What happens when you have an unlocked door at the home of and employee at the top U.S. nuclear weapons laboratory? How about 3 stolen computers with yet to be disclosed data, that was said to be non-classified. We hope. Were the computers stolen to be resold for crack? Or for nuclear weapons secrets? We may never know. Or we may find out the hard way.
At the Los Alamos National Laboratory in Santa Fe New Mexico dozens more (67 total) systems are currently listed as missing. Officials are conducting a full review of the lab’s policies and procedures governing the use of official computers at employees’ homes.
Situations like this are common in every industry with every conceivable form of data. We just wish it wasn’t data from a nuclear weapons facility.
Its important to point out that the facility has as many as 40,000 computers including desktops, laptops, PDAs, printers and so on. Do the math, less than a .25 percent lost or stolen. The lab has been documented at a better than 99.5 accountability rate.
We know there is no such thing as 100% security whether protecting from hardware or data thieves. Security is an ongoing, never ending, consistent, on your toes, don’t let your guard down, vigilant process.
And its not just criminal hackers causing big problems, lowly burglars looking for their next bag of dope stole a laptop computer from the home of a government employee containing 26.5 million Social Security Numbers, a US primary identifier. This $500 laptop cost millions.
Can you say your organization has a 99.5% success rate?
What policies do you have in place to foster a security minded culture? Here are just a few bullets as examples for you to add too.
# Cover all organizational systems used for processing, storing or transmitting personal information.
# Security risks faced assessed in the development of the policy
# Cost-effective measures devised to reduce the risks to acceptable levels
# Monitored and periodically reviewed.
# Staff and management made aware of the protective security policies and how to implement them.
In a Microsoft press release a global bounty has been offered for the arrest and prosecution of whoever has created and released the “conficker” virus.
Conficker was released in the last quarter of 2008 and has infected a wide estimate of 2 million to 10 million PCs. After issuing patches, Microsoft estimates approximately 3 million PCs globally are still compromised.
However none of the PCs infected with the conficker are displaying any of the characteristics generally exhibited by the recent spate of viruses offering a remote control component and often used to host spoofed websites and other malicious fraud related activities.
Although, this virus is designed to constantly ping some 250 different domains that were most likely controlled by the criminal hackers that created it. The virus acts like any software calling home looking for an update, checking time/dates stamps and what version is running.
It is widely believed that conficker is waiting for its next set of updates to unleash the endgame its writers had in mind. BRILLIANT!
Many who study conficker as it phones home have been monitoring the 250 domains looking for the next “update”.
Each of these top level domains include .com, .net and .org. All of which fall under Internet Corporation for Assigned Names and Numbers (ICANN), who heads up the domain registration industry. ICANNs rules prohibit such reserving of domains. ICANN then worked with registrars in heading off any future registration of conficker sought domains.
What has been out of the control of ICANN has been .ws and .cn (China) based domains and due to the ferocity of conficker and negocitions by ICANN, China and other global registrars have agreed to make it difficult for conficker to continue to control its 250 base domains or seek others along the string.
What we are seeing here is a global effort by international agency’s, security professionals from around the world and Microsoft working together to defeat an unknown attacker, that if left un-matched, could infect a significant portion of the worlds computers.
This story is not over.
Robert Siciliano Identity Theft Expert-Speaker video discussing rise in identity theft Here
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2009-02-17 07:34:032009-02-17 07:34:03Quarter Million Dollar Bounty for Criminal Hacker
(BOSTON, Mass. – May 1, 2008 – IDTheftSecurity.com) Reports of at least three-quarters of a million data records stolen from various organizations surfaced over the past two weeks. This latest round in the relentless march of data loss gave renewed consumers’ reasons to worry about the safety of their financial data in the hands of large institutions, said widely televised and quoted personal security and identity theft expert Robert Siciliano.
"Consumers worldwide continue to lose confidence in institutions entrusted with individuals’ sensitive financial data," said Siciliano. "With every thousand data records lost, organizations lose the psychological bond of trust they’ve forged with the corresponding thousand customers and other stakeholders."
CEO of IDTheftSecurity.com and a member of the Bank Fraud & IT Security Report‘s editorial board, Siciliano leads Fortune 500 companies and their clients in workshops that explore consumer education solutions for security issues. An experienced identity theft speaker and author of "The Safety Minute: 01," he has discussed data security and consumer protection on CNBC, on NBC’s "Today Show," on FOX News, and elsewhere.
