Even people who aren’t familiar with investing have heard of cryptocurrency — especially lately since it has frequently made headlines.

Some of those news stories about digital currencies focus on the rapid rises — and seemingly inevitable declines — of Bitcoin, one of the most well-known cryptocurrencies.

Others discuss how people had relatively stable lifestyles but lost most of what they had after becoming interested and investing in cryptocurrency. Some people who have had substantial successes in cryptocurrency realm live in anonymity, not wanting to attract too much attention.

These potential downsides and others have some people wondering if the potential to get rich as a cryptocurrency investor is appealing enough to make the less-profitable outcomes less frightening. Indeed, when things go wrong, security is often the first thing people lose.

Cryptocurrencies Becoming More Attractive to Hackers

Cryptocurrency investors keep their virtual funds in digital wallets. Pickpockets have swiped physical currencies for generations, and the same is true for cryptocurrencies. Increasing interest levels makes them more tempting to hackers. In January 2018, hackers stole more than half a billion dollars worth of digital currency from Coincheck, a Japanese exchange.

Analysts say investors should expect more attacks of the same kind. Sometimes, the hacks occur on investors’ computers through a process called cryptojacking, which involves taking control of a victim’s browser and using it to create or “mine” cryptocurrencies fraudulently.

According to research collected by Check Point, a cybersecurity company, mining malware has affected 55 percent of organizations worldwide. Statistics from December 2017 indicate the most widely used threat of this kind is called Coinhive.

Cybercriminals depend on botnets, too, which are groups of internet-connected devices infected by a common type of malware. Botnets were once not considered financially viable, but experts say newer cryptocurrencies are easier to mine, and people can rent botnets for as little as $40.

The growing likelihood of getting hacked is one of the many reasons people prefer investing in traditional physical currencies, such as silver. Compared to cryptocurrencies, statistics show silver is historically stable. Even after experiencing downturns, it often makes a complete rebound in 12 to 15 months.

People Are Losing Access to Their Digital Wallets

The stress of losing an actual wallet is severe enough, but for individuals who cannot gain access to their digital wallets after forgetting the password or deleting a file that contains cryptocurrency information, the anxiety can be even worse.

Mark Frauenfelder, an investor who lost $30,000 of cryptocurrency after forgetting a PIN, knows that reality all too well. He eventually recovered it, but not without going through months of anguish and failed efforts.

A software architect using the alias Dave Bitcoin launched a website called Wallet Recovery Services to help people in Frauenfelder’s predicament. Dave relies on a computer program to try millions of passwords in a short timeframe — otherwise known as brute force decryption. He has about a 30 percent success rate and charges individuals 20 percent of whatever is in the recovered wallets.

Dave reports his business has boomed, due in large part to the rising popularity of cryptocurrencies. Even as currencies evolve, the fact that humans forget things remains constant.

Cryptocurrency Wealth and Its Connection to Personal Safety

As mentioned earlier, people who have reaped the rewards of cryptocurrency in significant ways typically stay tight-lipped. Sometimes, they don’t disclose the kinds of digital currency they own — their closest friends and relatives may not know how much they possess. Fellow investors who want to have the same victories could hound those who divulge more details, too.

The primary reason investors stay quiet about their cryptocurrency holdings is that they fear getting robbed or otherwise targeted. The decentralized nature of cryptocurrencies is appealing to many people, but it also means they can’t put their wealth in banks to reduce the personal safety risk.

Cybercriminals have also tried to tap into investors’ paranoia for gain by using an online death threat scam. It tells victims’ their lives are in danger unless they pay a specific amount of cryptocurrency.

Evaluating the Plausibility of Disaster

At the beginning of the year, the Utah Division of Securities warned that cryptocurrency dealings could become risky for several reasons, including evidence of digital money used for fraud. With all these factors in mind, potential investors must take stock of the circumstances surrounding their situations and determine those most likely to cause threats to security.

Then, it’s crucial for them to take action to minimize the likelihood of something devastating happening. That may mean going to great lengths to prevent losing a digital wallet access code, investing in a home monitoring system or beefing up malware protection on their computers.

The inherent uncertainty of cryptocurrency investing is even higher for individuals who do not assess possible threats and decide how they can reduce them.

After all, if cryptocurrencies continue to flourish, the efforts to scam people and steal their wealth will increase, too.

The post Is Investing in Cryptocurrency Worth the Security Threats? appeared first on IT SECURITY GURU.

The recent history of security clearances in the Trump White House has raised eyebrows.

Jared Kushner’s clearance application contained errors and omissions of a type “never seen” by some who are close to the approval process for clearances.

Another recent headline saw questions raised about Rob Porter — the former White House staff secretary — and why he was granted temporary security clearance despite FBI warnings about domestic abuse allegations in his past.

It is the second story that seems to have gotten the necessary parties interested in overhauling White House security clearance policy. Let’s take a look at what we can expect next.

