Houston Astros hacked, trade conversations posted online

The Houston Astros have been hacked.

The incident affects more than just the Texas baseball squad because information pilfered in the breach – and posted publicly online – relates to private conversations the team had with several other major league ball clubs.

Officials with the Astros were alerted last month that an unauthorized party, or parties, obtained information stored on its servers and in its applications, according to a statement emailed to SCMagazine.com on Tuesday.

Team officials quickly alerted MLB security and, since then, an investigation aided by the FBI is ongoing, according to the statement, which adds that the Astros organization plans to prosecute those involved to the fullest extent.

“While it does appear that some of the content released was based on trade conversations, a portion of the material was embellished or completely fabricated,” the statement said.

Some of the ball clubs the Houston Astros were corresponding with include the New York Mets and the Miami Marlins, according to two postings on anonymous data sharing website Anonbin, which reveal talks dating back to June 2013.

Jeff Luhnow, general manager of the Houston Astros, held sessions with reporters on Monday and said that the organization is working to upgrade its security to prevent a similar incident from occurring, according to a transcript posted by the Houston Chronicle.

Luhnow, who thought that security was sufficient prior to the breach, said he does not believe the Astros were targeted specifically, but added that he is not exactly sure of the motives behind the attack, according to the transcript.

“It’s a reflection of the age we living in,” Luhnow was reported as saying. “People are always trying to steal information, get information, whether it’s legally or illegally, and in this case it was illegally obtained and it’s unfortunate.”

Mike Lloyd, CTO of RedSeal Networks, said he could not agree more with Luhnow. Lloyd told SCMagazine.com in a Tuesday email correspondence that this kind of illegal activity is further encouraged by how relatively easy it is to execute.

“Attackers are finding [that] complex defenses are badly deployed, badly coordinated, and easy to walk through,” Lloyd said. “All the attacker needs is persistence, and the search for a forgotten, unlocked “side door” into the business can be largely automated.”

To recover from this incident, the Astros should not only shore up the security of their infrastructure, but also improve the logging and tracking of users who access sensitive data, Jean Taggert, security researcher with Malwarebytes, told SCMagazine.com in a Tuesday email correspondence.

“I’m not surprised at all,” Taggert said. “Baseball is a highly competitive game, and the kind of insight you could garner from these private sabermetrics would not only help in trade negotiations, it would allow you to frustrate the future trade prospects of the Astros.”

For more info on Security Event Management Solutions (SIEM): www.eFOURlearning.com

First reported in SC Magazine by Adam Greenberg

Advertisements

ABL Shows TechNet Best DIACAP Validator Course

Just found this while “surfing”!   Our Teaming Partner; Advanced Business Learning (ABL)….

Content Source: AFCEA Website

Validator course DIACAP training at TechNet Augusta Show

The overall theme of TechNet Augusta 2013 is “Modernizing for Network 2020 and Beyond:  Empower, Connect, Dominate!”  The overall focus is on Army ground forces, including Joint component interface, other Department of Defense Organizations, Inter-Agency, Industry, and Academia.  Presentations, panels, and track sessions will highlight empowerment of Soldiers on the battlefield through training, different methodologies for connecting through enhanced technology, and command and control functions to enable the U.S. Armed Forces to dominate the battlefield.  Government, industry, and academia speakers will address a broad range of topics and focus on the importance of the network, security issues, and training to enable operational forces to modernize and be ready to meet emerging challenges in 2020 and beyond.


BECOME a DIACAP Certified Validator

Validator DIACAP 201 – VA Reimbursement Approved

(view TechNet booths and Advanced Business Learning) to learn about the benefits and job security that DIACAP Validators enjoy. Students get the skills required to build accreditation packages with the confidence their system will received the critical ATO (Authority to Operate) in a DoD environment.

Courses are 5 Days of both Instructor Led classroom and instructor monitors real gear labs.

All instruction by SENTEK Global, a Top Gun quality training and assessment organization.

The cost is less than most and the skills learned are better than most.

Learn more by visiting: www.eFOURlearning.com

NEW CAPABILITIES VIDEO

If a picture is worth a 1,000 words, then this video is priceless…   Take a moment to view our newest capabilities video keeping in mind it is focused on the DoD although we do work with commercial/enterprise customers as well.

GOTO:  http://efourlearning.wistia.com/medias/r12usu1k2l

For more information, contact us at: www.eFourlearning.com

War Games: Navy researching a Google Glass of its own

Fox news: Allison Barrie discusses a head-worn display that will superimpose computer-generated information onto a sailor’s view of the real world.

