What you need to know for your personal cyber security life…
First in a series of current and topical computer threats that may affect your online, or even offline, digital and real life.
# # #
State Auditor Edelen backing cyber security bill
By Mike Wynn
Jan. 14, 2014
FRANKFORT, KY. — People who have personal data exposed or hijacked from government computers would receive notification under a bill gaining support in the Kentucky legislature.
House Bill 5 mandates that state and local government agencies notify victims of stolen or mishandled data within 35 days of a security breach. It also aims to boost security training for government officials and calls on agencies to encrypt sensitive data in their computer systems.
State Auditor Adam Edelen partnered with Rep. Denny Butler, D-Louisville, and Rep. Sal Santoro, R-Burlington, to unveil the measure Tuesday, and at least 65 lawmakers have signed on as co-sponsors in the House.
“Cyber security is the most pressing public safety concern of the 21st century,” Edelen said. “As residents of Kentucky, it is your data, so it is your right to be notified when it is lost or stolen.”
# # #
North hackers target national security network
BY KIM JI-YOON
January 15, 2014
The Ministry of Science, ICT and Future Planning warned yesterday that North Korean hacking attempts have been detected recently at small and midsize IT companies and institutions that deal directly with national security.
The companies, especially those under contract with government agencies, were affected by recent hacking due to their relatively poor security, the ministry said.
In the second half of last year, the number of phishing cases increased sevenfold to more than 60 compared to the first half, according to an official from the Science Ministry.
According to the ministry, hacking attempts have also been found in emails. For example, the North has spread mass emails that contain malware since last month.
# # #
s patient and firefighte r informatio n
By Matt Markovich
Jan 14, 2014
DUVALL, Wash. — Having firemen come to your house or accident scene is traumatic enough, but now some Eastside residents who experienced such an event may be vulnerable to identity theft.
A hacker gained entry into a computer server run by NORCOM, the North East King County Regional Public Safety Communication Agency, which is responsible for dispatching first responders for many fire districts.
“It didn’t involve the call center at all,” said NORCOM executive director Tom Orr.
Orr said it was a separate server inside their Bellevue headquarters that was used to share files internally with agencies NORCOM works with.
# # #
Target to invest $5M in cybersecur
ity ed program
By John Ribeiro
IDG News Service
January 14, 2014
Target said Monday it is investing US$5 million in a multi-year campaign to educate the public on the dangers of scams, after the company disclosed that up to 110 million people may have been affected by a data breach at the retailer’s U.S. stores.
The company, under pressure from various quarters including some state attorneys general, has also unveiled the details of a free credit monitoring and identity theft protection for one year for all Target customers who have shopped in its U.S. stores.
Target is facing a public-relations crisis and the proposed investment in cybersecurity education is likely designed to mute criticism.
It said it had hired Experian to provide its ProtectMyID credit monitoring and identity theft protection product. Customers have to sign up to receive an activation code for the facility atcreditmonitoring.target.com. by April 23 and redeem the codes by April 30.
# # #
N.S.A. Devises Radio Pathway Into Computers
By DAVID E. SANGER and THOM SHANKER
The New York Times
JAN. 14, 2014
WASHINGTON — The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyber attacks.
While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.
The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.
The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyber attack. In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.
# # #