What Effect Will This Have on White House Intelligence?

General John Kelly, the current White House Chief of Staff, has outlined his intentions to broaden the restrictions on which types of classified intelligence the interim security clearance-holders are allowed to access.

And although Porter’s story was certainly a tipping point, Kelly cites a colorful history of White House staff members who have handled highly classified information without permanent security clearances. Any staff member with a pending background check more recent than June 2017 will see their SCI-level privileges stripped from them.

The aforementioned Jared Kushner still does not have a permanent security clearance, despite this administration being more than a year old and despite his continued presence at high-level government meetings. Kushner could be one of the first to see his access revoked under these new rules.

With respect to elevating concerns over the content of an applicant’s character, as the FBI attempted to do in Porter’s case, Kelly has outlined plans to require the Federal Bureau of Investigation to, in his words, “hand-deliver” background checks for potential staff additions and place a special emphasis on “significant derogatory information” about those employees.

Critics have been vocal about Kelly’s proposed changes to the application process. One attorney with experience in security clearances and FOIA requests, Mark Zaid, called Kelly’s memorandum “troubling” and asserts that the application and approval process “worked fine before this Administration.” The failure, according to Zaid and other experts, is a cultural one rather than a procedural one.

For example, anybody who is familiar with the Rob Porter situation knows that the question is not “whether” Trump’s White House knew about the allegations against him, but “when.” The next conclusion is that high-level staff in the White House had as much information as they needed to draw actionable conclusions about Porter’s fitness for government work.

How Will This Affect the Release of Digital Information From the White House?

It’s clear that the digital frontier brings challenges that might never have perfectly acceptable solutions. Every safeguard we dream up to fight against the access or dissemination of sensitive information reduces transparency on some level, even as it makes important information safer. Making changes to how government contractors handle even unclassified information is a critical point of interest these days.

The question is whether Kelly’s memorandum and proposed changes are just to save face or whether they will actually succeed in changing something the American people want changed.

Nevertheless, Kelly’s plan would also require that temporary security clearances older than 180 days expire automatically or be extended for an optional 90 days if background checks come back clean. It is not uncommon for security clearance approvals in a new administration to take as long as Kushner’s has. But given the very long list of responsibilities handed to him by his father-in-law, Donald Trump, these new restrictions are certain to change how he performs his work — if he can perform it at all.

In fact, part of the reason so many White House staff members have seen lengthy delays with their clearance approvals is that this administration has a higher percentage of first-time civil servants than previous administrations. And, ultimately, the president of the United States can grant security clearance to whomever they want, further complicating things.

Kelly has it part right: There was either a failure of communication or failure of judgment. Some of the fixes he describes should make it easier for concerned parties to elevate their concerns about appointees and applicants to sensitive roles. But some of the detractors are right too: The process would have worked as intended if somebody in the Trump White House had reacted appropriately when the FBI voiced their concerns about Rob Porter.

The Fallout

The only institution in America at this time with the power to strip the president of his security-clearance-granting prerogatives is Congress. So even if Trump or persons within his circle “dropped the ball” on Porter, it’s fairly clear that checks and balances aren’t quite what they should be when it comes to this particular process.

The FBI has had recent problems of their own, including the loss of personal data on thousands of employees in 2016. However, it’s clear that if their role in preventing stories like Porter’s wasn’t taken seriously by the Trump administration, it was for other reasons entirely.

The stakes are high, as we’ve seen. The Trump White House has seen a stream of leaks to journalists and other parties. It isn’t hard to see how automatic time-outs for temporary security clearances and limited access to highly classified documents could help reduce the number of information leaks this administration has weathered, which are either unprecedented or merely statistically interesting, depending on whom you ask.

General John F. Kelly is right to want to protect the sanctity of high-stakes intelligence. He’s applying what he knows of military culture to the “problem” of information porosity in this current White House. What the rest of us can’t ever forget, though, is that some information needs to be leaked.

Breaking state-mandated silence to bring wrongdoing to light is the sort of revolutionary spirit Americans are supposed to value.

Nobody wants a less-transparent American government, but some of the growing pains we’re seeing now are the result of entrusting its operation to people who don’t know how it works. Some of these people have ulterior motives, but many others do not.

Kelly, who believes digital information leaks are tantamount to treason, proposes making life more difficult for both types.

The post Changes Made to White House Security Clearance Policies appeared first on IT SECURITY GURU.

Reacting quickly to cyberattacks is a vital aspect of cybersecurity. A prompt response can be the difference between minimal damage and catastrophic data loss.

Additionally, cybersecurity experts value the importance of preventive and offensive measures, whose presence is as important, if not more so, for cybersecurity professionals to master as a quick response.

A quick, effective response combines with preventive measures for an ideal cybersecurity solution.

