Posts tagged: Cyberattack

Data Breach Prevention

Glaring headlines in the March 29, 2016 The American Lawyer detailed that 48 of our nation’s top law firms were specifically targeted by a Russian hacker seeking to trade on M&A information. Most of the firms found out they were a target only because their name was included in the article. On March 22, 2016 the FBI issued an alert warning law firms of criminals seeking access to their networks.

What should you do? First, realize that some of the largest firms have experienced breaches. And they have huge IT staff, and lots of money to throw at the problem. Don’t throw up your arms in disdain and say you have no chance by comparison. For firms of all sizes I recommend . . . READ MORE

Data Breach Prevention

It’s really not a question of IF your firm will experience a data breach at some point, but rather WHEN your firm will experience the breach. Don’t assume that your firm has no desirability as a target because of your size, or even your practice areas. Cyber criminals are increasingly targeting law firms of all sizes for private information about clients, which often enables them to more effectively target the client directly.  READ MORE

Another Cyberattack on a Major U.S. Bank

Citizens Bank of PA has been hit by cyberattacks, according to an article in Philadelphia Business Journal.  In keeping with my previous post on this topic, “Cyberattacks on U.S. Banks – Are You Safe?” these attacks are still being blamed on Iran, despite their continued denial of involvement.

Thus far the financial institutions have spent millions trying to shore up their security and ward off attacks.  At this point, they are requesting assistance of the U.S. government, according to an article in the Wall Street Journal.  This is significant, coming from an industry which flatly rejected the imposition of security measures previously.

Cyberattacks on U.S. Banks – Are You Safe?

McAfee warned of this months ago, and their predictions are coming true.  U.S. Banks are under attack.  As are some cloud providers, for that matter.  The attacks are more massive and organized than ever before.  An article in CNet News on December 13, 2012 revealed that a report released by McAfee Labs predicted an impending attack on U.S. financial institutions — dubbed Project Blitzkrieg — was a “credible threat.”

Project Blitzkrieg is believed to be headed by an individual known as vorVzakone, according to McAfee. In September, vorVzakone announced a massive fraud campaign to be launched against 30 U.S. banks in spring 2013. VorVzakone also put out a call to arms for fellow hackers to join his cause. The attacks are said to be done with a highly developed Trojan that could infect victims’ computers, plant software, and allow cybercriminals to steal information and money.

Rather than being a sweeping attack, McAfee said the campaign will selectively target accounts at investment banks, consumer banks, and credit unions. Going after selected groups makes it easier for vorVzakone to stay under the radar and not be detected by network defenses, according to McAfee.

The attack was to expected to hit hard in Spring, 2013.  But it looks like plans have moved up a bit.  And are not being executed as predicted.  A January 10, 2013 article in the Philadelphia Business Journal carried the title “PNC, Wells Fargo Cyberattacks Work of Iran, U.S. Believes. ”  The real story is based on a January 8, 2013 article in the New York Times entitled “Bank Hacking Was the Work of Iranians, Officials Say“:

But there was something disturbingly different about the wave of online attacks on American banks in recent weeks. Security researchers say that instead of exploiting individual computers, the attackers engineered networks of computers in data centers, transforming the online equivalent of a few yapping Chihuahuas into a pack of fire-breathing Godzillas.

The skill required to carry out attacks on this scale has convinced United States government officials and security researchers that they are the work of Iran, most likely in retaliation for economic sanctions and online attacks by the United States.

Since September, intruders have caused major disruptions to the online banking sites of Bank of America, Citigroup, Wells Fargo, U.S. Bancorp, PNC, Capital One, Fifth Third Bank, BB&T and HSBC.

A hacker group calling itself Izz ad-Din al-Qassam Cyber Fighters has claimed in online posts that it was responsible for the attacks. . . . But American intelligence officials say the group is actually a cover for Iran. They claim Iran is waging the attacks in retaliation for Western economic sanctions and for a series of cyberattacks on its own systems.

Iranian officials emphatically deny any connection with the attacks.  However, the attackers allegedly stated last week that they had no intention of halting their campaign. “Officials of American banks must expect our massive attacks,” they wrote. “From now on, none of the U.S. banks will be safe.”

I don’t know what I believe about who or what is behind these attacks.  I do believe that the threat, no matter the source, is very real.  Thus far there has been no theft; simply a consistent disabling of the bank’s abilities to service online customers.  However, I have no doubt that this is camouflage designed to distract security professionals from the eventual real consequences of these attacks, which has the potential to create havoc with assets of individuals and businesses. 

What do you need to do? 

  1. Be mindful of the insurance limits which apply to all of your combined accounts.  (Excluding IOLTA.  See “Unlimited FDIC Insurance on IOLTA Accounts Due to Expire” for further details about this issue.) 
  2. Make sure that you are not dependent on online banking for essential transactions.  Even if you do your deposits and bill paying remotely, have good old-fashioned deposit slips and checks handy. 
  3. Be sure you print out your monthly statements if you do electronic review.  You may need to access your information quickly at a time when your financial institution is trying to clean up a mess.  Those with an audit trail of their own will always fare better.
  4. Be careful about where you conduct your business.  Never log onto your secure encrypted accounts from a public computer, or over a public WiFi connection.
  5. If you don’t have a password on your smartphone, netbook and/or tablet, put one on immediately.  Yes, I know it’s a pain that after 3 – 10 minutes of idle time you have to put in a password to resume work.  On the other hand, no one can pick up your device when you’re not looking, and find your autologin information for your bank!
  6. Be especially wary of any so-called email communications from your banking institutions asking you to logon and reset your password, enter your SSN, or other sensitive information, and especially if they provide you with a link to do so.  Verify the legitimacy of the request by calling the institution on the phone before clicking on the link.  Nowadays sophisticated fraudsters create web sites that are so close to the real thing it can fool most people into entering sensitive information.

These are just a few quick thoughts to get this issue on your personal radar screen.  I encourage you to add your thoughts in terms of what we need to do to protect our firms, ourselves, and our clients.

WordPress Themes