To watch entire video, GOTO: http://video.foxnews.com/v/3335982236001/war-games-navy-researching-a-google-glass-of-its-own/#sp=show-clips

For more information about Adult Learning and performance contact: www.eFOURLEARNING.com

 

ID breach may cost MCCCD $14 million

(Here’s what happens when you think it can’t happen to you…!  Remember, there are three kinds of networks: 1. One’s that have been hacked and don’t know it, 2. One’s that have been hacked and know it, 3. One’s that will be hacked…)

A massive data breach at Maricopa Community Colleges was a result of staff errors in the information technology department, and the estimated cost of fixing the problem and aiding victims could rise as high as $14 million.

An official with the Maricopa County Community College District said an outside consultant had determined that the April data breach, in which personal information of current and former students and employees may have been exposed, was due to substandard performance of IT workers.

“When Maricopa investigated the system, we found vulnerabilities that resulted from employee conduct that did not meet Maricopa’s standards and expectations,” college district spokesman Tom Gariepy said.

Gariepy said this week that no arrests have been made and that there is no evidence any data were seen or stolen. He would not identify the workers responsible or say how many IT employees are facing disciplinary action, adding that the outcome will eventually be made public.

The breach was revealed on April 29, when the FBI told district officials it had found a website advertising personal information from the community colleges for sale.

The district hired an independent consultant to review the situation and announced last week that it was notifying 2.4 million people that their personal data, including Social Security numbers and banking details, may have been seen.

The district governing board has approved spending up to $9.1 million for a consultancy firm to conduct a computer forensic analysis, inform people whose personal data may have been revealed, staff a call center and provide a year’s credit monitoring for potential victims.

And, on Tuesday, the board is scheduled to vote on approving an additional $600,000, taking the total close to $10 million authorized toward rectifying the problem. That is on top of more than $4 million authorized earlier this year to secure the system itself.

The district, which has an annual budget of $1.7 billion, has not addressed how to pay for the costs. Gariepy said he did not know whether they could be covered by insurance.

The district did not disclose the problem publicly until late last month. Gariepy said that although the district was notified in April about the problem, the extent was unknown for several months.

“People think we knew on April 29 that all of these millions of files were exposed, and we didn’t know that,” he said. “We knew hardly anything except that we had a problem, and we had to find out what it was.”

The district’s website was down for several days and was restored in stages.

Gariepy said it took months for the consultant and the district to assess the situation, find out which files were affected and find correct addresses for the millions who were affected.

They include current employees and students, as well as those going back at least several years, including people who took non-credit courses and high-school students who were dual-enrolled in community- college classes.

Gariepy said letters are being mailed in stages to those potentially affected. All the letters should be sent by mid-December.

On Friday, he said the district has already received hundreds of phone calls from people, most of whom asked whether the letters they have received about the issue were authentic.

“If you got a letter from us, it’s not a scam, and it’s not a sales letter from someone who wants to sell you something,” he said.

Work on the technology system, which had been described as outdated, continues.

In February, as the governing board was deliberating whether to ask for its second tuition and property-tax increase in three years, the members heard a report on problems with the system.

John Webster, interim vice chancellor for IT services, told the board that his department was badly understaffed and that employees needed additional training. He said some software was so old that the vendor no longer supported it.

The tuition and property tax increases were approved in the spring, with upgraded technology part of the plan for the money.

For more information about IT and CYBERSECURITY training, contact eFOUR Learning today:  www.eFOURlearning.com

Originally published: By Mary Beth Faller The Republic | azcentral.com Fri Dec 6, 2013 10:26 PM

7 Cybersecurity Risks for 2014

With each new year, comes a new round of cybersecurity risks.

To help businesses best prepare for the year ahead, risk mitigation and response solutions firm Kroll has identified seven trends that indicate a changing tide in cyber standards. These changes will require organizations to take stronger actions and safeguards to protect against reputational, financial and legal risks.

“Most organizations have invested in preventative security technologies, but remain unprepared to launch an effective response to a leak or intrusion,” said Tim Ryan, a Kroll managing director and Cyber Investigations practice leader. “Without the right tools and policies in place beforehand, they find themselves suddenly under intense pressure to investigate, track and analyze events.”

Kroll predicts that the new cybersecurity issues for 2014 will include:

National Institute of Standards and Technology (NIST) and similar security frameworks will become the de facto standards of best practices for all companies: Cybersecurity strategies largely designed for companies that were part of the “critical infrastructure” will become more of an expectation for everyone, from conducting an effective risk assessment to implementing sound cybersecurity practices and platforms. Organizations that don’t follow suit may find themselves subject to shareholder lawsuits, actions by regulators and other legal repercussions.

Alan Brill, senior managing director at Kroll, said this trend will move the United States in the direction of the EU, where there is a greater recognition of privacy as a right.

