I am very pleased to announce that Cyber Fraud: The Web of Lies is now available on Kindle!
Tomorrow, July 15th, is the official release of the paperback version, and I will be starting out the day at NBC King-5 to discuss the book on the morning show at 7:15am.
If you bought a print copy of the book you should be able to purchase the kindle version for 2.99.
Tomorrow is Amazon Prime Day, which was very nice of Amazon to schedule their biggest online deals day for the day that I launched my book 😉
Thanks to everyone for the support and encouragement throughout the writing process.
If you know someone who works for the federal government or used to, send them the link to this article immediately.
Sources at the Office of Personnel Management claims that the hack that was reported last week was even larger than anyone imagined.
According to a federal worker union, hackers gained access to Social Security Numbers of
- All current federal employees
- All federal retired employees
- 1 million former federal employees
According to a letter given to the Associated Press, the hackers also got access to military records, veterans status information, addresses, birth dates, job and pay history, health insurance, life insurance, pension information, age, gender and race data.
The Wall Street Journal is reporting that the hackers were inside for more than a year before a sales demo by a tech firm found the malware. Basically it was only discovered by blind luck. I hope that company ended up getting whatever contract they were trying to get.
To think that the largest breach in the history of the U.S. Government was discovered by sheer luck does not give me a lot of faith in our system.
I will be detailing various steps in a post tomorrow regarding things that can be done to protect yourself.
The Russian security giant Kaspersky Lab admitted to being hacked. Kaspersky Lab CEO and founder Eugene Kaspersky wrote on their corporate blog
“We discovered an advanced attack on our own internal networks. It was complex, stealthy, it exploded several zero-day vulnerabilities, and we’re quite confident that there’s a nation state behind it.”
Kaspersky is one of the largest provider of consumer antivirus software, not to mention being an industry leader in the world of cyber security. The attack was named Duqu 2.0, which is a reference to the specific piece of malware called Duqu that was widely considered to be closely linked to the Stuxnet attack that targeted Iran, India, France and the Ukraine in 2011.
The intention behind the attack was to gain access to Kaspersky’s corporate networks to learn more about its products, and that Kaspersky Lab was not the only target.
This attack was actually kind of stupid on the part of the hackers, particularly because security firms like Kaspersky Lab generally sell exploits and other security products on the open market, so the hackers could have paid for the information that they were after in the first place. By hacking Kaspersky Lab, they took the risk of getting caught, which they did, and ultimately revealed their own capabilities. Think of this discovery as Kaspersky Lab being able to see the cards that these attackers had in their hand.
With the brazen attack on Kaspersky, consumers everywhere will likely have concerns about their antivirus solutions. This is understandable from a consumer perspective, as the company you were counting on to protect you from malware could not protect itself from malware. Eugene Kaspersky took to twitter to reassure enterprise customers and consumers that there is no risk to them. Kaspersky has always created great products and this reassurance is helpful, but if there was a risk to their customers, would they be as forth coming with a warning as they are with their reassurance.
Change your Password – Read about how important this is here.
If you have any concerns about antivirus software, the risk that hackers pose to you or your company, feel free to reach out to me via email at firstname.lastname@example.org
Follow me on Twitter
Connect with me on Linkedin.com
The Office of Personnel Management and Department of Interior were originally thought to be the only agencies breached, but now the reports are showing it could be much worse.
The reason that it was not previously known was that the types, styles and signatures of the attacks were changed from target to target so they didn’t look like the same attack or source.
Officials are also saying that they strongly believe that this was the work of the Chinese government, which the Chinese government called irresponsible allegations.
The hackers who are allegedly working for the Chinese government / military are reported to be assembling a massive database of American citizens. If this database does exist and is being put together by hackers in the Chinese government or military, we know they are not going to be using it for good. Worst case scenario involves completely overhauling Social Security numbers, which one can’t even fathom in terms of scope or cost to the American tax payer.
There will undoubtedly be more to come in these stories as information gets to the public. For those who have worked for the federal government or still currently do, ask your chain of command for instructions or follow the news for any new developments.