Today, Facebook releases Threat Exchange. It’s being built as a platform where businesses can caution each other about the latest security threats and hacking trends, like malware, spam and phishing.
Other social media giants and online providers, like Yahoo, Twitter and Tumblr contributed to the building of Threat Exchange. In fact, seven tech companies, including Dropbox, are involved in this creation. This program consists of API’s (Application Program Interface- a set of tools for building software applications) and Facebook’s platform for allies to ask, answer and share security threats to participants. According to Facebook officials, playing around with early feedback allows participants to be more open and blunt about conversations involving threats. And they can control the conversation. For example, a major threat to one company many not be a threat at all to another company, so just alert the one company. Or there may be a major attack on the horizon for all participants involved. And it’s already working. Thanks to threat exchange, many companies are schooling other companies of what to do in the wake of a security threat.
Now this is what needs to happen. Hackers are getting bolder and bolder and so are their attacks. I’m happy Facebook, Twitter, and five other online companies, are putting competition aside and working together toward the common good. I’m glad the best minds in technology are building a network like this. I would like to see them take it even further. I hope Facebook opens up Threat Exchange to the people. Maybe we the people can learn to protect ourselves from security threats. And who knows? Maybe we can share our security concerns on this new forum. In this era of ever increasing attacks, we need each other to combat this worldwide threat before more people get hurt. What more can we do as a community to combat threats like malware and ID theft?
Yesterday, I talked about the hacking of health insurance provider Anthem, one of the biggest security breaches of all time. Those crooks better hope they never run into Alex Holden, the anti-hacker.
Alex Holden was born in Ukraine in the mid 1970s, then part of ?Soviet Union. As a small child, his family tried, but failed, to move to the US, making life even more difficult under communist law. His parents taught him and his brother chess and other problem solving games in order to exercise their minds. After the Chernobyl disaster in 1986, the family moved first to Italy, then to Wisconsin. There, he found his calling in computers. By the age of 27, he became top information security officer at Robert and Baird Co. In 2013, he started his own security firm after his employer, Cyopsis, split. Soon after, his genius and his skills were needed and needed badly.
Last summer, a network of Russian hackers were very busy. By this point, they accumulated approximately 542 million emails and well over a billion ‘unique records’- things like usernames and passwords. Many of these records were all set to be sold on the black market. Some of these items go for as little as five dollars. Holden and his Hold Security firm shut the biggest password theft operation of all time down, saving countless accounts. And that’s not all. In October 2013, he caught another hacking network breaking into Adobe Systems and compromising over 3 million credit cards. Holden and his team of sixteen caught criminals infiltrating a limo company. These criminals not only leaked credit cards, but scathing information about A-list athletes and other celebrities. There’s plenty more where these stories came from.
I’ve always said that if the criminals are getting stronger and bolder,?we on the side of right have to be stronger and bolder. We need more Alex Holden’s in the technology world today. Where are they?
A major health care company was hacked Thursday, February 5, 2014. And we’re talking one of the biggest health care providers in America.
Anthem’ s computer system was severely infiltrated. Anthem is the second largest health insurance provider in the US, and it’s feared that as many as 80 million customer accounts could be compromised, though investigators are still determining the exact number. According to CEO Joseph Swedish, this was an external and sophisticated cyber attack. Hackers got access to names, dates of birth, medical identification, social security numbers, physical and email addresses, employment information, and income data (how much a person makes in a week, month or year). No credit cards were compromised. The FBI has been contacted and are assisting in this case. Anthem customers are urged to visit website?Anthem facts or call 1-877-263-7995 to see if their accounts took a hit, as well as get other vital information and support. It’s believed this is the largest security breach in medical history.
When I think of it, of all the hack attacks over the last several years: Home Depot, Target, TJ Maxx/Marshall’s, Neiman Marcus, this is probably the biggest one of them all. One, look at the number of people that could be affected. Eighty million is nearly a fourth of the US population. And I take no relief that credit cards weren’t compromised. They got social security numbers. Social security numbers are an ID thief’s main tool to get into credit/debit cards, bank accounts, and whatever else they want to get into. And to risk having intimate personal information like your physical address, medical ID and income data being released to the whole world is a risk few people can bear. Now, everybody knows everything and any psychopath can come to your home and business and commit unspeakable deeds. But here is a great segment about what we can do to keep safe. How many more of these breaches must people suffer?
A marriage ends in divorce. A long term relationship ends in a break up. If you’re thinking about putting nude, sexually explicit or embarrassing photos of your ex online, you better think again!
