- eHealthEurope - "Private medical records offered for sale" - In a lesson of sub-sub-sub-sub-contracting failures another Indian company fails to secure information they're entrusted with protecting while "on the job". Indian companies are having a surprisingly hard time keeping data privacy and protection a priority ... wait, I can't even say that with a straight face.
- Reuters - "New study reveals push to electronic medical records puts patient privacy at risk" - Just one disturbing thing jumps out at me when I read this article ... "70% say senior management does not view privacy and data security as a priority" when speaking about electronic medical records. *gasp* Let's couple that with the $210 per patient record cost of a data breach and you can start to account for why a trip to the doctor for a simple check-up costs you and your health insurance company $500... In other news, paper medical records are routinely found insecure when they end up on a trash heap out behind the doctor's office.
- ZDNet - "GAO Report: NASA at 'high risk' of data breach" - There's a shock. NASA, the people who send humans to outer space, can't figure out data security ... although it's interesting that the GAO keeps finding these audits they do so poor when they can't keep their own house clean.
- National Post - "Turning power lines into battle lines" - Those crazy Canadians are worried about cyber-warfare on the north american power grid. They're nuts ... or not. If you don't think that what happened during the "great blackout of 2003" could happen again, in a much more controlled way ... you're the one that's nuts.
- MyPlainView.com - "Bank says online system is secure in wake of hack job" - You've gotta love a bank president who will go on record after a customer is hacked and say this: "Glenn said ASB uses a protection system called "Multi-Factor Authentication Solution" ... Because of this system we are very confident that our bank system was not breached" -Is he serious?
- InformationWeek/Government - "Cyberwar Readiness Recast as Low Priority" - While I (mostly) agree with the findings of this "think tank report" I think they're dead wrong on their understanding of "cyber warfare". They're somehow confusing Cyber Warfare as "...at best, cyberwarefare operations 'can confuse and frustrate operators of military systems, and the only temporarily'..." and urges that the government instead focus on shoring up critical infrastructure such as our ailing national power grid and other areas. Yes, that course of action is correct but what they're missing is that a "cyber war" waged on the US will not target strictly military assets ... a half-intelligent attack would break down communications, power and other critical infrastructure first! (more on this topic coming soon, stay tuned)
- Sky News - "Cyber attack fears as firms cut IT costs" - I think this story sort of wrote itself, but it's still worth the watch/read... the more companies cut their IT budgets they more they're exposing themselves to attacks via computer networks. Right, we know that. Why don't executives?
- RevolutionRadio - "DARPA, Microsoft, Lockheed team up to reinvent the Internet" - I cracked up... I can't resist but to post this. WHY, oh why would you (a) go with Microsoft and (b) re-write an entirely new "MNP -Military Network Protocol" ... I know TCP/IP has its problems but ... seriously, Microsoft? Really?
- The Chosun Ilbo - "N. Korean hackers infiltrated S. Korean military networks" - In what I would classify as a real cyber-warfare attack, North Korean is being accused of breaking into the South Korean military network and stealing some very serious state-secrets... "It looks like 2,000 national secrets have been stolen" ... how do they know the extent of the damage? It looks like the N. Korea vs. S. Korea battle is heating up again as North Korea starts to flex its military might versus the rest of the civilized world...
Thursday, October 22, 2009
Hell in a Handbasket ...
I've been reading a ton of articles lately on data breaches, cyber attacks, cyber warfare and other things ... and thought that I should share some of the more interesting articles with you that I've found, in case you've missed these gems...
Labels: Security news