Posts Tagged ‘security’

« Older Entries
Newer Entries »

Anonymous is back with a bang! This time they breach Stratfor Inc.

January 9th, 2012
Credit card

Stratfor Inc hacked and credit card data stolen

Anonymous has always been in the news for data hacking and just when we were wondering what they were up to, they are here! This time they have been successful in breaching data of the security Think-Tank Strategic Forecating  Inc, based out of Austin.

The details

The group managed to hack into  Stratfor’s web site and get data  about the company’s corporate subscribers. This resulted in the website being closed down temporarily. Anonymous was proud to announce that they stole passwords, credit card details, and home addresses of about 4,000 people on Stratfor’s private client list. Their plan was to use the credit card information to make fraudulent donations to charities. The hackers described the data on Pastebin, then provided several links to websites hosting the information. According to them some 50,000 of the e-mail addresses released end in “.mil” or “.gov.”

Strangely enough, some representatives of the Anonymous group denied complete responsibility of the attacks.  According to an Anonymous spokesman  “it does not attack media sources.” The organization has been known for its hacks on Sony’s PlayStation services, the Church of Scientology, as well as companies, banks, and organizations  that supported WikiLeaks.

What business is  Stratfor into?

The company offers its clients like the U.S. Air Force, the Miami Police Department, and Apple, high-quality economic, political, and even military analysis to clients, delivered daily via email, video, and the Web.

After the hack

Stratfor is offering a free one-year subscription to an identity protection service to those affected. Stratfor’s CEO, George Friedman confirmed on the company’s Facebook page on Monday that the hack disclosed the names of some corporate subscribers along with personal and credit card data.

Barrett Brown, spokesman for Anonymous said “This wealth of data includes correspondence with untold thousands of contacts who have spoken to Stratfor’s employees off the record over more than a decade,”. “Many of those contacts work for major corporations within the intelligence and military contracting sectors, government agencies and other institutions.”

Stratfor’s chief George Friedman’s statement

“While addressing matters related to the breach of Stratfor’s data systems, the company has been made aware of false and misleading communications that have circulated within recent days,” said Friedman. “Specifically, there is a fraudulent email that appears to come from George.Friedman[@]Stratfor.com.”

High profile attacks are making the rounds and security agencies are scrambling to get the security policies of such companies in place. Stratfor’s website is under repair as of today and will take some time before it gets back in shape.

Alertsec equips firms with encryption software

Alertsec is here to take care of our security issues especially for anyone working with PCs. Alertsec Xpress is the service that automatically protects ALL information you store on your PC. The fact that we now buy more laptops than desktops shows that the information we all store is increasingly more vulnerable to be exposed. It is a much higher risk to lose a laptop than a desktop computer.

Encryption is the only secure method for complete protection of data stored on your hard disk. Today laptops are overtaking desktop PCs as the major source of computing and media storage, laptops frequently store an organization’s most valuable information. Thus laptop encryption is becoming more and more important.

Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users.

Enhanced by Zemanta

No comments »

Posted in Computer security, Data Protection, Hackers, Identity and Information loss, computer security software, data breach, data encryption, identity theft

Tags:

ICO wants to maintain location privacy so that data is not misused

December 13th, 2011

Most of our posts have been concentrating on data breach and laptop theft. This one talks in particular about strengthening data security laws which is the need of the hour, especially for private firms.

The recently held conference called ‘A fine balance 2011: location and cyber privacy in the digital age’ focused on maintaining data privacy just when smart phones, credit cards and other devices are tracking user locations.

Here is what Jonathan Bamford, the head of strategic liaison from the Information Commissioner’s Office (ICO), had to say”"We need to inspire public trust into the way information is issued. What do we do as a regulatory option?” “There is no doubt that human activities have a geographic component and some may be more sensitive than others. Your phone is with you all the time so anything that relates to a smartphone can be very powerful in terms of how I live my life.”

It si very important to manage location data carefully, especially those who develop operating systems and applications. Bamford further adds”"People who develop applications have a series of obligations as do those who create the operating systems. Everybody has a role to play.” “If location data is obtained how long do you retain it for? You can build up a picture of how I live my life if you retain it too long.”

Bamford also explained ICO’s role in data security, especially in terms of audit inspections of govt organizations. Currently the general public is under the impression that the information that they fill up on any website is completely secure. They need to carry this impression for long hence data security is of utmost importance. The people also need to know exactly what is being done about their data and where it is sent. This is where location based services come in. All advertisers want your zip code. A zip code allows a advertiser/provider to get more insight into your life. Companies are getting closer to you with technologies like iPhone.