Offensive Cybersecurity Measures

Hackers today are sophisticated and up-to-date, making a defensive stand not enough on its own for many companies. In fighting a cyberwar against very skilled hackers, companies need to approach security with an offensive mindset.

Whereas defense relies on waiting for a hacker to make a move, offensive strategies involve identifying the network’s vulnerabilities in addition to the hacker’s weak spots and methods, applying preventive measures with this information in mind.

Although the term offensive may imply attacking hackers first, the offensive aspect more so regards an IT environment as a battleground, with the protection of that battleground requiring visibility into the environment.

Organizations should strive to know their battlefield better than hackers, with the ability to quickly recognize when something seems awry.

Daily, real-time analysis can help to spot any vulnerabilities, just like how the military routinely performs reconnaissance missions to scout an environment.

Preventive Methods

In addition to offensive measures providing effective risk management, cybersecurity experts value the effectiveness of preventive measures, which can stop hackers in their tracks before they access any sensitive data.

Cybersecurity should eliminate exposure of control system devices to an external network. Some companies are not aware that their control systems face the internet, presenting a cyber threat.

Cybersecurity experts should also apply firewalls and network segmentation, which involves classifying and categorizing data and IT assets into specific groups, which they then restrict by access.

Placing resources into various areas of the network can make it more difficult for hackers to access in its entirety. Additionally, network segments and boundaries help to monitor, restrict and regular communication flow, which helps in identifying suspicious activity.

For precautionary reasons, all networks should also have system logging. Logging helps identify cyberattacks in real time, in addition to providing information that can help prevent such attacks in the future through root-cause analysis. Also, program auditing can ensure your systems are operating at peak efficiency, which helps reduce expenses and liability.

The IT team should also inform employees to use only strong passwords, to prevent against brute force attacks, when hackers try millions of different characters with tools to break into an account. IT should also enforce policies on mobile devices, since hackers can take advantage of the “bring your own device” (BYOD) trend in some workplaces.

In general, companies should implement an employee cybersecurity training program. Although cybersecurity is a broad field, several topics require immediate attention, such as social engineering methods like email phishing.

Smart internet practices, like recognizing illegitimate websites and malware, are also useful to teach, as well as emerging hacking methods like voice hacking.

Cybersecurity Incident Response Plan

In addition to offensive and preventive measures, cybersecurity experts should organize an incident response plan. The plan can involve anti-virus software, intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) to help detect early-stage attacks.

Many IPSs and IDSs can detect malware, port scans and irregular network communications. An effective response plan can help to minimize damage and soothe customers and partners. The plan should involve collaboration among all departments, from IT to top executives. In business, everyone is responsible for cybersecurity prevention.

Cybersecurity is about more than reacting to attacks. Offensive and preventive measures must be in place to ensure damage is minimal.

Additionally, an effective cybersecurity incident response plan can invite collaboration among all departments to improve a company’s cybersecurity strength.

The post Cybersecurity Is About More Than Reacting to Attacks appeared first on IT SECURITY GURU.

We are reaping the proverbial whirlwind of our long years of relentless technological advancement.

Cyber-insecurity and constant data breaches are some of the growing pains of digital and wireless technologies. And even now, the private and public sectors can’t seem to agree on how to solve it or how bad things need to get before we do.

An illustrative example of this collision — between vulnerable technologies, corporate profit margins and insufficient government regulation — is the National Retail Federation’s response to a new bill concerning data breaches.

The bill, now in committee in the House, seeks to improve the robustness of our laws as they pertain to the handling of customer data and the corrective actions undertaken by regulatory bodies.

This bill, says the Federation, doesn’t go nearly far enough to protect the peace-of-mind of the average American.

National Retail Federation vs. House Financial Services Committee

Here are the NRF’s major grievances in their vice president’s own words:

“The legislation being considered by the committee is an important step forward but has significant loopholes that would allow major data breaches to be kept secret from the public. We want to work with the Committee to develop an airtight bill that covers all industries and ensures that all data breaches are subject to notification no matter where they occur.”

Translation: This legislation is good, but it needs more work. The standards it proposes aren’t nearly high enough and don’t protect enough people.

To grant their arguments weight, the NRF drew upon research gathered in the Verizon 2017 Data Breach Investigations Report, which approached the problem across the entirety of modern industry.

Previous reports covered only the types of businesses which are explicitly required by law to disclose data breaches to their customers and to the public. As of this writing, financial institutions — themselves close partners of every retailer in America — are subject only to “discretionary” disclosure of breaches.

The NRF argues that a holistic approach, and nothing less, can deliver meaningful, consumer-centric regulation for data breaches across the entire economy.

A significant portion of the NRF’s “case” against the bill in its current form is the apparent protections it affords to banks. They also pointed to vagueness in the definition of key terms such as “service provider” as well as the structure of the requirements themselves, which, in their words, is a “one size fits all” solution to a multifaceted solution.

