CyberScout is the nation’s premier consultative provider of identity and data risk management, resolution and education services.

No matter which Washington you live in, you’re vulnerable

No matter which Washington you live in, you’re vulnerable
September 30, 2015

sh_identity theft_750

Residents in some states are more vulnerable to identity theft, according to a review of federal data by NerdWallet, a personal finance website. In 2014, there were 332,646 identity theft complaints in the United States, data from the Federal Trade Commission show. This figure includes complaints by consumers to the FTC, as well as reports received by federal and state law enforcement agencies, national consumer protection organizations, and nongovernmental organizations. The most common kind of identity theft is fraud involving government documents, such as Social Security cards, passports and driver’s licenses, and government benefits fraud. Other kinds of identity theft are credit card fraud, phone or utilities fraud, bank fraud and employment-related fraud. The five places with the highest rate of identity theft are: Florida; Washington; District of Columbia; Oregon; and Missouri. Source: NerdWallet

Come on, we’re all adults here

sh_porn_280Several of the world’s most popular pornographic websites were hit by cyber attacks in the past week, according to a blog post by the malware hunting software firm Malwarebytes. Sites infected with malicious code included Pornhub and YouPorn, both owned by the Luxembourg-based adult website conglomerate MindGeek. These two sites rack up a combined 800 million visits each month, the post states, citing data from analytics company SimilarWeb. Malvertising campaigns involve attackers pushing malicious ads through advertising networks, which then appear on sites that display those ads. In this case, the attack targeted the third-party ad network ExoClick. The attackers masked apparently innocuous code as banner ads. Source: Fortune

Trumping the issues

sh_Trump_280Travelers who visited one of Donald Trump’s Las Vegas hotels from May 19 through June 2 may have had their payment information stolen by hackers, the company that runs the properties said. It appears to be the first confirmation from Trump Hotel Collection that information taken in a breach at the international hotel chain—suspected to have taken place in New York, Chicago, Los Angeles, Honolulu, Las Vegas and Miami—is being used against customers. Banks previously detected a surge in fraudulent activity in July, sparking a flurry of media reports that Trump, the current frontrunner for the Republican presidential nomination, may have been targeted by point-of-sale hackers. Compromised financial information includes account numbers, card expiration dates and cardholder names. “We recommend that you review credit and debit card account statements as soon as possible in order to determine if there are any discrepancies or unusual activity listed,” the company said in a letter to customers. Trump Hotels also is offering customers a year of free credit monitoring. Source: International Business Times

Contract is a ray of sunshine

Raytheon said a new five-year contract it won from the Department of Homeland Security to help more than 100 civilian agencies manage their computer security could be worth $1 billion, a key win for the company. Raytheon said DHS selected it to be the prime contractor and systems integrator for the agency’s Network Security Deployment division, and its National Cybersecurity Protection System. Dave Wajsgras, president of Raytheon Intelligence, Information and Services, said the company had invested more than $3.5 billion in recent years to expand its cybersecurity capabilities. He said cybersecurity incidents had increased an average of 66 percent a year worldwide from 2009 to 2014. Source: Reuters

Intelligence official harrumphs at China deal

sh_U.S. china_280The top U.S. intelligence official is not optimistic that an agreement the United States struck with China will deter state-sponsored cyber attacks on business from the communist nation. President Obama and Chinese President Xi Jinping agreed not to conduct or knowingly support cyber theft of trade secrets or competitive business information. The White House said the agreement covers cyber theft where the intent is to provide a competitive advantage to a country’s companies or commercial sectors. At a Senate hearing, Armed Services Committee Chairman John McCain (R-Ariz.), asked Director of National Intelligence James Clapper if he was optimistic that the agreement would result in the elimination of such attacks from China. Clapper replied: “No.” Source: CBS News