It is time that the ICO keeps a tab over private sector as well. These private companies are using location based services and getting private data of customers. There is a very high chance of this data getting misused. Currently the ICO can only monitor govt bodies. Companies like Facebook, Google and Groupon are a potential threat to privacy. To add oil to the fire, the development of IPv6 networks could be even more threatening as it will be able to access more private data.

According to Richard Hollis, US group of Info systems audit and control association “As we match the physical world to the virtual world, by placing items such as fridges or even your car keys on the internet, firms could have even more access to your data, your location and your life”.

Use Alertsec
Organisations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.
Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Use Alertsec
Organisations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.
Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption

ICO

ICO wants to inspect private firms for data security issues

.

Enhanced by Zemanta

No comments »

Posted in Computer security, Lawsuits and settlements, computer security software, data breach

Tags:

Former Middletown School contractor accused of Laptop theft

December 5th, 2011

Not one or two but 400 laptops missing! A recent case of laptop theft saw 400 laptops being stolen from Middletown schools by a former contractor. A Butler County grand jury is currently reviewing the charges. If convicted, he faces 5 years prison time.

According to the Middletown police Larry A. Osborne Jr., 29,has been charged with third-degree felony theft on Nov. 9 in Middletown Municipal Court. He is accused of stealing computers since 2008. Osborne, a computer technician, was a former contractor of the Butler County Educational Service Center. The approximate value of the 400 laptops is $123,000. Osborne used to sell these computers on ebay.  He sold around 350 computers to a man in PA who had no clue that these computers were stolen property. The PA man has not been charged. The machines were either used ones or non-working.

Desk full of laptop computers

Former school contractor stole 400 laptops

The first theft was reported on Nov. 8 where eight Apple laptop computers were stolen from the district’s warehouse, 110 Baltimore St.

So far the department has recovered 46 of the 400 laptops. According to Lt. Scott Reeve. “The investigation is pretty much done. We’ve recovered all we’re going to recover,”. He further added that the thefts were discovered when the owner of 1 Stop Shipping Shop on Vail Avenue became suspicious about the no of computers Osborne was shipping.  18 laptops were recovered from 1 Stop Shipping Shop and 28 from Hallstead, PA. Lt. Reeve added “He wasn’t just taking them from one location,”. “He was taking them from multiple locations. I think that is part of the reason he got away with it for so long. He is an information technology guy and it’s not unusual to see him walking around with a computers in his hands, and they weren’t all being stolen from one location. He was spreading out the thefts at various schools throughout the district.”
Apparently Osborne was a full time IT worker with the district and lost his job a month ago when the theft came to light.

The modus operandi was that Osborne stole laptops that were left unattended while making service calls. Inspite of the fact that the district conducts general audits of its systems on an annual basis, the laptops were stole. The reason being Osborne was the employee in charge of  this district.The district is revamping its security policy to make sure such thefts do not take place in the future.

Alertsec and data encryption go hand in hand

Information has become highly mobile. There are netbooks, laptops, iphones and blackberries. You leave any of these unattended and the next thing you know is that they are stolen!

To lose any of the above device means losing valuable information! Especially when this information includes not only your personal data but that of hundreds and thousands of people.

Encryption is the best security solution to data breaches and laptop thefts. Alertsec helps you keep your info secure.

No comments »

Posted in Computer security, Identity and Information loss, Lawsuits and settlements, computer security software, identity theft, laptop encryption, laptop theft

Tags:

The case of 50 stolen laptops from Massabesic High School in Waterboro

November 24th, 2011

Looks like stealing laptops from school is very easy. Every other day we are hearing news about missing laptops and that too from schools. Time to tighten school security policies!

The case of the missing laptops and their recovery

The York County Sheriff’s Department has succeeded in recovering 50 Apple laptop computers that were stolen from Massabesic High School this week. Where exactly were they found is not revealed as yet, only that it was a good distance away from the school.

According to Sheriff Maurice Ouellette the laptops are in good condition and had been placed inside two, large plastic tubs with covers on them at the time of recovery.

“This was stuff that kids used to study with … That’s something I take personally,” Ouellette said.

How did the thieves manage to steal these computers?

It appears that the thief or thieves pried open a window to gain entrance to the school. The thieves entered the East Building of the school and did away with the computers and a projector.