A better idea, they contend, would be to build-out different rulesets for different types of businesses — most notably telecommunications companies, banks, card processing companies and any other types of business which come into contact with sensitive data.

More specifically, they argue, actions undertaken by regulators to prevent data breaches should be based on the inherent “risk” of specific industries as well as the “sensitivity” of the data involved.

Whether this “parceling out” of different types of risk is a slippery slope remains to be seen — and American law explicitly provides protections against “unlawful search and seizure.” Such a concept needn’t concern itself with the specific contents of what’s being protected.

Nevertheless, the NRF does have a point — and we can see why when we look at the most recent examples of what happens when ethically-compromised regulators attempt to respond to data and trust breaches.

A Recent History of Public and Private Sector Clashes Over Customer Protections

The approach now favored by the federal government against banks who mistreat their customers usually involves fines so small that the defendants laugh about them during Congressional hearings.

Elsewhere, technology companies great and small are drawing attention to the low protection standards for the technology-based financial service providers that power modern retail businesses.

In other words, even if regulations at the federal level seem to peter out a few months after every data breach, and if regulations can vary widely from state to state, the private sector is all the while making ever-more-sophisticated tools available for retailers and many other industries to deliver what regulation alone currently cannot.

In other words, even if government can’t hold every company to a uniform standard, each company can choose to hold itself to high standards by working with the right partners and technology platforms. It’s not perfect, but it’s a start. And a needed one.

In its dealings with Equifax, the federal government took precisely the approach the NRF warns about. People who have studied the government’s response and the rules considered, but not enacted even months later, have declared the measures proposed to be wholly insufficient. Insufficient to the point where Equifax might literally turn a profit as a result of their data breach.

The NRF Has a Point

It’s clear the NRF is vindicated in their claims that the small amount of regulation proposed, and the even smaller amount of regulation passed into law, don’t provide adequate or lasting protections for Americans.

Their argument that sensitive information should be “typified” by “sensitivity” is a slippery notion so long as “privacy in general” is still an inalienable right. But their argument that our current Congress and its Committees don’t appear to consider this a major priority is perfectly sound and fully backed up by recent history.

The post There Are Some Big Problems With This Data Breach Bill. Retailers Want Them Fixed. appeared first on IT SECURITY GURU.

Two new reports from lead author Professor Nick Jennings of Imperial College London and other cybersecurity experts assert that device manufacturers have a larger burden to protect consumers from cybersecurity attacks than the device users themselves.

The report points out that although it’s important for users to be as proactive as possible in that regard, many people don’t know the most effective ways to do so.

It suggests using a safety mark system that acts as a guarantee that device manufacturers are protecting people from hackers and performing updates as needed.

It also brings up how government regulations could be imposed to force manufacturers to bring their cybersecurity practices in line with modern standards.

On the consumer side of things, this report recommends making good cybersecurity practices part of the grade school curriculum. This ensures people have early exposure to the things they need to do to keep themselves as safe as possible from hackers.

The report also mentions how people should keep their devices updated regularly.

Beneficial Devices With a Potential Dark Side

Information in the report clarifies that internet-connected devices have considerable potential for helping society, especially within the elderly and disabled populations.

However, it points out that hackers could take control of medical devices like pacemakers and diabetes management equipment and cause dangerous or fatal consequences.

Also, if a smart home includes lightbulbs or plugs, those could be used to spy on people or cause fires, respectively. Because many intelligent devices for residences detect patterns, cybercriminals could snatch data from some of them and learn when homes are typically unoccupied.

If manufacturers have to comply with these proposed protective measures, there are some industries and products likely to be especially affected. They’re covered in detail below.

1.       Medical Devices

The scenario mentioned above, whereby hackers could take control of medical equipment and cause it to malfunction and cause deaths, makes it particularly likely that if such regulations on smart devices exist, they will apply to medical equipment.

If people know such gadgets have a guarantee of safety from the manufacturers, they may be more likely to use them than if the makers did not give that promise.

Also, hospital representatives go through detailed processes when making purchasing decisions for their facilities. If some medical device companies refuse to take responsibility for protecting people from hackers, they’ll have trouble making sales to health facilities.

2.       Educational Gadgets

Schools are already using internet-connected devices to do things like track school buses and provide Wi-Fi that lets kids connect to the internet and do their homework in areas that ordinarily lack coverage. Facilities management becomes easier too, primarily because administrators can monitor energy usage or secure the premises while staying off-site.

If teachers make internet-connected devices part of school curriculums, the data collected rises significantly. This makes infiltration of educational tech products particularly attractive to hackers, especially when the data contains personal details like Social Security numbers.

3.       Smart Home Equipment

The report mentioned earlier discussed how hackers could break into homes filled with smart equipment and use those high-tech additions to invade privacy or cause risks to life and possessions.