Security breaches reported during the latter half of April and occurring at just three organizations led to the loss of more than three quarters of a million unique data records. Another breach resulted in the theft of an additional, undisclosed number of unique data records. The news lent validation, Siciliano observed, to research reported in a recent news release from Bankrate, Inc. indicating that 80 percent of Americans are concerned about identity theft.
An April 28th update to an earlier report on RTÉ News indicated that the theft of laptop computers from the Bank of Ireland exposed to thieves 30,000 customers’ medical records, bank account details, names, addresses and dates of birth.
Also on April 28, a vnunet.com reported that a back-up tape belonging to U.K.-based Boots Dental Plan had gone missing from Medisure, the administrating company, on April 3. The loss left the whereabouts of approximately 35,000 customers’ and employees’ data records in question, according to the report.
On April 22, IDG News Service reported a security breach at LendingTree. The incident, according to the report, exposed customers’ data records to unscrupulous activities by employees of the online mortgage company who may have shared the information with other lenders. Reports as of April 28th indicated that LendingTree had yet to disclose the number of customers affected.
On April 21, Dark Reading reported the theft of a server and PC computers from the offices of Indiana-based debt collections company Central Collections Bureau leaving the personal data of around 700,000 customers at risk of further foul play. The information lost included addresses, Social Security numbers, and some customers’ medical codes.
"These are only the largest of recent, reported breaches," said Siciliano. "The fact of the matter is that consumers are really in the dark when it comes to knowing just how many of their unique data records are falling prey to thieves. The real tally is likely even higher. Anyone with a credit history or medical history — in other words, everyone — is smart to be concerned."
The YouTube video below shows Siciliano on "FOX Newschannel," where he discusses the recent data security breach at Hannaford Bros. and provides affected consumers with the tips they need to avoid paying for fraudulent charges to their bank accounts and credit accounts. Those wishing to learn how to protect themselves against identity theft may view video of Siciliano at VideoJug.
###
About IDTheftSecurity.com
Identity theft affects us all. Robert Siciliano, CEO of IDTheftSecurity.com and member of the Bank Fraud & IT Security Report‘s editorial board, makes it his mission to provide consumer education solutions on identity theft to Fortune 500 companies and their clients.
A leader of personal safety and security seminars nationwide, Siciliano has been featured on "The Today Show," CNN, MSNBC, CNBC, "FOX News," "The Suze Orman Show," "The Montel Williams Show," "Maury Povich," "Sally Jesse Raphael," "The Howard Stern Show," and "Inside Edition." The Privacy Learning Institute features him on its Website. Numerous magazines, print news outlets, and wire services have turned to him, as well, for expert commentary on personal security and identity theft. These include Forbes, USA Today, Entrepreneur, Woman’s Day, Good Housekeeping, The New York Times, Los Angeles Times, Washington Times, The Washington Post, Chicago Tribune, United Press International, Reuters, and others.
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2008-04-30 15:02:362008-04-30 15:02:36Identity Theft Expert and Speaker on Personal Security: Reported Losses of Data Records during Last Two Weeks Further Erode Consumer Confidence
(BOSTON, Mass. – April 29, 2008 – IDTheftSecurity.com) Today, MyLaptopGPS™ announced its relationship with Laptops for the Wounded to equip the charitable organization’s laptop computers for injured U.S. soldiers with security technology that protects the machines from thieves. To date, MyLaptopGPS has equipped more than 80 mobile computers for Laptops for the Wounded with antitheft technology that allows users at once to delete and silently retrieve data stored on a lost or stolen machine.
“My military service, patriotism and love of America were the motivation for my involvement with Laptops for the Wounded,” said Phil Drouin, vice president of Laptops for the Wounded and a member of its board. “My passion is helping my former brothers in arms who were wounded keeping America and her citizens free. MyLaptopGPS’ generous donation has closed out an early concern of mine, which was the theft of laptops from the hospitals we donate them to.” Drouin is also Information Technologies Project Manager for UnitedHealth Group.
Laptops for the Wounded is a charitable organization that provides hospitals for military personnel with free, webcam-equipped laptop computers. Soldiers wounded on the battlefield are then able to communicate with family as they recuperate far from home.
Last year, TheAssociated Press covered the organization’s donation of 10 mobile computers to the Walter Reed Army Medical Center in Washington, D.C. In March of 2008, Laptops for the Wounded returned to Walter Reed with an additional 18 laptop computers, all equipped with MyLaptopGPS’ security technology.
