Copyright 2012 eSlavery.com
How Safe is Your Personal Information ?
Feb 12-2012
Devices & systems that promise
freedom but create dependence
-DISCLAIMER- The views & comments expressed in these embedded videos are not necessarily the views & comments of eSlavery.com
Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing. Non-profit, educational or personal use tips the balance in favor of fair use.
"Catastrophic Cyber Attack" Hype or New Cybersecurity Bill Promtion ?
Employees Initiate Data Breaches
A high percentage of data that is stolen from companies is caused by employees unwittingly activating malware, delivered through email directly or through a web browser link which the user is tricked into clicking on. These difficult to detect Trojan infections exploit system vulnerabilities, relying on the fact that most organizations do not update their systems in a timely manner.
Anti-Virus Software is Ineffective
Large numbers of data breaches are being initiated by targeted malware that anti-virus software can’t detect. Trustwave’s 2012 Global Security Report studied 300 data breach incidents across 18 countries. Anti-virus software was unable to stop the data breach attacks. In total, 88% of the malware isolated by Trustwave was able to evade detection by all the anti-virus products used in the test, while the remaining 12% that did flag malware were only able to do so, up to months later after being used in a sucessful data breach attack.
McAfee Labs Quote
"Today's security threats are more sophisticated and targeted than ever, and they’re growing at an unprecedented rate. Malicious URLs, viruses, and malware have grown almost six-fold in the last two years, and last year saw more new viruses and malware than all prior years combined. With the increased threat of criminals mining for consumer and corporate data, the efficiency of your Internet security must be a priority."
DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. DataLossDB tracks hundreds of major data breaches that have resulted in hundreds of millions of personal data records being stolen.
Project Honey Pot is an initiative to track abuse, fraud, and other malicious behavior that occurs online. The Project tracks more than a million IP addresses engaged in suspicious behavior each day.
A 2010 report by Kaufman, Rossin & Co. discovered that in the Health Sector data breaches were mostly accomplished by physical access theft. This will change as more medical data is put online. Patient record data breaches nearly doubled last year.
Most data breaches are not reported in a timely manner, if at all. A lot of companies would rather leave their customers at risk then take the chance of losing revenue by disclosing the breaches. Those companies who do disclose often turn it into a marketing opportunity.
Data Breach Notification Legislation
In the United States, there are various federal and state data breach notification laws, although there is no comprehensive federal law. In May 2011, the Obama administration submitted a comprehensive cybersecurity proposal to Congress that includes a federal data breach notification requirement. This could vastly improve cybersecurity, but as of January 2012, no federal data breach notification legislation had been passed.
Health Sector data breaches
US Government says they are behind on cyber threats
Most major web sites have been hacked in the corporate and government sectors
The most important question is: How much of my personal data has been stolen?
Almost 20% of Workloads are Already Running on Virtual Machines
"The virtualization environment is not inherently insecure. However, most virtualized workloads today are being deployed in an insecure manner. This is a result of the immaturity of virtualization security tools and processes, and limited security training of staff, resellers, and consultants"
Last year hackers infiltrated 312 businesses to grab mainly payment card information, through remote-access applications used for systems maintenance.
Hackers uploaded Symantec's pcAnywhere 2006 source code to Torrent sites.
The worst privacy scandals of all time - The 15 most outrageous breaches
How Safe is Your Smart Phone ?
2012 promises to be a remarkable year for mobile device security, with the projected rapid increase in malware already being seen. Other notable trends include the targeting of online banking and financial transactions, browser-based exploits including drive-by downloads and the targeting of third-party applications installed on the device.
Should you Trust Cloud Computing ?
While cloud service providers face similar security issues as other sorts of organizations, analysts warn that the cloud is becoming particularly attractive to cyber criminals. Every breached security system was once thought infallible. Peter Brudenall, outsourcing lawyer at Lawrence Graham, thinks 2012 could be the year that the cloud is shaken by a security problem.
A class action lawsuit was brought against Dropbox, by users in July 2011 for failure to secure their private data and immediately notify them about a recent data breach.
Devices & systems that promise
freedom but create dependence
The Age of Privacy is Over
Google Docs - Documents deleted are only hidden and are still accessible without a password
Any Apple iDevice app can, without asking for your permission, upload all of the information stored in your address book to its servers.
