Reading →
0

Passwords–Longer Beats Complex

I ran across an article on the PCWorld web site, that explains why longer simpler passwords are better than shorter more complex passwords.  It is basically about hacking time.  Passwords are cracked using automated programs that make thousands of attempts per second.  They are cracked from long lists of encrypted password hashes that are stolen from web servers.  The resulting clear text passwords are recorded and sold as “rainbow tables”  If I have a good rainbow table and ...

Continue Reading →
0
Page 245 of 278 «...220230240243244245246247...»