Entries tagged with “data breach”.

An ongoing attack into corporate America has been trying to infiltrate more than 100 mostly pharmaceutical and health care companies in one of the latest examples of cyber security breaches regarding financial data. This time, the goal is not to take money, but instead to take information. The objective is market-moving information about publicly-traded companies that can be used for a different kind of crime – insider trading.

Cyber security firm Fire Eye recently disclosed the operation, telling Reuters that the hackers were very specific in their method of attack: They targeted only people with access to inside information that could be used to make profitable trades before that information became publicly available.

While Fire Eye declined to disclose the identities of specific victims, the firm says victims include corporate advisors, investment bankers, attorneys, investor relations firms, and others that could have access to corporate information. Fire Eye acknowledges that information has been compromised, but the firm says it does not know whether any trades were made using that information. Fire Eye calls the group “FIN 4” because it ranks number 4 among the large, financially motivated groups that Fire Eye tracks. Fire Eye has already reported the group to the FBI, though the bureau is not commenting on FIN 4 for now.

FIN 4 doesn’t operate by infecting corporate computers with malware. Instead, its hackers steal e-mail account passwords. Using those compromised accounts, the hackers then send phishing e-mails to try to gain inside information. Fire Eye says that FIN 4 covers its tracks by using Tor, a service that masks the location of Internet users.

“They are going after the weakest link in the security chain, people,” Kevin Westin, a security analyst for threat detection firm Tripwire, told Top Tech News. “Given the targets and the data compromised you could call this white collar cybercrime because the goal appears to be industrial espionage.”

Strict password protocols are a must for thwarting hackers seeking inside information. Employees should be required to have different and distinct passwords for each web service they use from the company. Corporations should also consider two-factor authentication, which would require users to enter a second code provided by text message or on another device, such as an authentication device that changes passwords each time it is used. And employees should be trained on phishing tactics that could be used to procure sensitive business information. To learn more about how to make your business more secure, contact us.

A major mail courier was recently the victim of a cyber security breach. The breach effected both employees and customers. The cyber criminals stole data that can potentially be used for identity theft.

It’s important that people are aware of this episode of data breach. Although there’s no evidence that the data was used maliciously, there’s still a cause for concern.

This case is just another reason why businesses should take additional steps to protect their financial data. According to recent article, the reason for the data breach was the mail courier’s employees weren’t following protocol regarding network security.

This means that it’s possible that the security breach could have been prevented. Managers aren’t the only ones who have to worry about cyber security. It’s a company-wide issue.

Cyber security works on two levels. First, businesses need to invest in the proper equipment to protect their network and data and prevent security breaches. Without the right infrastructure, businesses are putting their data at risk.

But even if businesses purchase the best equipment, it won’t mean anything if employees aren’t trained in cyber security. Businesses have to establish a strict cyber security policy and train their employees how to protect business data.

The mail courier is now conducting an internal investigation to find out what exactly caused the breach. Your business can avoid all of this by investing in cyber security and training your employees.

To talk more about how to prevent cyber security breaches, please contact us.

Are cyber security breaches regarding financial data important? We think so, and we really can’t understate the importance of knowing more about them.

Banks and financial institutions have been experiencing elevated numbers of cyber attacks. The frustrating thing is that customers could protect themselves much more if they would change their behavior, but they refuse. Some indications of customer disengagement include:

-Passivity-People leave it to the financial institutions to do everything and are not proactive enough. 45% have taken no protective measures.

-Reluctance to use safer technology-66% of customers surveyed say they fear that their information will be stolen, yet they are generally reluctant to use digital wallets.

-Misplaced priorities-Corporate executives form security plans, but fail to update them in a timely manner.

-Ignorance-Even the biggest companies aren’t aware of the nature of the cyber threats against them.

In the face of these facts, it is clear that industry must take the initiative to protect consumers. People are not adapting except to sometimes succumb to cash-only paranoia, which is wholly unnecessary. Moreover, even as some recognize that sitting out on the advantages of the tech-savvy financial ecosystem is not a solution, they take half measures to ensure security. That kind of strategy doesn’t win.

It then falls to banks to ensure that their customers’ information is not stolen. Four steps they take to proactively anticipate cyber attacks are to

-Detect-Predict whether an action is potentially theft before losses occur.

-Respond-Apply insights in real time to prevent or interrupt suspicious activity.

-Investigate-Execute inquiries with data analysis and state-of-the-art case management.

-Discover-Analyze reams of data quickly to identify patterns of financial crimes and fraud.

Contact us to learn more about cyber security and how we can help.

Cyber security breaches regarding financial data seem to be a recurring theme lately.  From large department stores to national banks, hardly a day goes by that you don’t hear about a cyber attack on one business or another.  Just recently news broke that another national brand, this time in the home and office industry, is investigating a possible data breach in the Northeast. In response to all of this, the fourth annual Cyber Security Summit opened Tuesday in Minneapolis.  All businesses, large or small should be aware of not only the possibility, but the probability of this happening to them.  They should be working on ways to beef up their own cyber security.

One of the ways to prevent cyber security breaches is to encrypt your data so that even if it is stolen, it won’t be able to be read. Another is to make sure your systems PCs, laptops, etc. are protected by firewalls and up-to-date anti-virus and anti-spyware programs. Work out a system for detecting breaches- monitoring traffic and creating a central log of security-related information to alert you to suspicious activity on your network would also be helpful.  Hackers may know your router’s default settings so always change the username and password for new routers immediately.  Did you know that pass phrases are more secure than traditional passwords?  Use long pass word phrases when securing sensitive data. An example of this is “Ilovepizzapie”.  Use proper capitalization in your pass phrase to increase its complexity and make it even more secure.

To find out more on how you can protect your business from potential cyber security threats, please contact us.

Cyber security breaches regarding financial data seem to have become increasingly common over the past year.  Our last example of this series gives the example of a large bank corporation that fell victim over the summer. It’s reported that this particular cyber-attack affected nearly 80 million households and small businesses combined.

The hackers reportedly accessed the applications and programs that run the banks computers.  One article described this access point as “a road map via which they could cross check with known vulnerabilities in each program and web application, in search of an entry point back into the bank’s systems.”

The hackers were able to obtain the names, addresses, phone numbers and e-mail addresses of account holders. While no fraud has been committed yet, the information obtained is a virtual goldmine for those potentially plotting an attack sometime down the road.

The sophistication of the attack has the bank and investigative agencies in shock. The hackers were able to obtain the highest level of administrative privilege, leading some to surmise that they were Russian computer experts, perhaps even backed by the Russian government.

Whatever their origin, the hackers have managed to shake the confidence of businesses and consumers nationwide. Up until this point, banks had been seen as some of the least vulnerable institutions to cyber-attacks due to the extensive security measures which they employ.

The bank is now planning to spend  millions of dollars on new security measures. Ironically, they might have been able to save at least part of this sum if they would have managed to retain more of their security staff. A great many of the individuals employed by them in this particular area had already left to work for other banks, and more are currently preparing to leave.

Having the right staff in place to adequately perform security measures might have saved them not only money, but a great deal of worry as well. For the right security measures to keep your firm’s financial data safe, contact us.