February - 2020

washingtoncybercenter.com

Cybersecurity and Phishing

The recent (and successful) phishing attack on “Shark Tank” star Barbara Corcoran illustrates that no one, no matter your status is immune to a cyber attack. In case you missed it, Corcoran lost approximately $400,000.00 USD to a phishing attack originating in China. According to reports, her bookkeeper received an email from the star’s executive assistant requesting a money transfer to cover real estate dealings in Europe. The email seemed legitimate so the transfer of funds

Cybersecurity and Self-Assessment Tools for Small Businesses

National Institute of Standards and Technology (NIST) projects are size neutral. While they tools are often used by large organizations, they are designed to be used by small businesses as well. In September, NIST announced a new cybersecurity self-assessment tool that can be used by any business or organization. The tool, in draft stage, is the Baldrige Cybersecurity Excellence Builder. The tool is intended to help businesses learn more about their cybersecurity risk managem

Cybersecurity and the Mitsubishi Breach

Mitsubishi Electric is a global leader in electronics and electrical equipment manufacturing. With their expansive product line and capabilities, they are a giant in the industry. That being said, they still are targeted! Breach The breach occurred on June 28, 2019. This was not announced until January 2020. This may never have been announced publicly, except for two newspapers (Nikkei and Asahi Shimbun) publishing articles on the same. This was probably not the optimal strat

Cybersecurity and Connected Cars

Vehicles abound in society and culture. These vary in age, color, manufacturer, and the amount of tire and brake wear. One topic which has been in the news and talked about commonly has been securing these vehicles, especially the connected vehicles now and the future autonomous vehicles. Seemingly, there are new articles with these are the story focus. With these vehicles, due to the other assets the vehicle connects to (e.g. V2X, V2I, V2V, V2G, etc.), a successful attack ha

Cybersecurity and the Stanford U. Breach

They say data is the new oil due to its value. Colleges and universities have this new target for attackers in abundance. For each student, the institution has their social security numbers, permanent address, courses, grades, personal signatures, and other data. This is very useful for a number of reasons, including selling the data on the dark web, and identity theft. These issues can arise intentionally with a breach by a third party, or unintentionally with a misconfigura

Cybersecurity, Photography and the 500px Breach

Photography has been a hobby for decades. People take pictures on vacation, of their friends, pets, and virtually everything else. For special events, e.g. a wedding, graduation, or other event, they may hire a professional to not only take, but also print the pictures with quality paper. Target In this instance, the Target was 500px. This is a photography website used, among other services, to store portfolios. The breach occurred at approximately Jul 5, 2018. This directly

Cybersecurity, Ransomware and Hospitals

In our lifetimes, we may visit the hospital two or three times, or more. With the medical facilities, they require data and information to operate. This is presently in the form of EHR and EMR (electronic health records and electronic medical records). These allow the doctors to complete their tasks, nurses to pass medications, physical therapists to provide therapy, etc. Without the services being available, there is a mortal danger. There were a number of hospitals attacked

Cybersecurity and Dating Applications

The prominence of the internet has permeated most industries. One notable example is dating applications. These provide the opportunity for people to meet based on personal choices. There are many choices for this with consenting adults. One of these, OKCupid, had the opportunity to practice implementing their incident response plan with expertise! Of the population of industries to attack, what makes the dating applications an attractive target is the data they hold. This ma

Cybersecurity and Banking

Banks maintain and secure a mass amount of data for their clients and employees. This stewardship should not be taken lightly. This not only includes the customer’s confidential data, but also the client’s confidential financial data. In addition to the statutory issues, there may be civil liability issues. The data and leverage that is a product of a breach have significant value. Target/Opportunity India, as with any nation, has banks throughout its borders. India’s largest

Recent Posts

Archive