Since many people now secure their homes with smart door locks, hackers are eager to figure out how to trick those gadgets. Even though most have integrated security measures to reduce the likelihood of that happening, some still fall short.

Such was the case with the Amazon Key system that allows a delivery person to enter a home and leave as a resident watches on a camera. There was reportedly a vulnerability that allowed a person to freeze the camera on a single frame and go back inside the house after it appeared they’d left.

A survey published by iQor revealed that about 70 percent of consumers are worried about their smart home devices getting hacked.

If manufacturers don’t start taking steps to prevent that and showing buyers how they have, the marketplace momentum currently enjoyed by smart home gadgets may start slowing down.

Consumers may decide that the lack of security they perceive with connected home devices is not worth the convenience.

It’s too early to say whether regulations for smart devices will arise and how soon they’ll impact industries.

Even if regulatory measures don’t get established for a while, manufacturers can still take a responsible approach to reduce the probability of cybersecurity breaches and prove they have applied those measures.

The post Cybersecurity Experts Put Burden of Hacking Protection on Device Makers, Not Users appeared first on IT SECURITY GURU.

Data sent to a third-party vendor that was not authorized to receive it led to a data breach involving 16,500 people associated with student loans. The affected company is Access Group Education Lending, and the company became aware of the situation on March 23.

What Kind of Information Was Leaked?

The public doesn’t know the third-party vendor’s name, but the company is reportedly a student loan lender. That vendor got data containing student names, Social Security numbers and driver’s license numbers.

The Data Was Reportedly Destroyed

Nelnet, a company that processes data for Access Group, is the entity at fault for distributing that sensitive information to the unnamed outside vendor that shouldn’t have seen it.

Representatives from Nelnet say they don’t believe inappropriate data use occurred following the leak. Instead, they clarified the data traveled to the third-party vendor through an encrypted channel. Also, that company recognized the data transfer happened in error, then got rid of the information.

According to details released in SC Magazine, a relevant manager for the third-party vendor agreed to sign a sworn document confirming the destruction of the information with nothing retained.

A Year of Credit Monitoring Offered

When making a statement about the issue to the press, Access Group said the exposure of personal details was “limited.”

Even so, the company will provide a year of complimentary credit monitoring to affected parties who want to ensure the data leak won’t have negative repercussions. It notified those individuals in writing, and provided the same disclosure to the respective attorney generals at the state level.

A survey of more than 10,000 people around the world indicates a growing concern among consumers regarding data breaches. The results found 69 percent of respondents don’t think enterprises take data protection very seriously, and two-thirds feared becoming victims of future data breaches.

Preventing Similar Future Events

Access Group monitors its vendors and will continue to do so as a preventive measure against other data breaches. Furthermore, it will mandate written data transfer protocols for third-party companies and double-check the recipients before starting to send files.

Data leaks can happen externally, as well as from inside organizations. Efforts to reduce internal threats require carefully screening individuals who have access to a company’s data, issuing role-based permissions for sensitive information and establishing clear, documented employee expectations.

This breach did not originate within Access Group, but since the company works with third-party vendors, it must continue to treat those representatives as if they were employees working onsite.

Plus, tightening up internal security measures would be a smart move, since Access Group already attracted negative publicity with this breach and wouldn’t want to be associated with other problems.

The Three-Week Delay Before Notifying Customers

Access Group didn’t get word of the incident until five days after the mistaken data transfer. It has also emerged that the company did not begin letting customers know about what happened until three weeks after learning the details.

That delay is in line with a trend that causes concerned individuals to assert that affected companies aren’t being sufficiently prompt and transparent.

For example, Facebook waited two years before notifying customers about data obtained by Cambridge Analytica, also a third-party company. Then, there’s Equifax, the credit monitoring company that didn’t alert consumers until weeks after one of the most massive breaches in recent history happened.

It’s important to realize, though, that U.S. laws require companies to tell consumers about breaches, but don’t get specific about timeframes. Abnormally long delays put companies at risk of scrutiny by federal authorities and queries about why disclosures didn’t happen more efficiently.

The Potential Risk of Data Breaches as Companies Depend on Partnerships

The Access Group incident illustrates how it can become more challenging to maintain control of data when using external providers to take care of some aspects of a business.

Although none of the involved companies engaged in malicious actions, that won’t always be the case for future data-related mishaps.

The post 16,500 Student Loan Borrowers’ Information Exposed in Data Leak appeared first on IT SECURITY GURU.

The health care industry is consistently under attack thanks to cybercriminals who eagerly attempt to snatch valuable data, costing organizations substantial financial and reputational damage.

People often weigh in and wonder why the overall industry can’t sufficiently beef up its cybersecurity strategies. However, the headlines they see that alert the public about breaches and other issues don’t tell the whole story.

