Security Alert! July 2015

Office of Personnel Management hacked

If you have kept up with the news lately, you have seen a story about a large government hack. The Office of Personnel Management is the government agency responsible for handing out security clearances to government employees.

On June 4th, OPM notified employees that the records of approximately 4 million federal employees had been stolen. That number has jumped to 18 million in recent days. This agency has been warned many times of weaknesses in their security and has failed security audits the last 2 years, so it should be no surprise that they were hacked.

The most concerning thing is that this hack, like others, has been linked to groups of Chinese hackers who are gathering as much information on Americans as possible. This information could be used in further phishing attacks.

Sources:
OPM
CNN
ABC News
ARS Technica

St. Louis Cardinals hack Houston Astros

This is an interesting story of what amounts to corporate espionage. A lot of the hacks that are reported have been perpetrated by nation states like China, or by cyber-criminal groups using malware. The Astros’ manager Jeff Luhnow was previously the manager of the Cardinals. It was originally reported that he might have used the same passwords, although he has denied this.

Sources:
New York Times
Washington Post
NakedSecurity.com
ThreatPost.com

Airplanes grounded in hack

A total of 1400 passengers were grounded by a hack on LOT Polish airline (the official airline of Poland). Computers that issue flight plans were specifically attacked using a DDOS attack. While this didn’t affect that many passengers, and wasn’t in the US, attackers are looking for targets such as transportation.

Sources:
CNN
Reuters
ThreatPost.com
CNBC

Reminder

Windows Server 2003 is reaching the end of support on July 14th. What this means is Microsoft will no longer release any security patches or provide technical support. We strongly recommend you upgrade or migrate to a newer server platform.

Sources:
US-CERT
TripWire.com

Ransomware is still a major malware threat. A new alert was released on Cryptowall 3.0 and its spike in infections.

Sources:
Internet Crime Complaint Center
Internet Storm Center

To avoid a possible security breach described in the aforementioned stories, all businesses should take a multilayered approach to network security. This should include the following measures:

  1. Add an enterprise level router/firewall, complete with advanced security features, to the network.
  2. Employees should attend an annual security awareness course.
  3. Deploy a company-wide, enterprise level anti-virus solution.

Taking Care of Business,

Empowering our clients by giving them world-class IT solutions and support so that they can realize significant and tangible business results is the concept that drives everything we do at BBTech Solutions Inc.