The state of California makes it clear: no more revenge porn! They made an example out of Kevin Bollaert (the younger guy in the photo), operator of a former website called U Got Posted. This website allowed anyone to post nude or explicit pictures of anyone they wished to, without the victim’s knowledge or approval. Bollaert’s website required the victim’s age, name, location, and Facebook page. Bollaert’s U Got Posted also charged the victim $350 a pop to have the scandalous photo removed. Thousands of dollars were made through this extortion. But a San Diego, CA court found Kevin Bollaert’s guilty of 20 counts of ID theft and six counts of extortion. Bolleart could face 20 years in prison. This is the first time a revenge porn operator has ever been convicted of running such a website. California has specific and strict laws against revenge porn.
And to this I say, hats off to San Diego and California! I’m glad one state is taking a stand against this evil and madness. Revenge porn is often difficult to prosecute because victims often don’t own the revenge pictures. I don’t know if this is because so many Hollywood celebrities have fallen victim to this hacking and unwelcome attacks. But whatever the reason, I like this crackdown. There is an old saying: As California goes, so goes the nation. In this case, let it be so. I know some will defend such actions in the name of free speech. But with freedom comes responsibility. And every adult and teen knows right from wrong. We should all be responsible enough not to put our exes nude pics online, or to blackmail strangers to take them down. How would you like it if someone did that to you, or your loved ones?
When people think of hacking, they think computers and thanks to the Sony scandal, movie houses. But a hack attack can strike at a place we often take for granted: our gas station.
I’m talking about gas tank venerability. According to the cyber security analysis at Rapid 7, there are automated tank gauges at over 5,000 gas stations across the US that are venerable to hack attacks. That’s only three percent of all gas stations across the country. ?Nevertheless, that’s more than enough for hackers to completely shut down these gas stations, causing ripple effects across the nation. Not only that, Rapid 7 discovered there are over 5,300 ATG (automated tank gauges) exposed on the Internet with no password protection. With little or no protection, hackers can falsify fuel levels, lie about tanks being full, start false alarms and completely shut stations down. This lack of protection can lead to malfunctions as well. One large ATG manufacturer/vendor that has addressed this problem is Veeder-Root. They are currently working to strengthen security in it’s products. “Security, accuracy and reliability are top priorities at Veeder-Root.We have taken immediate and decisive steps to inform each of our customers about activating the security features already available in their tank gauges,” said Veeder-Root president Andrew Hider through email. States that have the most venerable ATGs and gas station are New York, Florida, Texas, Virginia and Illinois.
Some may say, “It’s only a small percentage of gas stations? What’s the big deal?” One big deal is the biggest venerability is in the most populous states in the country. Let’s say hackers infect the ATGs and cause a few gas stations to shut down. Because of those shut downs, drivers have to go to the nearest one, which already has long lines. Before it’s your turn, that station is out of fuel supply. Now people can’t get to work, school, or go about their daily lives. Anger leads to panic and panic leads to mayhem. Do you see how a small problem really can turn into a big deal?
It’s been over a week since the terror attacks in Paris, France that left 17 dead, 14 wounded and a whole nation shocked, scared, confused and exposed. Now, as cyber attacks on France continue, this nation faces more turbulence.
In the past eight days, there has been approximately 19,000 cyber attacks in and on France. Some of them, have been carried out by radical Islamic hacking groups. Thankfully, most have been minor annoyances and have caused no serious damage or destruction. But all aspects of life from the French military to pizzerias have been hit. But it’s the quantity of the attacks that have many security experts and authority figures alarmed. “…19,000 sites, that’s never been seen before,” said Adm. Arnaud?Coustilliere, who is head of the French military’s cyber defense program. According to Arbor Networks, in the past 24 hours alone, there has been almost 1,100 attacks. These attacks have been ‘denial of service’, meaning the website simply doesn’t function. It’s frustrating for the customer and could possibly be crippling for a business, especially one like a pizzeria.
Personally, I think only a minority of these attacks are done by radical Islamist. They want to do far more damage. But when I say this tragedy leaves France exposed because it exposed the racism, Antisemitism , and ethnic tensions that has plagued France for many years. In fact, it’s gotten so bad that many Jewish people in France are leaving and moving to Israel. Is this tension spilling out into the cyber world? I know the media has portrayed togetherness since this attack has happened. But crises can also bring out a lot of ugliness that’s been seeping in the human spirit waiting to spill out. Is it spilling out into the French cyber world? Millions of people are already on edge. Are they taking it out by causing these minor cyber attacks? Or is something more sinister going on here?