The Health Sector Appeals to Hackers

Besides the scope of the records to steal and the details that range from Social Ssecurity numbers to home addresses, hackers set their sights on the health care industry because, historically, it hasn’t kept up with the times.

A 2015 Sophos survey found 20 percent of respondents in the medical industry didn’t use encryption at all. Hackers are typically ahead of their targets. That means they likely knew about the widespread lack of encryption before researchers did.

Also, a profile of health care-related attacks in 2017 is especially eye-opening. In numerous cases, more than one security issue occurred on the same day in different locations. The frequency of attacks is a factor that’s urging health care organizations to spend billions of dollars over the next several years to make improvements.

Some facilities aren’t equipped to deal with large-scale attacks, which is alluring to hackers that want to earn notoriety for their efforts. In February 2016, ransomware attacks forced a medical center in California to endure a week-long computer shutdown while its employees relied on paper records and fax machines.

Internal Threats Are Severe

A recently released report from Verizon found the medical industry was the only one whereby internal members were the biggest risks to organizations.

The study found almost half — 48 percent — of the people on the inside who compromised data security were financially motivated, presumably aiming to use stolen data to open new lines of credit or take similar actions.

However, problems also arise when employees don’t treat data correctly due to human error or a lack of training. They might throw sensitive data into trashcans instead of shredding it, or make mistakes when sending paper documents to external companies.

Numerous Challenges Exist

Outsiders are not always aware of the massive number of obstacles involved in getting the health care industry well-equipped against cybersecurity attacks.

For example, all communications platforms used to transmit patient data must comply with the Health Insurance Portability and Accountability Act (HIPPA). This means that health care organizations have to follow strict rules in regards to the security of how they send and receive all patient information. While  this does help with potential security issues, it can be extremely time consuming, though some organizations hope to change that soon.

Another issue is that people in the medical field are characteristically time-starved and focused on patient care. That means they often find it difficult to fit security training into their schedules or understand why it’s relevant.

St. Luke’s University Health Network received recognition from the American Hospital Association for its all-encompassing data security strategies. St. Luke’s sends out a quarterly scenario for employees to go through and see why cybersecurity matters. That approach is reportedly working well, probably because it keeps hospital workers’ valuable time in mind.

Ransomware Attack Mitigation Is Getting Better

The news about health care and cybersecurity is not all bad. An investigation about efforts to implement ONC SAFER Guides — which include updated material about stopping ransomware — found that hospitals are taking the recommended strategies against seriously.

Although only 18 percent of the hospitals studied showed complete adoption, more than 81 percent fully implemented the infrastructure-related guidelines.

The recommendations aim to prevent and reduce downtime of critical hospital systems. When the guidelines are in place, fiascoes such as the one experienced by the previously mentioned Californian facility should become less prevalent.

A Collective Effort Is Necessary

The most effective cybersecurity strategies are ones applied across organizations. Since many hospital systems span across states and countries, keeping everyone on the same page isn’t easy.

Exercising compliance is not enough. Instead, all people associated with respective health care organizations must work together to reduce the damage caused by cybersecurity shortcomings and promote improvements.

The post Why Health Care Gets Such Flak for Its Cybersecurity appeared first on IT SECURITY GURU.

The top companies of generations ago didn’t have to worry about cybersecurity because the internet didn’t exist yet. Because it’s so prevalent in our society now, criminals turn to the online realm to wage war against victims — and often target entire organizations in the process.

It’s essential for business leaders to be aware of potential cybersecurity threats to enterprises and know how to reduce them.

1. Disgruntled Former Employees

Individuals who become upset after terminations, being laid off or getting denied an opportunity for promotion are all people who could use their insider knowledge to put a company’s data at risk after they leave the organization.

Factors that motivate malicious insiders include greed, thrill-seeking and the desire to get revenge after a perceived wrongful action.

Companies can reduce the malicious insider risk by immediately deactivating credentials after people leave the company and carefully monitoring any sensitive material, including encouraging people not to print out or take home confidential documents.

2. Attacks From International Hackers

It’s crucial for companies not to have a solely domestic mindset when thinking about cybersecurity. Whereas government agencies usually have the resources to deal with cybercriminals from other countries and prevent their attacks, the same is not often true for entities at the enterprise level, making potential attacks particularly costly.

A 2014 attack at Sony that was reportedly launched by state-sponsored hackers from North Korea and resulted in the loss of substantial amounts of data — plus over 47,000 social security numbers — swiped from computers.

The cybersecurity team at a business must realize the organization is not out of reach of international attackers. They should keep that in mind when securing their networks and monitoring for threats. It’s also necessary to immediately begin communicating with law enforcement officials after a suspected attack to tap into their resources.

3. Staff Mistakes

Untrained and careless staff members also cause a significant percentage of cybersecurity incidents. Data collected in 2016 found that 57 percent of security issues in the government sector happened due to human error, producing 14 percent of the system downtime in those situations.

