Posts Tagged ‘cybercrime’

Iowa Land Records Association Posts SSNs…Including The Governor’s…On Their Internet Site

Wednesday, September 3rd, 2008

Okay, here’s another example of a ridiculously dumb privacy breach that occurred, in Iowa this time, through a government agency posting information on the Internet…

(more…)

5 Easy Things To Do for Global Security Week, September 8 – 12

Tuesday, September 2nd, 2008

Next week is Global Security Week!
Do you have anything planned for your organization to help raise the awareness of all types of security issues?
Here are a few ideas I wanted to pass along to you…

(more…)

Many, Many Methods Of Cyberattacks

Tuesday, August 19th, 2008

Yesterday CNN ran an interesting story, “U.S. at risk of cyberattacks, experts say.”
For those of you in the information security biz this is not new news, I know. We’ve known and discussed the massive and insidious types of damage that could be done through cyber attacks for several years. However, there is still not enough being done.

(more…)

“Cyber Security in the Three Times: Past, Present, & Future”

Monday, July 21st, 2008

Here is a very interesting-looking online seminar…FREE…looks worth checking out…

(more…)

Man Pleads Guilty To Loading Keylogger Software On Public Computers Worldwide To Collect PII and Commit Fraud

Monday, January 14th, 2008

Here’s another good example of an actual cybercrime that was allowed to occur because poor of safeguards on computers provided for public use.
On January 9, 2008, Mario Simbaqueba Bonilla plead guilty to installing keylogger software on hotel business center and Internet cafe computers located in hotels throughout the world that allowed him to access the bank and other financial accounts of over 600 individuals.

(more…)

Insider Threat Example: Programmer Sentenced To 30 Months In Jail And $81,200 Fine

Sunday, January 13th, 2008

Here’s a case I blogged about amost exactly a year ago, but it is worth revisiting since the sentencing for the crime was just handed down and it was significant. If you haven’t already, put this in your file of actual examples to incorporate into your information security and privacy awareness and training activities and content.
On January 8 a federal court in Newark, New Jersey, sentenced Yung-Hsun “Andy” Lin, a former systems administrator for Medco Health Solutions Inc., to 30 months in prison for transmitting computer code intended to wipe out data stored on Medco’s network; composed of more than 70 servers.

(more…)

Insider Threat Lessons: Posting Threats And Personnel PII On The Internet Establishes Federal Jurisdiction

Monday, November 5th, 2007

Here’s another insider threat example to know and to discuss with your legal counsel and HR folks. It highlights the need for information security and privacy policies, shows how information security and privacy must work with multiple areas on an ongoing basis, and demonstrates the sanctions that can be brought against those who break them.

(more…)

Insider Threat Lessons: Posting Threats And Personnel PII On The Internet Establishes Federal Jurisdiction

Monday, November 5th, 2007

Here’s another insider threat example to know and to discuss with your legal counsel and HR folks. It highlights the need for information security and privacy policies, shows how information security and privacy must work with multiple areas on an ongoing basis, and demonstrates the sanctions that can be brought against those who break them.

(more…)

Data Will Always Be Less Safe In The Future…I Don’t Want To Get Gussied Up To Talk On The Phone

Wednesday, October 17th, 2007

I have a blog problem…there are way too many things I want to blog about and not enough hours in the day to do it! Throughout each day I note news items from the TV, or website news articles, or research, or reports, or just observations while at businesses or in public, and I only have a chance to blog about a small fraction of them. Today I think I’ll just briefly mention five of the topics I’ve planned to blog about, along with a brief note about each, and then maybe I’ll be able to revisit them sometime in the near future and discuss them at greater length.

(more…)

New FTC Report Provides Organizations Good Guidance For Protecting PII

Tuesday, September 18th, 2007

Today the U.S. Federal Trade Commission (FTC) released a report, “Combating Identity Theft: Implementing a Coordinated Plan.”

(more…)