A key factor in minimizing the risk of a breach when working with business associates is to provide these partners with the minimum amount of information they need to perform their services, says security expert Brian Lapidus.
Characterizing LulzSec as cyberterrorists, department officials confirmed that LulzSec appeared to have gained access to the e-mail accounts of at least seven department employees, with the pilfered information posted online by the group.
Leigh Williams says preventing online data breaches requires cooperation within the online ecosystem from domestic and international organizations. Spearheading and maintaining that cooperation requires federal oversight, he contends.
SafeNet CEO Chris Fedde says top executives, not chief information or chief information security officers, should have final say on what data to encrypt.
The announcement of LulzSec's disbandment comes within a week of the arrest of Ryan Leary,on charges of hacking a British law enforcement system. LulzSec in a posting said Leary had ties to the group.
"It's not enough to know the architecture of the breach system," says Michael Aisenberg of MITRE Corp. "Leaders have to understand the different jurisdiction of where they do business, where their customers are and which breach law applies."
Authorities charged Ryan Cleary with distributed denial of service attacks on a British law enforcement agency that LulzSec claimed it hacked on Monday. Police also charged the suspect with attacks claimed by the group Anonymous against two music industry sites last fall.
Sen. Robert Menendez says regulators should have the power to compel banks to toughen IT security and offer timely customer notification of a breach. But if they don't, the Banking Committee member says in an interview, they should come to Congress to get that authority.
The arrest followed an investigation into network intrusions and distributed denial of service attacks against a number of international business and intelligence agencies by what is believed to be the same hacking group.
The video gaming company Sega says it brought down its online Sega Pass gaming because of unauthorized entry of its database, in which hackers obtained some members' e-mail addresses and encrypted passwords.
Not all shootings, fires and accidents are of equal import, regardless of the dramatic visuals they may produce. The same can be said about information security breaches.
Recent hacks have uncovered security vulnerabilities that should have been addressed years ago. "These attacks are going to escalate," says Josh Corman of The 451 Group. But organizations can implement basic steps to make the hackers' job harder.
Senate Sergeant at Arms confirms the attack occurred over the weekend and has ordered a review of all Senate computer sites. Hackers' cryptic message suggests they don't like military's intent to use force to combat cyberattacks.
Who's behind the International Monetary Fund breach? Some observers suggest the attack could have been waged by a government to access confidential information about the financial stability of certain global markets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
