Posts tagged data theft
Staples should pay customers to wipe data
Jun 24th
When you want people to do something for you that is tedious and just altogether easier to skip, nothing works better than cold, hard cash.
Staples Inc. should consider paying its customers to effectively wipe their data off of storage devices they are returning to the retailer. The payment could come in the form of a credit towards the replacement storage device they buy, or just a cash refund that is a small percentage of the overall purchase. But why would Staples want to do this, you ask?
Brian Jackson, Associate Editor, ITBusiness.ca
Something good out of LulzSec attacks
Jun 16th
By Nestor E. Arellano
In the simulated network attack used in the recently concluded SC Canada Congress security conference, organizers attributed the hypothetical theft of a fictitious company’s data to a secretive band of hackers known as LulzSec.
Nestor Arellano
The simulated attack which was the highlight of the session titled 2 ½ hours to network meltdown was a hilarious affair featuring a hapless operations chief of a network security team that scarcely had any idea how to handle the attack that was taking place.
But there is nothing to laugh about in the real attacks poised recently by the grey hat hacker group whose motto is ironically “laughing at your security since 2011”. Read the rest of this entry »
10 Internet threats you want to know about
Apr 15th
By Claudiu Popa
From the moment we unwrap that shiny new cell phone or unpack a new, user-friendly computer we are presented with opportunities to ‘get online’ and ‘look at stuff’. Indeed that ‘stuff’ is now the bulk of the value of the Internet as far as users – employees and home users alike – are concerned.
Claudiu Popa
Unfortunately we’re at a random point in the evolution of the Internet where the criminal element and the amoral minorities have a huge footprint in the online world. Indeed, it would not be an exaggeration to say that surfing the Internet without filtering its content is akin to having unprotected sex with strangers.
Playing with fire may be exciting at first, but the outcome is practically inevitable. And so I volunteer, in the name of randomness of course, to list my top 10 Internet security follies of the moment. Read the rest of this entry »
Commit to “Loving” your data
Feb 14th
By: Blake McConnell
For most people, Valentine’s Day conjures up thoughts of candy, flowers and secret admirers. Well, here at Symantec, it makes us think about information.
Blake McConnell
Yes, information. It may not be the most romantic notion, but the amount of “love” you give your data can have a significant impact on the success of your company. Your information – from company plans to customer financial information – is the backbone of your business, so today make a commitment to giving it a little extra care and attention.
In a recent Symantec survey, 74 per cent of SMB respondents said they were afraid of losing electronic information. Read the rest of this entry »
Spam levels decline in January, but not for long
Jan 30th
After the dramatic decline in spam levels seen over the holidays, spam now accounts for 78.6 per cent of all email traffic, the lowest rate since March 2009. Results from our January 2011 MessageLabs Intelligence Report have found that spam volumes are 65.9 per cent lower than last year at this time.
Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec Hosted Services
During December 25 to January 1, spam volumes decreased from 80.2 billion spam emails per day to 33.5 billion spam emails. We have found two reasons for this dramatic decline – the first being a halt in the spam-sending activities of three botnets, Rustock, Lethic and Xarvester and the second due to unrest among pharmaceutical spam-sending gangs.
In May 2010, pharmaceutical spam peaked with 85 per cent of spam being related to pharmaceutical products. However in January 2011, MessageLabs Intelligence found that pharmaceutical spam accounted for only 59.1 per cent of all spam. The closure of spam affiliate, Spamit, in October was partially responsible for this disruption. The Canadian Pharmacy brand, previously the most prolific pharmaceutical spam brands, disappeared when Spamit shut down. Read the rest of this entry »
OLG’s winning biometric encryption strategy
Dec 8th
For several years now, I have been a very vocal proponent of Privacy by Design (PbD) – the concept of engineering privacy directly into the design of new technologies, business processes, and networked infrastructure as a core functionality. I have argued that privacy and security can – and must – co-exist in a positive-sum, not zero-sum relationship.
Ann Cavoukian
My office, working with industry leaders, is showing that it is possible. Over the past year, for example, we have worked closely with Ontario’s biggest utility, Hydro One, on building the 7 Foundational Principles of Privacy by Design into Ontario’s emerging Smart Grid. As a result, Ontario is leading the way in Smart Grid privacy! And just last week, we released a joint paper with the Ontario Lottery and Gaming Corporation (OLG) about another very exciting application of PbD that will be rolling out in Spring 2011. Read the rest of this entry »
It’s mostly tricks not treats with Halloween online ads
Oct 24th
Halloween is drawing near, so the spammers are busy laying out bait in the form of Halloween jackpots, sweepstakes, gift cards, e-cards, personalized gifts, online contests, and even print products and costumes. 
Perhaps this is one of those seasons during which people—both young and old—celebrate with full gusto.
Unfortunately, this type of popular event brings with it a whole host of malicious circumstances on the Internet that people are being enticed to fall for. For it is common knowledge that where people show some vulnerability, spammers are not far behind!
A challenge to health IT professionals – patient privacy is in your hands
Oct 22nd
Earlier this year, a health care professional did something seemingly well-intentioned: she placed a USB key into her purse as she left the office, planning to do some further work at home. As it happened, the files in question were the personal health information records of 763 patients.
Ann Cavoukian
Her purse was stolen. And regrettably, all of the records – unencrypted and easily read by anyone – were lost. Lost, too, was any sense of privacy for those 763 patients.
Scenarios such as this have been played out countless times all across Ontario and around the world. Indeed, a U.S. database has documented 121 incidents of mobile computing and storage devices being lost or stolen since September 2009, impacting over five million patients. It’s a privacy problem of epic proportions, compromising the most sensitive and personal types of information possible. And it must stop – now. Read the rest of this entry »
Exotic (and quixotic) security exploits
Oct 5th
Can you think of 007-style, modern day heists that captured – if only briefly – the attention of the media?
Claudiu Popa
An article I read recently on an ingenious attack that literally involves siphoning money out of a retail chain’s coffers (http://www.thesun.co.uk/sol/homepage/news/3149962/Robbers-clean-up-with-vacuum.html) led me to thinking about some of the most non-standard ways that today’s clever thieves get away with the loot, be in information or jewels.
The case of the Canadian hi-tech gentleman jewel thief comes to mind (http://www.wired.com/magazine/2010/03/ff_masterthief_blanchard/). Gerald Blanchard jumping out of an airplane right onto the roof of the secure chambers that hosted the Koechert Diamond Pearl reads like the stuff of fiction, but it happens, and I’m sure someone is already set to play his part in a TV movie.
How cyber crooks break CAPTCHAs
Aug 11th
The per centage of spam containing shortened hyperlinks has increased significantly over the last year. As far as spammers are concerned, any tactic that makes it harder to block their spam emails is going to be exploited. These shortened hyperlinks contain reputable and legitimate domains, making it harder for traditional anti-spam filters to identify the messages as spam.
Paul Wood
Analysis in the latest MessageLabs Intelligence Report revealed that URL-shortened spam hit a one day peak of 18 per cent, or 23.4 billion spam emails, on April 30, 2010. This doubled last year’s peak level of 9.3 per cent of spam, or more than 10 billion spam emails, on July 28, 2009.
While botnets are often the source of short URL spam, 28 per cent of this type of spam originated from sources not linked to a known botnet, such as unidentified spam-sending botnets or non-botnet sources such as webmail accounts created using CAPTCHA-breaking tools.
