SC Department of Revenue Hacking: A Second Look

http://www.dreamstime.com/-image13309768

Since SC Taxpayers’ information has been hacked by criminals, what can businesses do to protect themselves from hackers?  While most organizations have network security with firewalls, firewalls may no longer be enough. It is easy enough for an experienced hacker to break through a firewall. More security can help, as well as knowing who is vulnerable to hacking and how the hackers operate.

If you are hacked, timing is critical.  The sooner you discover that you may have been hacked, the better. The SC incident points out that the time from the actual hacking to the notification was due in part to a lack on the part of SC’s ability to discover the hacking themselves—the Secret Service made the discovery.  

What can you do to beef up your security to protect against these crimes?

First, businesses need to be scrupulous about monitoring their internet security, remembering that compliance is NOT synonymous with actual security.  Just because you may be in compliance with requirements for security measures, you may not have any real security in place.  Most organized crime hackers are ahead of companies.  These criminals target business and government, both of which are vulnerable to being hacked, especially since the criminals make hacking into business and government their priority.

 Second, all computer information needs to be closely monitored to keep the hackers from using employees (through emails, social networks, etc.) to access private information.

What to do? Some ways to protect your business are:

  • Improved security (internal and physical security: cloud servers, vendors, and the company’s own sites)
  • Planned defense measures in the event of a hack
  • Rapid detection  (SC’s delay in discovery and notification was detrimental)
  • Careful monitoring (of employees and systems)
  • A security provider (hiring one is a good idea for small companies)

Spending money on beefing up security is worth the expense.  Having someone onsite who is in charge is imperative for protection from hackers.

While nothing in cyberspace is foolproof, taking certain measures to improve company security can make a difference in the constant battle to protect secure, sensitive information from hackers.

Of course, Cyber Risk Insurance is a critical part of the equation to protecting the governmental entity or private business against cyber crime.

Source: Protect Data from Lurkers and Hackers COLUMBIABUSINESSMONTHLY.COM, December 2012.

1 vote, 5.00 avg. rating (90% score)
Categories: Breach Of Security, Cyber Liability, Identity Theft

Cyber Liability Claims Not Covered Under Most General Liability Policies

General Liability policies cover lawsuits alleging bodily injury, property damage, personal injury, and advertising injury.  The property damage coverage requires damage be to tangible property as opposed to intangible property.

Most data breaches include damage to intangible property stored on hard drives.  As a result, General Liability carriers argue that there is no coverage for data breach.  However, General Liability carriers are increasingly providing endorsements for Data Breach.

The purchase of stand-alone Cyber Risk policies are becoming increasingly common for businesses with data breach exposure.  Of course, these policies cover a lot more than just data breach.  Other coverages include Media Liability, Cyber Extortion, Denial of Service, and loss of business income.

Source:  Business Insurance, April 2, 2012

1 vote, 4.00 avg. rating (80% score)
Categories: Breach Of Security, Cyber Liability, Identity Theft, Theft

Smart Phone Security Risks

The spammers and cyberthieves haven’t given up and gone home. Instead they are moving with the times and stirring up trouble in other ways, targeting smartphones and social networkds, which offer vast amounts of personal information.

The popularity of “apps” is opening the door to a wide range of suspicious and malicious applications. Locative services such as Foursquare and Fowalla are also a potential problem. These services allow you to easily search, track, and plot the wherabouts of friends and strangers. But cybercriminals can use this information to craft targeted attacks, according to McAfee.

The main way to combat breaches, [Beeson] said, is by encrypting the information. But the McAfee report noted that because of our historically fragile cellular infrastructure and slow strides toward encryption, user and corporate data may face serious risks.

Source: Patricia Vowinkel, February 17, 2011

0 votes, 0.00 avg. rating (0% score)
Categories: Breach Of Security, Cyber Liability, Identity Theft

Recent Security And Privacy Claims Paid By Chartis

I came across an eye opening article from Chartis Insurance Company about real claims scenarios of payments made by their Executive Liability policy form. Most of the payements are over $1,000,000 and involve data breach caused by hackers and rogue employees.

Read Article: Security & Privacy Claims Marketing Sheet

Source: Chartis Insurance Company, Security & Privacy Claims Scenarios, September 2010

1 vote, 4.00 avg. rating (80% score)
Categories: Crime, Identity Theft

Prevent Scammers From Figuring Out Your Social Security Number

I came across an excellent article that explains how easy it is for scammers to decode your Social Security number.  I always wondered how they did this.

Carnegie Mellon University researchers only need two pieces of information to guess SSNs in a recent study published in the Proceedings of the National Academy of Sciences.  The study implies that knowledge of your hometown and your birth date allows scammers to discover most of, if not all, of the nine digits of your Social Security number.

$50 can buy your SSN from dozens of websites used by private investigators, businesses conducting credit checks, and savvy scammers who know your name, birth date, and current address.
Read more →

1 vote, 1.00 avg. rating (50% score)
Categories: Crime, Identity Theft