Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

Harvard Hacked

“On June 19, Harvard discovered an intrusion on the Faculty of Arts and Sciences and Central Administration information technology networks. Since discovering this intrusion, Harvard has been working with external information security experts and federal law enforcement to investigate the incident, protect the information stored on our systems, and strengthen IT environments across the University. At this time, we have no indication that personal data, research data, or PIN System credentials have been exposed. It is possible that Harvard login credentials (username and password) used to access individual computers and University email accounts have been exposed.”

FTC on Public Wi-Fi Networks

“Whether in a hotel or airport across the world, or in the coffee shop just down the street, chances are you’ve used free Wi-Fi hotspots. While convenient, they’re often unsecure. So how can you reduce your risk? Encryption — having your information scrambled into code — is key to staying secure online. Watch this videoContinue Reading

Unisys Security Insights – Report for US

“Consumers in the U.S. are most concerned about data breaches at retailers and government agencies. U.S. consumers indicated relatively lower levels of concern about data breaches at other organizations such as airlines, healthcare and telecom companies. Interestingly, the perceived threat of data breaches is low for banks and utilities, possibly reflecting traditional high levels ofContinue Reading

GAO – Bank and Other Depository Regulators Need Better Data Analytics

Cybersecurity: Bank and Other Depository Regulators Need Better Data Analytics and Depository Institutions Want More Usable Threat Information, GAO-15-509: Published: Jul 2, 2015. Publicly Released: Jul 2, 2015. “Regulators use a risk-based examination approach to oversee the adequacy of information security at depository institutions—banks, thrifts, and credit unions—but could better target future examinations by analyzingContinue Reading

FTC- Start with Security: A Guide for Business

“When managing your network, developing an app, or even organizing paper files, sound security is no accident. Companies that consider security from the start assess their options and make reasonable choices based on the nature of their business and the sensitivity of the information involved. Threats to data may transform over time, but the fundamentalsContinue Reading

OPM – Actions to Strengthen Cybersecurity and Protect Critical IT Systems

“The recent intrusions into U.S. Office of Personnel Management (OPM) systems that house personnel and background investigation data for Federal employees and other individuals have raised questions about the security of OPM data and the integrity of its Information Technology (IT) assets. Since Director Archuleta arrived at OPM, she has led the agency in takingContinue Reading

DoD Critical Technology ID and Protection

Critical Program Information (CPI) Identification and Protection Within Research,Development, Test, and Evaluation (RDT&E), NUMBER 5200.39. May 28, 2015.

GAO Report – Recent Data Breaches Illustrate Need for Strong Controls across Federal Agencies

Cybersecurity: Recent Data Breaches Illustrate Need for Strong Controls across Federal Agencies, GAO-15-725T: Published: Jun 24, 2015. Publicly Released: Jun 24, 2015 “GAO has identified a number of challenges federal agencies face in addressing threats to their cybersecurity, including the following: Designing and implementing a risk-based cybersecurity program. Enhancing oversight of contractors providing IT services.Continue Reading

Massive Government Data Breach Even Worse than Reported

EPIC:  “A Congressional hearing on the Office of Personnel Management data breach has now revealed one of the worst data breaches in US history. The agency initially reported that the personal information of 4 million government employees was obtained, but news reports suggest the breach was much larger–exposing the social security numbers of more thanContinue Reading

UK: Information Security Breaches Survey 2015

PWC: “We have been commissioned by the Department for Business, Innovation and Skills (BIS) to survey companies across the UK on cyber security incidents and emerging trends…The key observations from the 2015 survey were: The number of security breaches has increased, the scale and cost has nearly doubled. Eleven percent of respondents changed the natureContinue Reading

Government Credentials on the Open Web

Follow up to Massive hack of federal personnel files included security-clearance database – related news – “Recorded Future identified the possible exposures of login credentials for 47 United States government agencies across 89 unique domains. As of early 2015, 12 of these agencies allowed some of their users access to computer networks with no form of two-factorContinue Reading

OPM IG Report – Infrastructure and IT Controls Improvement

“The U.S. Office of Personnel Management (OPM) Office of the Inspector General (OIG) is issuing this Flash Audit Alert to bring to your immediate attention serious concerns we have regarding the Office of the Chief Information Officer’ s (OCIO) infrastructure improvement project (Project). This Project includes a full overhaul ofthe agency’s technical infrastructure by implementing additional information technologyContinue Reading