MyLaptopGPS combines Internet-based GPS tracking — which, for tracking and retrieving stolen laptops, is more effective than other forms of GPS — with other functionalities to secure mobile computing devices. Users launch MyLaptopGPS’ features remotely, protecting data even while the machine is in a criminal’s hands. Once connected to the Internet, the software silently retrieves, and then deletes, files from machines as it tracks the stolen or missing hardware — at once returning the data to its rightful owner and removing it from the lost computer.
“The loss of personal data to thieves can devastate anyone’s finances,” said Dan Yost, chief technology officer at MyLaptopGPS. “For a soldier wounded on the battlefield and in a hospital thousands of miles from home, this devastation can be especially catastrophic. It’s the reason why MyLaptopGPS decided to donate laptop security technology to protect injured soldiers fortunate enough to have access to mobile computers from Laptops for the Wounded.”
“Those who protect our country deserve the very best protection themselves,” said Robert Siciliano, a widely televised and quoted personal security and identity theft expert and CEO of IDTheftSecurity.com. “MyLaptopGPS’ generous contribution to a worthy cause promises to help spare countless military veterans from identity theft and other crimes.”
According to USA Today, theft of personal data more than tripled in 2007. Readers may view a video below of Siciliano discussing this news on the new “FOX Business” network. To learn more about identity theft, a major concern for anyone who’s lost a laptop computer to thieves, readers may go to video of Siciliano at VideoJug.
###
###
About MyLaptopGPS™
Since 1984, Tri-8, Inc. (DBA MyLaptopGPS.com) has specialized in complete system integration. From real-time electronic payment processing software to renowned mid-market ERP implementations, the executive team at MyLaptopGPS has been serving leading enterprises and implementing world-class data systems that simply work. With MyLaptopGPS™, Tri-8, Inc. brings a level of expertise, dedication, knowledge and service that is unmatched. MyLaptopGPS’ rock-solid performance, security, and reliability flow directly from the company’s commitment to top-notch software products and services for almost 25 years.
About IDTheftSecurity.com
Identity theft affects us all, and Robert Siciliano, CEO of IDTheftSecurity.com and member of the Bank Fraud & IT Security Report‘s editorial board, makes it his mission to provide consumer education solutions on identity theft to Fortune 500 companies and their clients. A leader of personal safety and security seminars nationwide, Siciliano has been featured on “The Today Show,” CNN, MSNBC, CNBC, “FOX News,” “The Suze Orman Show,” “The Montel Williams Show,” “Maury Povich,” “Sally Jesse Raphael,” “The Howard Stern Show,” and “Inside Edition.” The Privacy Learning Institute features him on its Website. Numerous magazines, print news outlets, and wire services have turned to him, as well, for expert commentary on personal security and identity theft. These include Forbes, USA Today, Entrepreneur, Woman’s Day, Mademoiselle, Good Housekeeping, The New York Times, Los Angeles Times, Washington Times, The Washington Post, Chicago Tribune, United Press International, Reuters, and others.
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2008-04-30 14:57:132008-04-30 14:57:13Identity Theft Expert:MyLaptopGPS™ Helps Laptops for the Wounded by Equipping the Nonprofit’s Computers with Antitheft Security
(BOSTON, Mass. – Jan. 24, 2008 – IDTheftSecurity.com) The theft of a laptop computer belonging to the British Ministry of Defense sheds doubt on mobile computer security worldwide, said Robert Siciliano, a widely televised and quoted personal security and identity theft expert. He directed firms to MyLaptopGPS™, whose technology helps to prevent the massive data breaches associated with laptop computer theft.
“Those who specialize in the defense of nations should be leading the way in laptop computer security,” said Siciliano. “Instead, one of the world’s premiere defense departments has been shown to be unforgivably vulnerable to the loss of its mobile computers. Apparently, problems with security for laptop computers run deep worldwide.”
On Jan. 19 numerous news outlets reported the overnight theft, from a car, of a laptop computer belonging to the British Ministry of Defense. According to these reports, the lost mobile computer housed sensitive, identifying information on serving personnel and others that had come into contact with the military. Further reports then revealed that the British Ministry of Defense had lost hundreds of mobile computers over many years’ time and in fact was unsure of the exact number.
An unrelated article from the IDG News Service on Jan. 14 showed the potential amount of money that an organization might pay in the wake of losing even a single laptop. Tennessee’s Davidson County Election Commission, which lost a mobile computer containing the Social Security numbers of 337,000 registered voters in December, stood to spend $1 million on identity theft protection for the victims.
“Any organization, not just one whose focus is defense, can easily protect its fleets of laptop computers for less than pennies on the millions of dollars that bad security ultimately costs,” said Dan Yost, chief technology officer at MyLaptopGPS. “The alternative, to do nothing, is to court the possibility of financial disaster.”