We’re about more than just planes

Airbus Group’s Defense and Space will team with digital services provider Atos to develop products designed to counteract cyber attacks on companies and their supply chains. The partnership will address industries including banking and insurance as well as the public sector and the defense market, the companies said in a statement. “The security needs of organizations are skyrocketing and require the most innovative security solutions,” they said. Airbus has been seeking to build its presence in cybersecurity, establishing a technology and business innovation center in Silicon Valley. Source: Insurance Journal

Game on, and do you want a job?

sh_virtual world_280Cyber Security Challenge UK has unveiled a virtual world designed solely to find, test and recruit cyber talent. The challenge is backed by the Cabinet Office and more than 50 of the United Kingdom’s top public, private and academic organizations to promote cybersecurity as a career. Cyphinx, a 3D virtual skyscraper, is designed to act as a gateway to a host of cybersecurity games, competitions and recruitment opportunities. By combining always-on access to games and competitions that reflect the real-world skills cyber professionals use with learning materials and the chance to meet potential employers, Cyphinx is designed to become the U.K.’s hub of cyber talent recruitment opportunities. Cyphinx, hosted by Skyscape Cloud Services, has been developed in conjunction with the Serious Games Institute to look like a high-quality 3D console game. Candidates can create avatars, enter the Cyphinx skyscraper, interact with other candidates, and engage with potential employers, making it attractive for some of the biggest names in the industry to use as a tool for cybersecurity recruitment. Source: Computer Weekly

Your money AND your life

Cyber risk is seen as largely information technology specific, but an industry expert says that shortchanges cyber attacks on industrial control systems. Such systems are used throughout the mechanized infrastructures of electric power, water, chemicals, petroleum, pipelines, manufacturing, transportation and other industries that have transitioned from manual processes. Robots and other automation programs, or firmware, can be manipulated from outside the organization, sometimes with malicious intent. “Trying to control a process to operate at its optimal level—when that went from manual to automated is where cyber risk crept in,” Joe Weiss, managing partner, Applied Control Solutions said at the Business Insurance 2015 Cyber Risk Summit. “There is a disconnect between the ICS and IT security worlds,” he said. “ICS has incidents where there is no Internet or Windows involved. … IT can’t kill people; these systems can and have.” Source: Business Insurance

Telling it to the judge—again

sh_home depot_280Home Depot is once again asking a federal court to throw out a lawsuit filed by financial institutions over the home improvement giant’s 2014 data breach. The company told a federal court that’s overseeing litigation over the data breach that the banks are responsible for any losses they suffered related to the breach. “The banks are sophisticated financial institutions asking the court to shift to Home Depot expenses they allegedly incurred as a result of their commercial decisions following a criminal’s theft of data from Home Depot,” the company told the court. “This is even more remarkable considering that the banks seek to recover alleged fraud losses incurred by cardholders that could not have occurred were it not for the banks’ own lack of security measures, which resulted in information not stolen from Home Depot being made available to third party criminals.” For their part, the banks in August told the court that their lawsuit against Home Depot should go forward because they “suffered concrete injuries, traceable to Home Depot.” Source:

Another day, another health data breach

About 16,000 people are being notified of a major risk to their private health information following an email attack on a health services company. Information includes birth dates, Social Security numbers, insurance information, diagnoses, addresses and more. Patients of Oakland Family Services, a nonprofit human and health services organization out of Pontiac, Mich., are being alerted after a hacker broke into an employee’s email account on July 14. The intruder sent phishing emails to a number of the employee’s contacts, who also had access to private information such as names, client ID numbers, services dates, types of service provided, birth dates, telephone numbers, addresses, diagnoses, health plan ID numbers, insurance numbers and Social Security numbers. Source:



The post No matter which Washington you live in, you’re vulnerable appeared first on Third Certainty.

Offer 24/7 CyberScout Protection

CyberScout's partnership options help you safeguard the identity and privacy of your policyholders, customers, members and employees. Discover how a customized program can help build brand loyalty, customer retention, and quickly generate long-term recurring revenue.

Get Started