Tag: Hackers

BAI Security Audit

Insider Theft Leads to the Data Breach of 1.5 Million Bank Clients

Atlanta bank SunTrust recently announced that 1.5 million users have potentially been exposed to a criminal third party. Unlike most data exposures we’ve been hearing about, the source of SunTrust’s breach was not caused by cybercriminals, but rather a theft by an employee who gained access to sensitive client information without security clearance. Sources say the data theft could include information such as names, addresses, phone numbers and bank account balances of SunTrust customers. Simultaneously, SunTrust announced it will partner with Experian to offer identity protection for all consumer clients at no cost on an ongoing basis. Here’s what happened and how your organization can prevent falling victim to a similar scheme. An Untrustworthy Employee An ongoing investigation by SunTrust

Read More »
Data breach

Be Careful with Legacy Systems

The popular travel site Orbitz recently announced that a hacker may have stolen the private information of up to 880,000 of their customers over the course of two years. While data breaches at major organizations like this are nothing new (and have become far too common in recent years), the method through which this attack was carried out should give all organizations a moment of pause and lead to some serious internal analysis. What Happened? In a statement released to the press, Orbitz singled out an old “legacy travel booking platform,” as the source of the breach. A legacy platform is a common term for any system or software still employed at an organization despite the fact it is likely

Read More »
Cyber Attack

The Ever-Expanding Threat of Cyber Criminals

The Dark Overlord, a dangerous group of cyber criminals, have made a name for themselves over the past several years. We’ve covered some of their illegal activities in the past targeting healthcare and financial institutions, and unfortunately, they’ve continued to make news. Their latest attacks open a new front into cybersecurity, signaling a shift all organizations should have on their radar. Here’s what you need to know. Real-Life Ransom As you likely know, when it comes to ransomware and cyberattacks, everyone from the FBI to security professionals like us advise that you never pay the demanded ransom. This only emboldens cyber criminals and there’s no guarantee that you’ll actually receive your stolen data. Instead, the best protection is to have

Read More »
Breach

The Anatomy of an Attack

Many times in this space we have discussed the results of an organization suffering a breach. These have included the fines an organization receives due to lackluster security practices, or the long-term damage a breach could potentially inflict on an organization’s reputation. Today, we’re going to move our gaze from the aftermath of an attack to it’s beginnings. What does a breach in real time look like, and what are the immediate steps an organization can take to remedy this attack? Meet the Attacker Since the summer of 2016, a hacking group known as “TheDarkOverlord” has been attacking businesses in the healthcare and financial sectors, grabbing private information and using it as a means of extortion. For example, in September

Read More »
Cyber Attack

HAS SLOPPY SECURITY SLIPPED INTO YOUR NETWORK ECOSYSTEM?

Much has been said about Sony, and much remains to be said. But the bottom line is that Sony was a cyber attack that was simply waiting to happen. This is a company that has been repeatedly hit by malicious hackers who, angered by Sony’s approach to Digital Rights Management, were determined to wreck havoc on Sony systems. And yet the company apparently did not encrypt personal data and other sensitive information. While blaming a victim is never nice, Sony could have done much more to protect itself. The successful attack on JP Morgan Chase is the attack that we should all be focused on and learning from. There were protections in place at JP Morgan. And yet hackers still

Read More »