Protecting kids might not be a walk in the park

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Parents in 22 states have the right to freeze their children’s credit to prevent identity theft. But in other states, protecting your child can be a real fight. Of the three credit bureaus, only Equifax allows parents from any state to set up a freeze for a minor. Equifax will create a credit file if one doesn’t already exist for a child, then suppress it—the equivalent of the credit freeze that adults can request. Experian limits freezes on minors’ credit reports to the states that expressly require it and won’t freeze a file unless it finds that one already has been created. If a minor has a credit file, then his or her identity likely already has been stolen, since minors aren’t supposed to be given credit. TransUnion will create and suppress a credit file for a minor if there’s evidence the child’s identity has been stolen, but the bureau discourages parents from asking for such freezes as a precautionary measure. Source: Bankrate

Stop the press releases!

sh_printing press_280Two defendants agreed to pay $30 million to settle Securities and Exchange Commission civil insider trading charges over a scheme to hack into networks that distribute corporate news releases, the regulator said. Jaspen Capital Partners and CEO Andriy Supranonok, both from Kiev, Ukraine, are the first of 34 defendants to settle SEC charges over allegations of the theft of more than 150,000 press releases from Business Wire, Marketwired and PR Newswire before the news became public. The SEC said the scheme resulted in more than $100 million in illegal profit in a five-year period. Authorities said traders would give hackers “shopping lists” of news releases they wanted to see in advance, then make trades based on them. Source: Reuters via NBC News

Setting up a federal shield

Senate Finance Committee Chairman Orrin Hatch, R-Utah, and ranking member Ron Wyden, D-Ore., said the panel will mark up an original bipartisan bill to curb identity theft and tax refund fraud on Sept. 16. “Protecting the private information of taxpayers at the Internal Revenue Service should be of highest importance to the agency and Congress,” Hatch said. “Unfortunately, as we learned this year, highly valuable information housed at the agency is susceptible to cyber criminals. Since this threat will not end, Congress should take appropriate bipartisan action to implement needed legislative policies that will better protect taxpayers and shield taxpayer dollars from thieves.” Source: Policy.com

Book ’em: Hackers hit librarians’ site

sh_librarian_280Hackers took over the American Library Association’s Facebook page and posted an endless stream of clickbait articles and spam for three days. The librarians made the best of the situation by posting jolly responses to the articles, including call numbers for various books on esoteric topics, such as one to accompany a picture of female soldiers and the odd differences in style of dress in Dubai. Everything was returned to normal on Monday. Source: Tech Crunch

Maybe not a charitable cause

A Florida private investigator was busted for trying to hack into a New York City charity’s computer network in an attempt to find out whether it was financing Middle East terrorist groups, according to court papers. Timothy Sedlak was charged in Orlando federal court with computer hacking. He made almost 400,000 attempts to hack into the charity’s network using a “brute force” password-cracking tool that’s designed to launch a relentless barrage of possible passwords at an account, prosecutors said. When questioned by Secret Service agents, Sedlak said he “conducted research of charitable organizations to try to determine if such organizations are unintentionally financing jihadist groups by sending, to charitable organizations in the Middle East, funds which are then seized by jihadist groups,” his criminal complaint states. Source: The New York Post

Bit by Bitcoin

sh_Bitcoin_280A man accused of running a Bitcoin exchange that laundered money for hackers and who has been linked to a cyber attack on JPMorgan Chase in an FBI memo, is in plea discussions with U.S. prosecutors. Anthony Murgio was charged with a second man, Yuri Lebedev, with operating an illegal Bitcoin exchange named Coin.mx. Murgio has been linked to a group in Russia and Israel being investigated by the FBI for theft of customer data from JPMorgan. Murgio and a college fraternity brother were linked to a hack last year of JPMorgan, which compromised the personal data of 83 million bank customers. Source: Bloomberg Business