MyLaptopGPS combines Internet-based GPS tracking — which, for tracking and retrieving stolen laptops, is more effective than other forms of GPS — with other functionalities to secure mobile computing devices. Users launch MyLaptopGPS’ features remotely, protecting data even while the machine is in a criminal’s hands. Once connected to the Internet, the software silently retrieves, and then deletes, files from machines as it tracks the stolen or missing hardware — at once returning the data to its rightful owner and removing it from the lost computer.
MyLaptopGPS also offers SafeRegistry™, a comprehensive system for inventorying entire fleets of mobile computers, as well as a full line of highly renowned SafeTags™, which are police-traceable property tags designed to secure iPods, cell phones, BlackBerry devices, and other mobile property. A downloadable demo of MyLaptopGPS is available.
The October 2007 issue of Bank Fraud & IT Security Report, a newsletter published only in hard copy, ran “The Seven Layers of Laptop Security,” an article by Siciliano and Yost. A white paper adaptation of that article is available from MyLaptopGPS.
Readers may view YouTube video below of “NBC 7 Chicago” footage featuring Yost delivering comments for a televised news report that covered the April 2007 theft of two laptops that stored 40,000 Chicago Public School teachers’ Social Security numbers.
According to USA Today, theft of personal data more than tripled in 2007. Readers may view video of Siciliano below discussing this news on the new “FOX Business” network. To learn more about identity theft, a major concern for anyone who’s lost a laptop computer to thieves, readers may go to video of Siciliano at VideoJug.
###
About MyLaptopGPS
Since 1984, Tri-8, Inc. (DBA MyLaptopGPS.com) has specialized in complete system integration. From real-time electronic payment processing software to renowned mid-market ERP implementations, the executive team at MyLaptopGPS has been serving leading enterprises and implementing world-class data systems that simply work. With MyLaptopGPS™, Tri-8, Inc. brings a level of expertise, dedication, knowledge and service that is unmatched. MyLaptopGPS™’s rock-solid performance, security, and reliability flow directly from the company’s commitment to top-notch software products and services for almost 25 years.
About IDTheftSecurity.com
Identity theft affects us all, and Robert Siciliano, CEO of IDTheftSecurity.com and member of the Bank Fraud & IT Security Report‘s editorial board, makes it his mission to provide consumer education solutions on identity theft to Fortune 500 companies and their clients. A leader of personal safety and security seminars nationwide, Siciliano has been featured on “The Today Show,” CNN, MSNBC, CNBC, “FOX News,” “The Suze Orman Show,” “The Montel Williams Show,” “Maury Povich,” “Sally Jesse Raphael,” “The Howard Stern Show,” and “Inside Edition.” The Privacy Learning Institute features him on its Website. Numerous magazines, print news outlets, and wire services have turned to him, as well, for expert commentary on personal security and identity theft. These include Forbes, USA Today, Entrepreneur, Woman’s Day, Mademoiselle, Good Housekeeping, The New York Times, Los Angeles Times, Washington Times, The Washington Post, Chicago Tribune, United Press International, Reuters, and others.
https://safr.me/wp-content/uploads/2008/01/IDtheftSec_blog.jpg00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2008-01-23 19:43:172018-04-27 10:00:34MyLaptopGPS and Identity Theft Expert: Massive Holes in Laptop Computer Security Can Cost Organizations Millions
(BOSTON, Mass. – Oct. 10, 2007 – IDTheftSecurity.com) According to reports, researchers in the U.K. have found that security there is not a priority for those in charge of the many devices and business networks that enable computer users to be mobile. Robert Siciliano, a widely televised and quoted personal security and identity theft expert, said the research, combined with news of recent thefts of laptop computers belonging to major U.S. universities’ professors, underscored the fact that organizations of kinds must take mobile computing security seriously.
“Whether in the U.S. or the U.K.,” said Siciliano, “the security surrounding laptop computers and the tools that enable their users to be mobile and connected is evidently still lacking. And yet technologies such as Internet-based GPS and electronic inventorying are easy to use and cost pennies to the thousands, even millions, of dollars that typify data security snafus.”
CEO of IDTheftSecurity.com and a member of the Bank Fraud & IT Security Report’s editorial board, Siciliano leads Fortune 500 companies and their clients in workshops that explore consumer education solutions for security issues. A longtime identity theft speaker and author of “The Safety Minute: 01,” he has discussed data security and consumer protection on CNBC, on NBC’s “Today Show,” FOX News, and elsewhere.
