Earlier this month, it was reported that the personnel records of 4 million federal employees had been compromised in a cyber attack on the Office of Personnel Management (OPM).  OPM is the US Government's HR department. As events unfold, it now appears that this breach was much worse than first reported.  The Washington Times is reporting that the breach may involve records of 32 million Americans. Office of Personnel Management Called Before Congress   All indications are that the attack was done by the same Chinese team that stole records from Anthem, the health insurance company, and that this attack [...]

2017-01-07T17:35:10+00:00June 25th, 2015|Cybersecurity - General, SP Guard, spear phishing|

President – Cyber Will Get Worse

Last week it was revealed the about 4 million former and current federal employees were impacted by a data breach at the Office of Personnel Management. Yesterday morning at a press conference in Germany, the President said, "We have known for a long time that there are significant vulnerabilities, and that these vulnerabilities are going to accelerate as time goes by, both in systems within government and within the private sector." As if acting on cue, a few hours after the President's prediction that things would get worse, things got worse. Brig. Gen. Malcolm B. Frost, U.S. Army, announced that the Army's official [...]

2017-01-07T17:35:10+00:00June 9th, 2015|Cybersecurity - General, SP Guard, spear phishing|

RSA 2015 – Lessons from 1919 – Repost

We attended the RSA Conference in San Francisco this week.  There are two giant convention halls filled with latest in information security.  In addition to the in-booth presentations, there are continuous presentations and panels discussing security.  Jeh Johnson, the Secretary of the Department of Homeland Security, was a keynote speaker. Yet, in this sea of the new, the most interesting thing was something patented almost a century ago. In the NSA’s booth (yes, that NSA) was this: A wooden box about the size of a toaster oven — an Enigma machine.  The Enigma machine was patented in 1919.  The Germans [...]

2017-01-07T17:35:10+00:00June 8th, 2015|Cybersecurity - General, SP Guard, spear phishing|

4 Million Fed Employees Compromised – Office of Personnel Management

The personnel records of about 4 million current and former federal employees were compromised in a cyberattack on the Office of Personnel Management. This attack is being attributed to China.   Citing iSight Partners, the Washington Post attributes the attack to the group that compromised Anthem. This group uses spearphishing, highly targeted deceptive emails, to deceive people into compromising their systems. Deception takes place in the mind of the person who is being attacked. Users will decide which emails to trust. That decision can be guesswork or it can be guided by IT using SP Guard.

2017-01-07T17:35:10+00:00June 8th, 2015|Cybersecurity - General, SP Guard, spear phishing|