Figuring the risks of a policy

Two cybersecurity risk providers will collaborate with AIR Worldwide, a catastrophe risk-modeling software provider, to create an up-to-date cyber risk model for insurers, AIR said. Risk Based Security, which provides information security solutions and BitSight Technologies, which analyzes and rates the security level of company data, will work with AIR to build the AIR Cyber Risk Model, to assist the insurance industry in mitigating cyber attacks. “Cybersecurity is viewed as a top priority for many companies,” said Ira Scharf, general manager of worldwide cyber insurance at BitSight. “As more and more companies purchase cyber insurance, insurers are becoming increasingly concerned with aggregation risk. We’re collaborating with AIR to help them more accurately account for cyber risk in the entire supply chain, such as security vulnerabilities on hosting companies, cloud providers, and other third-party suppliers.” Source: Business Insurance

Easy to use, but easy to hack?

sh_toll booths_280Universal electronic tolling on the Massachusetts Turnpike is due by the end of next year in an effort to eliminate the state’s costly toll takers and let drivers whiz through without stopping. The move could force tens of thousands of drivers to switch to E-ZPasses. But experts say the electronic transponders are susceptible to hacking and already have triggered concerns in New York. “They’re not using encryption, so unbeknownst to most E-ZPass users, the tag can be read from almost anywhere,” cybersecurity expert Gary Miliefsky said, adding that crooks could travel on your dime. “Hackers could easily read your number from your car and make their own pass using your account number.” Meanwhile, in New York, city and state officials have been tracking E-ZPass users all over the city—even in locations that were nowhere near a toll—according to a recent report by the New York Civil Liberties Union. Source: Boston Herald

From the toolbox

ABA Insurance Services launched a new cyber insurance product for banks that are insured through ABAIS to help them prevent, prepare for, and respond to data security incidents. BakerHostetler’s privacy and data protection team will provide legal services for insured companies. ABAIS’s clients will have 24-hour access to BakerHostetler’s team of incident-response attorneys through an 800 number. Banks that experience an actual or suspected data security incident will get a free one-hour consultative post-breach call and preferred rates for additional post-breach data privacy services. Source: Insurance Journal

Keep on truckin’

sh_trucks_280The U.S. transportation industry is in the crosshairs of the cyber-crime trend, especially trucking, as many carriers continue to rely on a “patchwork” of different information technology systems to conduct business electronically, noted Matt Foroughi, vice president of information security for the Descartes Systems Group. “Trucking companies … may have many different legacy systems spread across a wide geography. Patching and staying up to date is essential.” The value of data and the need to offer greater protection for it also is going to drive the cost of cyber-specific insurance policies higher, noted Allianz Global Corporate Specialty Insurance in its report, A Guide to Cyber Risk: Managing The Impact of Increasing Interconnectivity. The company noted that increasing awareness of cyber exposures, as well as regulatory change, will propel the future rapid growth of cyber insurance, with the premiums for cyber insurance projected to grow globally from $2 billion per year today to more than $20 billion in the next decade—a compound annual growth rate of more than 20 percent. Source: Fleet Owner

More than a few good men

The Pentagon plans to complete the establishment of a new Cyber Mission Force made up of 133 teams of more than 6,000 “cyber operators” by 2018, and it’s already nearly halfway there, the Federation of American Scientists reported. “The Pentagon intends to spend $1.878 billion to pay for the Cyber Missions Force consisting of approximately 6,100 individuals in the four military services,” a Pentagon statement said. FAS noted that “today, the Pentagon has 3,100 personnel assigned to 58 of the 133 teams,” nearly 50 percent of the intended capacity. The Department of Defense has three primary missions in cyber space: defending the Pentagon’s information networks to protect its missions; defending the U.S. against cyber attacks; and providing full-spectrum cyber options to support contingency plans and military operations, Assistant Secretary of Defense, Eric Rosenbach is reported to have said. Source: Middle East Monitor