So far this fall, laptop computers at two major U.S. universities have been stolen. Both computers were under professors’ custody when they went missing. One of the incidents occurred at the University of Iowa and, according to the report in the Oct. 8th DesMoines Register, placed 100 students’ Social Security numbers at risk. Students at Carnegie Mellon University faced similar concerns when two laptop computers containing Social Security numbers were stolen from a computer science professor’s office, according to an Oct. 8th report in the school’s paper, The Tartan.
Last month, vnunet.com reported on the Benchmark of IT Strategy 2007, a report produced by the Manchester, U.K.-based National Computing Centre. According to the Sept. 6th article in vnunet.com, although data from the report suggested that attention to laptop security is on the rise, findings from the report also revealed that “40 percent of respondents have either not secured, or only partially secured, their wireless networks” and that “only 11 percent have any kind of security system in place to govern” the use of portable storage devices.
“Wireless networks, portable storage devices, and the like are often used in conjunction with, and facilitate, mobile computing,” said Siciliano. “Any lack of attention to the security of these elements eventually affects the security of laptop computers themselves.”
Organizations that need an affordable, simple solution for laptop security may turn to MyLaptopGPS™. The product combines Internet-based GPS tracking — which, for tracking and retrieving stolen laptops, is more effective than other forms of GPS — with other functionalities to secure mobile computing devices. Users launch MyLaptopGPS’ features remotely, protecting data even while the machine is in a criminal’s hands. Once connected to the Internet, the software silently retrieves, and then deletes, files from machines as it tracks the stolen or missing hardware — at once returning the data to its rightful owner and removing it from the lost computer.
MyLaptopGPS also offers SafeRegistry™, a comprehensive system for inventorying entire fleets of mobile computers. A downloadable demo of MyLaptopGPS is available.
“Laptop computers, along with the ancillary devices and networks that make them truly mobile in functionality, are ripe targets for thieves,” said Dan Yost, chief technology officer at MyLaptopGPS. “Smart organizations acknowledge this and take actions to counter the threat, and MyLaptopGPS’s products give their actions teeth by providing intuitive, robust, and affordable mobile computing security, a major cornerstone of the effort to thwart high-tech criminals.”
The October 2007 issue of Bank Fraud & IT Security Report, a newsletter published only in hard copy, ran an article by Siciliano and Yost on the seven layers of laptop computer security. Readers may view YouTube video below of “NBC 7 Chicago” footage featuring Yost delivering comments for a televised news report that covered the April 2007 theft of two laptops that stored 40,000 Chicago Public School teachers’ Social Security numbers. To learn more about identity theft, a major concern for anyone who has been affected by the theft of a laptop computer, readers may go to video of Siciliano at VideoJug.
###
About MyLaptopGPS
Since 1984, Tri-8, Inc. (DBA MyLaptopGPS.com) has specialized in complete system integration. From real-time electronic payment processing software to renowned mid-market ERP implementations, the executive team at MyLaptopGPS has been serving leading enterprises and implementing world-class data systems that simply work. With MyLaptopGPS™, Tri-8, Inc. brings a level of expertise, dedication, knowledge and service that is unmatched. MyLaptopGPS™’s rock-solid performance, security, and reliability flow directly from the company’s commitment to top-notch software products and services for almost 25 years.
About IDTheftSecurity.com
Identity theft affects us all, and Robert Siciliano, CEO of IDTheftSecurity.com and member of the Bank Fraud & IT Security Report’s editorial board, makes it his mission to provide consumer education solutions on identity theft to Fortune 500 companies and their clients. A leader of personal safety and security seminars nationwide, Siciliano has been featured on “The Today Show,” CNN, MSNBC, CNBC, “FOX News,” “The Suze Orman Show,” “The Montel Williams Show,” “Maury Povich,” “Sally Jesse Raphael,” “The Howard Stern Show,” and “Inside Edition.” The Privacy Learning Institute features him on its Website. Numerous magazines, print news outlets, and wire services have turned to him, as well, for expert commentary on personal security and identity theft. These include Forbes, USA Today, Entrepreneur, Woman’s Day, Mademoiselle, Good Housekeeping, The New York Times, Los Angeles Times, Washington Times, The Washington Post, Chicago Tribune, United Press International, Reuters, and others.
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2007-10-10 15:50:462007-10-10 15:50:46Identity Theft Expert and Speaker on Personal Security Cites Research in Call for Organizations of All Kinds to Improve Their Mobile Computing Security Measures