Sometimes, training itself isn’t adequate, especially if employees don’t realize their roles in keeping an enterprise safe from threats. All-encompassing training that evolves as new threats arrive is instrumental in minimizing risks due to staff mistakes.

It’s also useful to consider having cybersecurity experts speak to your teams to help solidify learned concepts and give staff members the opportunity to ask questions.

4. Unsecured Devices Brought From Home

BYOD workplaces that involve employees bringing gadgets like laptops and tablets from home into the enterprise environment can save companies money and allow people to work on devices that they know well and feel comfortable using. However, these devices are also vulnerable to hackers, especially if not properly secured.

One way to cut down on the risk to an enterprise is to write and uphold a BYOD policy that spells out how employees should handle their devices, whether or not they’re at work.

For example, keeping all software up-to-date, avoiding connecting to public Wi-Fi networks and locking down computer interfaces with passwords can all cut down on security risks on portable devices, regardless of where people are when using them.

The IT team at an organization should also adopt a practice of periodically checking BYOD devices to ensure they comply with the policy.

5. Outdated or Nonexistent Cybersecurity Practices

Statistics indicate there are 59 records lost every second. Whether due to insufficient internal practices alone or successful hacking attempts from cybercriminals that target organizations, that number suggests companies are not doing enough to lock down their data.

A survey of over 4,000 organizations found that seven out of 10 were not prepared for cyberattacks. In some cases, that might mean the enterprise has not updated its security strategies for several years. However, perhaps they have never formally incorporated cybersecurity efforts into business operations.

Carrying out a security audit is an excellent activity that allows business leaders to see where their companies stand and pinpoint the most glaring shortcomings. The insights gleaned enable enterprises to get a strong start when addressing cybersecurity from the ground up or to edit current practices so that they more adequately meet emerging needs.

Stay Vigilant to Avoid Catastrophes

This list details some of the most substantial threats to modern enterprises.

Fortunately, it also addresses how to make those risks less prominent. Business executives cannot afford to assume hackers won’t target them.

They must be aware of the daunting possibilities and rely on skilled cybersecurity experts — and the workplace at large — to keep costly and stressful threats minimized.

The post 5 Enterprise Cybersecurity Threats and How to Minimize Them appeared first on IT SECURITY GURU.

Last fall, energy companies in several countries, including Germany and the United States, found out via a cybersecurity report from Symantec that hackers had figured out a way to breach their infrastructures.

These hackers could potentially switch off the power grids at those establishments and wreak havoc on their computer systems.

Now, more recent news includes allegations that Russia was the country behind the scheme.

 Hans–Georg Maassen is the president of the Federal Office for the Protection of the Constitution, which is Germany’s domestic intelligence agency. He says there are numerous aspects about the incident — including the way it was carried out — that indicate potential involvement by the Russians.

The Berserk Bear Attack

This June, Germany’s cybersecurity agency, BSI, called the German power company attack “Berserk Bear.” Although BSI only named the issue recently, it became aware of it last year and said it had only managed to break inside the networks of a few companies related to German energy and electricity. Moreover, BSI says those previously infiltrated networks are now locked down.

Maassen declined to specify how many companies the hackers initially targeted when carrying out their attempts.

Russians Deny Involvement

In light of this development, Dmitry Peskov, a spokesman for the Kremlin, said he didn’t know what Maassen was talking about regarding the links to Russia when asked to comment on the matter.

Similarly, Maria Zakharova, a person associated with the Russian foreign ministry, seemed to take issue with the vagueness of Maassen’s stance. She stated: “(Germany) should give facts.”

This isn’t the first time Germany has had its eye on Russia in association with suspected hacking. After the alarm was raised about Russian interference in the U.S. presidential election, German officials began pondering if the same thing could happen in their country.

Unlike the United States, Germany does not use voting machines with internet connections. Even so, representatives knew it was necessary to remain vigilant against possible manipulation of the democratic process from outside influencers.

However, details have not emerged about whether the attack on the energy companies was similar to what happened in the U.S. elections.

Lying in Wait

Information from Symantec about the Berserk Bear attacks mentioned they were concentrated in Ukraine and Turkey.

They involved tricking energy company employees into opening Word documents that acted as harvesters for sensitive details, including email addresses and credentials that could be used for access to a company’s energy grids.

Specifics also clarified there was no evidence of the hackers modifying the machines they broke into. The goal was seemingly to gather insights about system operations that hackers could later use to orchestrate massive attacks and those motivated by political events, in particular.

The hackers collectively referred to under the Berserk Bear moniker are also sometimes called Dragonfly, and cybersecurity groups, including CrowdStrike, also brought up Russia as a country possibly behind the attacks. They said there could be a desire to get information about the energy infrastructures of countries to use that knowledge for diplomatic gain.

