What to Watch To Learn A Little CyberSecurity

Do you like to be entertained? I know I do!
Here are some shows and movies that I recommend.

Brian Brushwood’s Hacking the System

This show has a LOT of thinking outside the box and social engineering.

Mr. Robot
This show has real life examples from the Anonymous group. The story line and some of the trippyness is a little too much, but the hacks are modeled after current real world hacks.

The hacks are good, like the “falling for a phishing email” but the story is a little dumb and overplayed. But then again it’s Chris Hemsworth and who doesn’t like that guy?

CSI: Cyber
Actually, it’s not too bad.

A lot of cybersecurity attacks are getting really intermingled into mainstream television, which is great for raising awareness.

What shows do you like to watch?

Also, here is another list from Techworm

Blue Cross Blue Shield of Kansas City Data Breach

Ken Selzer, the Kansas Insurance Commissioner warned that members of Blue Cross and Blue Shield of Kansas City need to safeguard their financial and health information following a data breach that accessed information on their medical ID cards.

Insurance officials stressed that BCBS of KC is separate from Blue Cross and Blue Shield of Kansas and did not involve Social Security numbers, dates of birth, banking, credit card information, claims information or health information, they did urge members to be on the look-out for any suspicious activity regarding medical ID card use.

There were over 240,000 records that were affected yet 790,000 members were notified.

No word yet on who the attackers are.

Read more here.

Oracle Systems Breached… MICROS Point of Sale Systems’ Customer Portal Breached

Oracle had their computer systems breached and that lead to the compromise of the MICROS customer service portal.

The MICROS customer service portal system had traffic going to a server owned/operated by Carbanak. MICROS is owned by Oracle’s retail division. According to Brian Krebs’ website, there was 700 systems at Oracle that were infected. The malware planted on Oracle’s systems enabled Carbanak to steal customers’ login credentials.

Over 330,000 MICROS point of sales systems are employed in many retail businesses… to name a few are Starbucks, Sonic, Burger King, IKEA, Helzberg diamonds, MGM resorts, Wyndham, Hilton, Marriott. Here is a graphic on Brian’s site.

More details are still coming as the coverage and capability of the attack are still being investigated.

Read about it on KrebsOnSecurity or on Fortune

CEO Fired After Fake Email Loses Firm $47 Million

FACC, in May has let their CEO, Walter Stephan, go after a fake email made it’s way to the financial controllers office and €52.8 million ($58 million USD) was wired out of the company. It caused their stock to drop by 38%. The company supplies Boeing and Airbus.

A month prior, FACC sacked its CFO, because fraudsters had targeted the financial accounting department. The company had not identified malware related to the fraud and said it was pursuing damages and insurance claims.

The company was able to halt $10.9 million.

Fraudsters may establish a bogus email address to pose as the CEO and then convince a subordinate in the finance department to wire funds to an overseas account under the pretense it is due to a known supplier. The FBI has warned that fraudsters target firms with international suppliers.

Read more about it here.

Confessions of a Cyber Spy Hunter

With over 20 years of experience leading high technology companies out of Silicon Valley, Eric has played a part in shaping the industry as an executive at heavyweights like McAfee, Symantec, and Cisco. Today, he is the CEO of ZanttZ, a company that is developing stealth cyber security technology solutions. Eric and his company are at the forefront of the latest developments in the world of global espionage, and the merging of man and machine. He attests that the Hollywood-created image of the daring secret agent sneaking into a foreign government’s laser protected server room to steal top secret information couldn’t be further from modern reality. In fact, the “James Bond” of the 21st century doesn’t just use a computer, he is the computer.

Sure, this video is 3 years old, but it’s really interesting.

National Crime Agency in the UK

The National Crime Agency in the UK has published the National Crime Assessment, it is a fantastic read and can be found here.

An interesting fact is that plain crime is at 47% total crimes committed, while computer misuse and computer enabled fraud total up to 53% of total crime. Thusly, cyber crime has tipped the scales and has overtaken other crimes.

Some thoughts, is it because not everybody has the right amount of security awareness? Is it because there is inconsistencies in tracking down the bad guys? The office of national statistics in the UK states that there were 2.46 million incidents with 2.11 million victims in the UK in 2015.

I feel that the reason why this is so is because not enough people are doing the right things… the basic things, to protect themselves and to protect what they are custodians and guardians of. Individually, government and businesses are not doing the very basic things to safeguard data.

Read the report here!