Nextgov/FCW - Authors - Alexander Abad-Santos

Report: Target Breach Succeeded Because Retailer Didn't React to Its Own Safeguards

Alexander Abad-Santos, The Wire — Thu, 13 Mar 2014 13:01:50 -0400

The hack that embarrassed U.S. retailer Target and left millions of customers' credit card information naked and exposed wasn't particularly complex or all that elaborate, according to new investigation. It only worked because, for some reason, Target didn't react to the safeguards it put in place.

Bloomberg Businessweek spoke with over 10 Target employees who were privy to the company's data security protocol and eight people "with specific knowledge of the hack" and came away with a less than flattering picture of Target's approach to security. The story basically says that Target was sitting on its hands while it was being hacked to smithereens. Businessweek explains:

Poring over computer logs, Target found FireEye’s alerts from Nov. 30 and more from Dec. 2, when hackers installed yet another version of the malware. Not only should those alarms have been impossible to miss, they went off early enough that the hackers hadn’t begun transmitting the stolen card data out of Target’s network. Had the company’s security team responded when it was supposed to, the theft that has since engulfed Target, touched as many as one in three American consumers, and led to an international manhunt for the hackers never would have happened at all.

The hack was malware that would steal credit card information with a swipe and store it on Target's servers. Hackers then uploaded more malware to spirit away the numbers to a different server, which Target's data safeguards caught.

That oversight ended with hackers compromising 40 million credit and debit cards, and costing banks and credit unions some $200 million. It also hurt Target pretty badly. "Partly because of the fraud costs, Target said its fourth-quarter profit was down 46 percent while revenue fell 5.3 percent," ABC News reported in February.And the company is still trying to figure out how to win back its customers' trust.

]]>

Edward Snowden Reportedly Now Has a Job Doing Tech Support

Alexander Abad-Santos, The Wire — Thu, 31 Oct 2013 10:50:32 -0400

Edward Snowden's lawyer, Anatoly Kucherena, won't say whether his client is still in Russia, but he has assured us that some prominent Russian website has decided to give the notorious NSA leaker a job in tech support. "Kucherena told the RIA Novosti news agency Thursday that Snowden starts his new job on Friday," the AP reports. Kucherena added, "it's a major Russian website." Snowden's temporary asylum lets him work in Russia, Reuters reported in August.

Taking Kucherena at his word, that major Russian website, whichever one it may be, would be taking a chance on associating itself with Snowden, since the man still faces espionage charges in the United States. Also, anyone who's been paying attention to the news cycle in the last six months should have some sense of this guy's track record when it comes to company secrets.

So who's Snowden's new employer? "The most public candidate for Snowden's services so far has been VK — Russia's answer to Facebook — which offered the NSA whistleblower a job back in August," The Verge writes. But that job offer had the odor of publicity stunt to it, as it was a public offer from the one of site's founders, and Kucherena seems a bit gun-shy now. VK wasn't the only offer though. In August, Kucherena told The New Republic, "I have to say he's getting a lot of job offers coming in. Offers from journalists to work together, and the like. I've passed them on to him, he'll make the decision himself." And now, apparently he has.

]]>

Turkey's Government Doesn't Understand Its Digital Enemy

Alexander Abad-Santos, The Wire — Thu, 06 Jun 2013 15:26:46 -0400

Turkish Prime Minister Recep Tayyip Erdogan has blamed the violent mess in Turkey on everything but the government. He specifically cast blame on "a problem called Twitter," and police across the country subsequently arrested at least 25 people, apparently for the crime of tweeting some photos and videos of cops assaulting protesters. By doing so, Erdogan and his government have incurred the wrath of Anonymous and the Syrian Electronic Army, the notorious do-gooders and pranksters who are now claim to have brought down the prime minister's website offline Wednesday morning.

If you tried to access Erdogan's website on Wednesday, you may have noticed that it wasn't loading. We tried it a few times, and it's back now, but we experienced delays in loading the site. According to Turkey's Hurriyet Daily News, that's because the two hacking groups — SEA is most famous for hijacking the AP's Twitter feed by claiming an attack on the White House had been made — are claiming responsibility.

"Anonymous launched the operation #OpTurkey on June 2, conducting a series of attacks in response to the government's heavy-handed response to the Taksim Gezi Park protests in Istanbul and around the country," writes the team at Hurriyet, which adds that the "group managed to take down access to the Official Gazette and other sites with a hacking attempt late on June 2." And in a release, a member of Anonymous posted user names apparently attached to the prime minister's website.

Nextgov/FCW - Authors - Alexander Abad-Santos

Report: Target Breach Succeeded Because Retailer Didn't React to Its Own Safeguards

Edward Snowden Reportedly Now Has a Job Doing Tech Support

Turkey's Government Doesn't Understand Its Digital Enemy

Turkey Is Now Arresting Dozens for Using Twitter

The U.N. Will Not Stand for Killer Robots

Is Big Pharma Standing in the Way of Curing the New SARS?

China Doesn't Care if Its 'Digitalized' Military Cyberwar Drill Scares You

China Is Winning the Cyber War Because They Hacked U.S. Plans for Real War

The New SARS-Like Virus Has a French Connection, and It Spreads in a Hospital

What We Don't Know About the Deadly New SARS-like Virus

China Thinks Its Bird Flu Might Be Spreading from Human to Human

Who's Using Chemical Weapons in Syria Now?

The Army Doesn't Want You to See the Results of Its Shady PTSD Probe

China Says U.S. Is on Offense in Hacking Attacks on Defense Ministry

China Says the U.S. Is Actually the Hacker You Should Be Worried About

Anonymous Wants to Ruin Your State of the Union Livestream

Are Spy Drones Being Used to Find Fugitive Christopher Dorner?

North Korean video imagines what it would be like to wipe out a U.S. city

You might want to be prepared for two North Korean nuclear tests

Here’s the North Korea nuclear site they’re trying to hide from the world

Iran and North Korea are upping their nuclear games

North Korea and its gulags are now on Google Maps

The iPhone app that helped save Algerian hostages in the desert

Video: North Korea shows Eric Schmidt it knows how to Google

FISA passes: Warrantless wiretapping will live on