Adam Meyers, vice president of intelligence at CrowdStrike, pointed out that if Russia was involved in some of the energy company hacks in other nations, the Dragonfly hackers might have set their sights on Turkey. This is because representatives in Ankara shot down a Russian plane believed to be in its airspace.

Details Are Still Scarce

Maassen has not gone into depth about his beliefs about Russian involvement in the Berserk Bear attacks, which means all people can do until he reveals more specifics about his allegations is speculate.

This is not the first time Maassen has connected Russia to a suspicious attack. However, he’d likely not have stepped into the spotlight by giving a public statement about his beliefs without something substantial to back them up.

Hopefully, that means people will know more details soon.

The post Russia Suspected in German Energy Firm Hacks appeared first on IT SECURITY GURU.

Numerous studies focus on aspects of cybercrime aftermath, such as a company’s lost reputation or its struggles to obtain future clients after incidents.

However, Malwarebytes commissioned Osterman Research to determine the direct costs of cybercrime associated with three areas: the costs of major event remediation, expenses for security budgets and cybercrime caused by so-called “gray hats.”

The rest of this piece not only reveals the growing prominence of gray hats but, primarily, how common it is for security professionals to get approached about black hat hacking.

The Three Main Types of Hackers

A gray hat is a type of hacker that probes a company’s products or networks for vulnerabilities. When the person finds some, they contact the company and typically expect a financial reward for their revelations.

Gray hat hackers keep their day jobs as security professionals but engage in their less publicized activities outside typical work hours.

There are also white hat hackers. Companies knowingly hire them to probe for vulnerabilities and find them before cybercriminals use them for damaging purposes.

Then, of course, there are the black hat hackers, who solely infiltrate systems for malicious means.

Worrying Conclusions About Black Hat Hacking

Worldwide statistics collected for this study indicate that 41 percent of respondents either know or have known someone who took part in black hat hacking.

Worse still, 12 percent of people polled admitted they’d personally considered taking the approach. Perhaps that’s because the allure to do so is seemingly always there.

Overall, 22 percent of people reported being asked to perform black hat hacking.

Those kinds of opportunities most often presented themselves in the United Kingdom, with 21 percent of people there saying they were asked, and least likely to happen in the United States, where only eight percent of individuals got approached with such offers.

Possible Frustration From Workers at Mid-Sized Companies

Data from the study ordered by Malwarebytes showed that mid-sized organizations — those with 500-999 employees — are feeling the pinch of increasing security threats. The number of attacks they deal with is on the rise, but the number of employees on hand to deal with them and the available financial resources aren’t.

Some cybersecurity professionals ultimately decide it’s time to move on and find other organizations that devote more resources to keeping networks secure. Over 36 percent of people polled for Malwarebytes said they agree there is more earning potential in defending against cybercriminals as opposed to becoming one.

However, people could easily decide it’s worthwhile to do both, especially if trying to save extra cash before leaving an organization that doesn’t have adequate cybersecurity resources. If so, employees could put their workplaces at risk, especially if the black hat hacking exploits involve conflicts of interest or leaking confidential details to entities on the dark web.

Money May Not Be the Primary Motivator

The poll also highlighted how 49 percent of the professionals at mid-level companies suggested it’s possible to get into black hat hacking without getting caught. Plus, over 50 percent of global respondents from companies of all sizes said that the challenging aspect of the activity was a perceived reason to give black hat hacking a try.

So, if cybersecurity professionals don’t feel their employers adequately utilize their talents during their day jobs, they might look for excitement and engagement elsewhere.

Companies are also under threat if their current or former employees have grievances. Over 53 percent of the respondents in the United States who weighed in for the Malwarebytes survey identified employer retaliation as a reason to become black hat hackers.

A Common Perception of Gray Hat Hacking Activity

One surprising finding of the Malwarebytes study not related to black hat hacking was that people in the security industry suspect when their peers delve into the gray hat realm. It’s becoming more and more likely for people to think co-workers are hacking in this way.

The survey found that around the world, one out of 22 security professionals are perceived by their peers to act as gray hat hackers, and that perception is even more likely in the United Kingdom.

This perception could be another reason these specialists decide to diversify their earnings through unauthorized activities. If people think the majority of their coworkers are already working as gray hat hackers, they probably won’t hesitate to do the same.

Additionally, once people are already working as gray hat hackers, making the transition to black hat hacking isn’t as hard.

Cybersecurity Professionals May Not Stay Loyal to Their Employers

This study shows that when cybersecurity professionals want to do more challenging work, need to earn money on the side or perceive that illegal hacking is common among their colleagues, they’re more likely to do it.

Other reasons exist too, but companies that want to discourage it should focus on their employees by not spreading them too thin and otherwise tempting them to secretly share their talents elsewhere.

The post 12% of Security Professionals Have Considered ‘Black Hat’ Activity appeared first on IT SECURITY GURU.