"The lack of individual accountability over user accounts provides ample opportunities to conceal malicious activity such as theft or misuse of veteran data," VA Assistant Inspector General Belinda Finn says.
Some 200 people have reported fraudulent debit and credit transactions hitting their accounts after dining at Margarita's Mexican Restaurant in Texas. Investigators believe a third-party vendor may have been hacked.
The arrest is part of a continuing investigation into network intrusions and distributed denial of service attacks against a number of international business and intelligence agencies by what is believed to be the same hacking group.
It's the new conventional wisdom: all computer networks will be attacked.
For Phyllis Schneck, that means organizations must be resilient, keeping computers functioning even when they're under assault.
It is no longer enough for information security professionals to secure critical information. They also need to be asking about the legitimacy of where this information comes from, says John Colley, managing director of (ISC)2 in EMEA.
You don't need to agree with assailants' motivation, most of us don't. But you must understand what's behind their action to help defend against their intrusions.
A new concept called Privacy by Redesign, by Dr. Ann Cavoukian, Privacy Commissioner of Ontario, Canada, looks to bring privacy into systems that are already developed.
The U.S. government wants to move many services online, but the inability to authenticate customers and develop Trusted Identities has kept agencies from making the transition. This is a problem that could soon be resolved, says Mike Ozburn, principal of Booz Allen Hamilton.
"These are projects that were already...
The FBI said the suspects hacked the website of payment service PayPal, an intrusion claimed by Anonymous for halting payments to WikiLeaks, which had leaked some quarter-million diplomatic cables.
Social media, mobility and cloud computing are new areas of risk for organizations, and risk managers need to go back to the fundamentals of understanding the information they are protecting, says Robert Stroud, ISACA's international vice president.
Disciplining IT and IT security managers following a breach of their systems rarely happens, and perhaps there's a good reason they shouldn't be punished.
Booz Allen didn't specifically address what was breached, but the hacking group Anonymous says it pilfered a list of some 90,000 military e-mails address from the company's computers..
"We infiltrated a server on their network that basically had no security measures in place," according to the posting of the hacking group. "We were able to run our own application, which turned out to be a shell and began plundering some booty."
Minnesota has seen an increase in malicious traffic since the state government shut down a week ago, but state CISO Chris Buse says sophisticated intrusion-detection systems and an alert skeleton staff have prevented any harm from being done, at least to the part of state government IT controlled by the Office of...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.