“As new laws evolve that reflect the NIST guidelines and look more like the EU privacy directive, some U.S. companies will find themselves ill-prepared to effectively respond to the regulations,” Brill said. “To minimize their risk, organizations will have to get smart on these standards and make strategic business decisions that give clients and customers confidence that their information is protected.”

The data supply chain will pose continuing challenges to even the most sophisticated enterprises: It is not unusual for companies to store or process the data they collect by using third parties. However, the security that these third parties use to safeguard their client’s data is frequently not understood by businesses that hire them until there is a breach. Companies will need to vet their subcontractors closely and get specific as to the technical and legal roles and responsibilities of these subcontractors in the event of a breach.

“Companies should know who they are giving their data to and how it is being protected,” Ryan said. “This requires technical, procedural and legal reviews.”

The malicious insider remains a serious threat, but will become more visible: Whether it was Shakespeare’s Caesar or America’s Benedict Arnold, people have long known the pain of betrayal by those they trust. Information technology simply made the betrayer’s job easier. In 2014, a significant number — if not almost half — of data breaches will come at the hands of people on the inside. However, as the federal government and individual states add muscle to privacy breach notification laws and enforcement regimes, these hidden insider attacks will become more widely known.

Ryan said the insider threat, which often goes unreported, is insidious and complex.

“Thwarting it requires collaboration by general counsel, information security and human resources,” he said. “SEC breach disclosure of ‘material losses’ may be the model for rules requiring a company to be more transparent and answerable for allowing bad actors to go unpunished.”

Corporate board audit committees will take a greater interest in cybersecurity risks and the organization’s plans for addressing them: With more and more data breaches — from theft of trade secrets to loss of customer information — in the headlines, corporate audit committees are beginning to focus on the connection between cybersecurity and an organization’s financial well-being. As such, these committees will expand their attention beyond the financial audit process to also include the organization’s strategic plans for protecting non-public information. They will also look at risk-mitigation plans for responding to a possible breach.

“As corporate boards carry out their fiduciary responsibilities, they must also protect the company from possible shareholder lawsuits that allege the company’s cybersecurity wasn’t at a level that could be reasonably viewed to be ‘commercially reasonable’ and that incident response plans weren’t in place to mitigate the risk,” Brill said. “The challenge they face is determining what is a reasonable level of security and response, and who should make that call. Is it their IT team, an industry expert, an independent third party?”

Sophisticated tools will enable smart companies to quickly uncover data breach details and react faster: Company leaders realize that even the best firewalls and intrusion detection systems cannot stop all attacks. But technological progress that occurred over the last 12 months will enable companies to unravel events and see with near–real-time clarity what’s happened to their data and how much damage has been done.

Most organizations have invested in preventative security technologies, but remain unprepared to launch an effective response to a leak or intrusion, Ryan said. Without the right tools and policies in place beforehand, they find themselves suddenly under intense pressure to investigate, track and analyze events.

“We’ve seen a dramatic improvement in response technology over the last year,” Ryan said. “Companies have never had a better opportunity to enhance their existing protocols with a methodology that can mean an informed and timely response.”

New standards related to breach remediation are gaining traction and will have a greater impact on corporate data breach response: Credit monitoring will no longer be the gold standard in breach remediation in 2014, as lawmakers, consumer advocates and the public at large continue to raise questions about the relevancy and thoroughness of this as a stand-alone solution. These parties will demand a more effective alternative. While no legal guidelines currently exist for consumer remediation, the FTC and states like California and Illinois are already offering guidance that suggests a risk-based approach to consumer remediation will be the way of the future.

“That’s not to say that credit monitoring is useless, because it’s a valuable tool when it aligns with the type of data exposed,” Brill said. “Rather, companies will need to gain a better understanding of their actual breach risks, how the breach could actually affect their customers, and the best way to remedy those specific risks and provide better protection to the affected consumers.”

As cloud and BYOD adoption continues to accelerate, implementing policies and managing technologies will require greater accountability: The development and evolution of cloud services and BYOD have moved at a whirlwind pace, leaving IT departments scrambling to get out in front of the technologies and employee usage. In 2014, IT leaders will need to work closely with senior leadership and legal counsel to adapt corporate policies in a way that addresses changing legal risks, while effectively meeting the needs of the organization.

Brill said that up until now, cloud and BYOD adoption has been like the Wild West — uncharted, unregulated and facing few restrictions.

“While it’s implausible to anticipate every possible risk presented by the use of the cloud and BYOD, companies that have integrated these technologies into their corporate policies, IT security and risk-management plans will be much better prepared to fulfill their legal obligations,” Brill said. “Organizations must realize that even if they don’t want to deal with this, they’re not going to have much choice.”

For more information about CYBERSECURITY, contact us now:  www.eFOURlearning.com

Originally published on Business News Daily.