Tag Archives: wsj

1 Billion Data Records Stolen in 2014, WSJ

A nice summation of the Gemalto report regarding the data breaches in 2014.

Identity theft was by far the largest type of attack, with 54% of the breaches involving the theft of personal data, up from 23% in 2013.

Data records are defined as personally identifiable information such as email addresses, names, passwords, banking details, health information, and social security numbers.

via 1 Billion Data Records Stolen in 2014, Says Gemalto – Digits – WSJ.

Key points:

  1. 4% of the data breached was encrypted – demonstrating it’s effectiveness and it’s still lack of proper adoption
  2. 78% of breaches were from U.S. companies, followed by the U.K.

Lessons abound, and I am working on publishing a new piece on the evolution of these breaches, and how “we” have misinterpreted the utility of this data.

On a similar topic, please join me in pursuing to build leading habits for everyday user’s to minimize the impact of these breaches at – http://www.hownottobehacked.com my new research project.

Best,

James

Denial of Service Attack: S. Korea U.S. Cyberwar and Intelligence

There is a great deal of misinformation regarding the Denial of Service Attack that has been ongoing.  While many of the facts are not fully available the misinformation is plainly visible.

  • First off, a denial of services attack (ddos or dos) can be launched from anywhere in the world.
  • Secondly, such an attack is typically done using computers that have been infected by malware – unbeknown to the user / owner.
  • Thirdly, such attacks can be coordinated through multiple locations – the end result, no abosolute clear view as to the originator of the crime.

The Wall Street Journal Article, New Web Attacks Hit Some South Korean Sites, today blended two stories together.  That of the cyberattack that is present and loose ties to how N. Korea is having leadership changes and is more aggressive militarily (a weak correlation to be sure).  Another news story at The Hankyoreh paper (link is in English and available in Korean) states that 26,000 computers in South Korea were executing the DDoS attack.  They provide an interesting perspective on how this attack differs from others.  It is inaccurate however for them to be physically examining a computer (as shown in the picture included in the article) and it’s chips to determine the cause of the attack – it is malware (MyDoom, Conflicker, etc…)

Additional Articles with information on this denial of services attack:

The security industry has been stating the danger of allowing such malware to infect systems, and the result is now evident.  This attack is only orchestrating an attack with 26,000 computers.  The University of California Researchers had control of over 182,914 hosts – nearly 7 TIMES more systems, and this one attack that is ongoing is from one particular geographic location.

A note of caution, attacks such as this create a lot of noise.  Such noise can be used to conceal elicit activities of criminals.  In the security and audit world we expect and have in place technology to trigger alerts and initiate security protocols when such events occur.  If the number of events however exhaust the resources, then prioritization begins to play a part.  Businesses, and governments, must consider these conditions and risks when responding to such situations.

Situations such as these should evoke thought and action, but not necessarily motion – as Benjamin Franklin states quite eloquently, “Never confuse motion with action”.  It would be ill advised for governments to erect vast regulatory bodies / Czars / Committee reviews of this situation – the cause and solution are known, just precise action and response is required.

Contrary Thoughts / Insights into the actual originators?

James DeLuccia IV

My profile on LinkedIN

I will be speaking at RSA 2009 Europe, please register and join the discussion on the future of data security and privacy (links coming soon)