TweakTown NewsRefine News by Category:
Sony will delay releasing its third quarter earnings report because of Sony Pictures continuing to struggle with repair of its crippled computer systems. Company officials want to release Sony's earnings report on March 31, and have asked regulators for additional time to get its IT situation sorted.
It will take until early February until SPE systems are fully restored and operational because of the "amount of destruction and disruption that occurred, and the care necessary to avoid further damage by prematurely restarting functions," according to Sony.
Despite The Interview bringing it close to $50 million from the box office, online rentals and sales, it has been a constant headache for the film studio. During CES, Sony CEO Kazuo Hirai said current and former employees suffered "one of the most vicious and malicious" cyberattacks to target a company - and applauded them for their continued resolve.
Companies suffered relentless cyberattacks and data breaches in 2014, and that trend is expected to continue in 2015. Business leaders need to streamline their efforts to improve cybersecurity protocols to prevent outside breaches, along with defending accidental and intentional insider threats posed by employees.
"Because of the multitude and sophistication of both internal and external attack vectors, cybersecurity is perhaps the most daunting operational challenge facing organizations today," said JF Roy, CTO of TIBCO LogLogic, in a statement to TweakTown.
As companies and government departments scramble to fix potential security problems, they are throwing money at the problem - but that can be a futile effort if they don't understand why these incidents occurred in the past.
Barrett Brown, a writer and activist linked to the Anonymous hacker group, has been sentenced to five years in prison for sharing stolen data and threatening an FBI agent. Brown pleaded guilty to obstructing the execution of a search warrant, accessory to an unauthorized access of a protected computer and making Internet threats.
Brown's tweets and posted YouTube videos helped generate unwanted attention by federal investigators, and the 33-year-old was blamed for sharing data stolen from the Stratfor private defense contractor. He originally could have faced more than 100 years if convicted - and after time served in custody already - must serve three more years.
"If I criticize the government for breaking the law, but then break the law myself in an effort to reveal their wrongdoing, I should expect to be punished just as I've called for the criminals at government-linked firms to be punished," Brown said before he was sentenced. "When we start fighting crime by any means necessary, we become guilty of the same hypocrisy as law enforcement agencies throughout the history that break the rules to get the villains, and so become villains themselves."
Police in Israel have reportedly arrested a hacker accused of stealing unfinished songs from Madonna's latest album. Adi Lederman, a 38-year-old Israeli, will face charges related to intellectual property theft and aggravated fraud, and has allegedly stolen and sold other music online.
Madonna's album "Rebel Heart" is scheduled for release in March, but songs were leaked online in December. Not surprisingly, the musician asked fans not to listen to the stolen songs, pleading to music fans that the song theft was the equivalent of a personal and professional violation.
"I am profoundly grateful to the FBI, the Israeli Police investigators and anyone else who helped lead to the arrest of this hacker," Madonna wrote on her Facebook page. "I deeply appreciate my fans who have provided us with pertinent information and continue to do so regarding leaks of my music. Like any citizen, I have the right to privacy. This invasion into my life - creatively, professionally, and personally remains a deeply devastating and hurtful experience, as it must be for all artists who are victims of this type of crime."
A whopping 93 percent of organizations are vulnerable to insider threats, and the problem continues to be confusing for business leaders, according to Vormetric's "2015 Insider Threat Report." The threat report also discovered 59 percent of respondents believe privileged users pose the biggest threat to their organization, and preventing a data breach is a major priority for IT security spending.
Trying to keep companies secure from insider threat - both accidental and malicious - is a problem that only seems to be getting worse, as companies are unsure how to address evolving security problems. As such, experts are concerned the number of massive data breaches, which captured headlines in 2014, will continue in 2015 while companies remain flustered.
"As the past year demonstrates, these threats are real and need to be addressed," said Alan Kessler, CEO of Vormetric. "Organizations wishing to protect themselves must do more than take a data-centric approach; they must take a data-first approach. Although we are heartened that 92 percent of organizations plan to maintain or increase their security spending in the coming year, our larger concern is about how they plan to spend that money."
Just 56 percent of employees believe their password habits in the workplace are secure, according to Software Advice's "Password Use in the Workplace" report. Companies are struggling to teach their employees to hold more responsibility with security, and the problem will continue throughout 2015.
"Our findings suggest that users either remain unaware of the rules despite the hype, do not believe them to be good advice or simply find them too burdensome, and thus opt for less secure passwords," according to the report.
Proper cybersecurity must start from the top and trickle down to regular employees, though that doesn't seem to be happening, according to the survey. Only 54 percent of employees report their employers require them to create complex passwords.
US government departments are increasingly worried about high-profile data breaches, with cyberattacks targeting US infrastructure increasing, according to General Dynamics. US military spending has declined, but due to rising cybersecurity threats, spending to help defend networks has grown significantly in certain sectors.
Cybersecurity related to preventing insider threats has proven popular, with up to five government departments interested in insider threat protection over past few months. Trying to defend against threats from the inside can be extremely difficult, but cybersecurity experts tend to look for unusual employee behavior before information is compromised.
"Across the board, I see this as still being a growth area for us," said Nadia Short, VP and GM of cyber systems at General Dynamics, when speaking to Reuters. The contractor has merged its cyber and engineering departments, providing additional expertise and streamlined security developments.
It would appear China was able to steal details regarding F-35 fighter jets being sold to the Australian military, according to former NSA contractor Edward Snowden - but the US Pentagon said classified data on its F-35 fighter program remains safe.
"Classified F-35 information is protected and remains secure," according to a statement published by Reuters. US government departments and its contractors face a high volume of Internet-based attacks, with criminals interested in stealing information - which can be used or sold - as organized state-sponsored attacks continue to increase.
Meanwhile, the Chinese government said the accusations revealed by Snowden are "groundless," though China is known to conduct cyberespionage campaigns against military and political rivals.
Sixty-one percent of companies increased their cybersecurity budgets by an average of 34 percent in 2014, despite a number of high-profile data breaches still taking place, according to Identity Finder and the Ponemon Institute. Companies showed the most interest in the following security resources: Security incident and event management (SIEM), endpoint security, intrusion detection and prevention, encryption, and Web application firewalls.
Companies want to step up spending related to cybersecurity, but must ensure they are investing resources in the appropriate places. For companies breached, the information is rather frightening: 95 percent didn't discover a breach for at least three months, while 46 percent admitted they found a data incident on accident.
"This study shows that organizations are dedicating greater attention and financial resources towards managing sensitive information and preventing data breaches, which is certainly encouraging news," said Dr. Larry Ponemon, founder and chairman of the Ponemon Institute. "However, 2015 is predicted to be as bad or worse as 2014 as more sensitive and confidential data and transactions are targeted by attacks and collateral damage."
The US government has increased concerns related to cybersecurity, and a new report compiled by Michael Gilmore, director of operational test and evaluation (DOT&E), likely won't help alleviate those worries. In the published 366-page report, it was discovered that almost all U.S. weapons programs tested during 2014 faced "significant vulnerabilities" related to cyberattacks.
Problems included unpatched and aging software, misconfigured network protocols, and similar issues - opening the door to potential security concerns.
"Cyber adversaries have become as serious a threat to U.S. military forces as the air, land, sea and undersea threats represented in operational testing for decades," according to the report. "The continued development of advanced cyber intrusion techniques makes it likely that determined cyber adversaries can acquire a foothold in most (Department of Defense) networks, and could be in a position to degrade important DOD missions when and if they chose to."