“I’ve been working for this school district for a number of years and this is certainly the largest theft of any equipment that i’ve ever experienced or that i know of”, said RSU 57 Technology Director Bob Stackpole

School staff and students were interviewed in detail by the police in hope of getting clues about the theft.

A TV viewer caught this piece of news item on TV and got in touch with the authorities. The total value of the computers was around $60,000.

To catch the thief

Authorities have requested anyone with info about the thieves to get in touch with them. “We’re certainly interested in that, how that took place and at the end of the day we take a look at what transpired, how it transpired, who would have access and who would know, things to that nature”,said Sheriff Maurice Ouellette. The laptops were white in color and had identifying stickers. Currently the laptops are with the police. As soon as the investigation is over, they will be returned to the school.

Alertsec equips firms with encryption software

Alertsec is here to take care of our security issues especially for anyone working with PCs. Al

Desktop computer

Stolen Laptops from Massabesic School recovered

Aertsec Xpress is the service that automatically protects ALL information you store on your PC. The fact that we now buy more laptops than desktops shows that the information we all store is increasingly more vulnerable to be exposed. It is a much higher risk to lose a laptop than a desktop computer.

Encryption is the only secure method for complete protection of data stored on your hard disk. Today laptops are overtaking desktop PCs as the major source of computing and media storage, laptops frequently store an organization’s most valuable information. Thus laptop encryption is becoming more and more important.

Alertsec Xpress offers full disk encryption and is therefore superior to other encryption methods when comparing security, performance, robustness and ease-of-use for both administrators and users.

Enhanced by Zemanta

No comments »

Posted in Identity and Information loss, identity theft, laptop encryption, laptop theft

Tags:

Mitsubishi Nuclear and Warplane data compromised

October 31st, 2011

Hackers don’t just hack small accounts like Hospital data or Software data. They get into big stuff like military and warplane data too!

According to Japanese Defense Ministry hackers have most probably accessed sensitive data relating to military aircraft, missiles, and nuclear power plant designs and safety systems.

The news in detail

Mitsubishi Heavy–Japan’s largest defense contractor is best known in America for manufacturing the surface-to-air Patriot missile.–In August it found out that multiple computers were infected with a Trojan application. Further investigation showed that the information had been sent outside the company’s computer network, clearly indicating an outsider’s involvement.

The computers were located in 11 different places. Some were placed in sensitive areas like the Kobe and Nagasaki shipyards that are into submarines and destroyers constructions. A few others were located at the Nagoya facility that manufactures guided missile systems. The nuclear data that was stolen included anti-quake measures.

Mitsubishi Heavy Industries was reluctant to share this info at first. It kept the Japanese authorities in dark stating that its military information was safe and that all security measures were followed. Initially the company said that the attackers were caught early on but later contradicted their own statement saying that data had been compromised.

Statement issued by the company

“The company recently confirmed unintended transferring of some information on the company’s products and technologies between servers within the company,” said Mitsubishi Heavy in a statement. “Based on the finding, the company investigated the incident further and recognized the possibility of some data leakage from the server in question.”

Other recent military data breaches

Lockheed Martin, which manufactures the F-22 Raptor and F-35 Lightning II fighter aircraft, was a victim of military data theft recently. The Lockheed hack was done by using information stolen earlier from RSA Security. RSA is the branch of EMC that produces the SecurID two-factor authentication token used by thousands of contractors and corporations to secure their networks.

What are the Tokyo Police doing about it?

Mitsubishi Heavy has given a complaint to the Tokyo Metropolitan Police Department with details about damage done to its computer system in late September. The police are looking into computer records to find out the source of the data.

Protect your confidential data with Alertsec

Alertsec Xpress offers a customizable data encryption software solution from Checkpoint, the industry leader in encryption software (former Pointsec). Alertsec has come up with a web based encryption service that helps in deployment and management of PC encryption.

The need of a Data encryption software and recovery software is felt by big and small companies in today’s vulnerable data world. The threat could have simply been reduced to an insurance matter by a mere investment of $13/month. Certainly a small price to pay compared to what can happen if you lose confidential or sensitive data. Alertsec Xpress offers a very good and easy-to-use laptop security service that includes more than the traditional software licensing model.

No comments »

Posted in Computer security, Data Protection, Hackers, Identity and Information loss, data breach, data encryption, identity theft

Tags: