Category: Breach

  • iot-units-installed-category

    What to Do When Mobile and IoT Explode the Attack Surface

    Information security was hard enough when we had to lock down all of the servers, desktops and laptops. That seems like child’s play compared to what we face now. You could pretty easily count your server infrastructure and PCs were simply a function of your company employee count. Mobile and Internet of Things (IoT) change that equation as we outlined earlier this week in our new White Paper, Take Back Control of Your Information Security. I thought I’d cover part of the ground from that analysis and expand on a…

  • IKANOW Take Back Control of Your Information Security White Paper

    White Paper: Why Infosec Pros Feel a Loss of Control and How to Get It Back

    Information Security has always been a tough job. All defenses have cracks and attackers know more about you than you do about them. Everyone recognizes the challenge is increasing each year. There are three trends driving this situation and causing information security professionals to feel like they have less control than ever before: A rapidly expanding attack surface to defend The continued rise in both attack volume and sophistication The growing number of installed information security security tools that create data silos and increased reliance on vendors The IKANOW team…

  • Ransomware-attacks-increase-768x542


    Ransomware has certainly captured the attention of the media and hospitals across the country.  The poster child of this trend is Hollywood Presbyterian Medical Center (HPMC) in Los Angeles. Earlier this year, HPMC was the victim of a Ransomware attack and paid $17,000 to get the key and access their files again. More recently, the 10-hospital Medstar system in the Washington, DC area was attacked and asked for 45 bitcoins (about $18,500), although the hospital claims to have restored its data without paying the ransom. In between these attacks, three…

  • ransomware-targets-hospitals

    First Quarter Breach Report – 2016

    2015 was a record year for cybersecurity hacks with 3,930 data breach incidents reported. If the number of records compromised so far this year is any indication, 2016 is on pace to be another record-breaking year. The first quarter of 2016 saw a 6% increase in the number of records compromised over the same time period in 2015 and some new trends. The top dozen breaches of Q1 2016 include: New Trends Emerge In addition to a rise in records exposed, there are four key trends associated with first quarter…

  • March 14-2016 Featured

    Should We Celebrate that Breach Dwell Time is Now “Only” 21 Weeks?

    Mandiant recently released it annual The State of Cyber Attacks report and there is some potentially good news for the industry. A surface reading of the numbers shows that the time for an enterprise to become aware of a breach (note the careful word choice here) fell 29% in 2015 to 146 days. Reducing breach detection time by nearly two months is a move in the right direction. But how excited should we be? There are two problems with this number. 53% of breaches actually had a 320-day average dwell…

  • cyber-threat-calendar

    The Impact of Cybersecurity’s Top Breaches of 2015 – cyber incidents get bigger and go mainstream

    Target’s 2013 cybersecurity breach captured the attention of average Americans in a way that no previous incident had before. Once it was clear the company’s CEO was a casualty of the breach fallout, it also gained the attention of chief executives and corporate boards. This concern was only heightened by the 2014 Sony breach that was extensive in both scope and embarrassment. The Sony incident redefined for many the types of data that can damage a company both directly and indirectly. However, in 2014 it often seemed like cybersecurity breaches…

  • kyivoblenergo-customer-letter

    Critical Infrastructure Cybersecurity Risk Realized – Things Have Changed

    The Aurora Generator Test carried out by Idaho National Laboratory in 2007 introduced much of the world to the idea that a cyber hack could cause damage and disrupt electricity distribution. While the test was real, the hack required a successful intrusion first and there were no real-world incidents that actually realized electricity disruption – until last month. By now, most people in the information security community are aware of the hack on at least two Ukrainian power authorities in Ivano-Frankivsk region. As much as high-profile cybersecurity attacks ranging from…

  • IKANOW_Data-Breach-Graphic_Dec-2015_V2

    Significant Data Breaches – December 2015

    As 2015 came to an end, the number of significant data breaches did not slow down. IKANOW’s major breach index along with a recap of the major data breaches that took place in December 2015 are listed below. Hyatt Hotels – Unknown Number of Records Exposed – Malicious Outsider Hyatt Hotels recently discovered malware on it’s network designed to steal credit card information. There are few details about this breach however it makes our monthly breach list as it’s a major organization that joins other hotel chains in having major breaches this…

  • ikanow_nov_graphic

    Significant Data Breaches – November 2015

    IKANOW’s major breach index along with a recap of the major data breaches that took place in November 2015 are listed below.   VTech – 5 Million Records Exposed – Malicious Outsider   Vtech, manufacturers of e-learning products and cordless telephones, was breached this month, exposing the records of approximately 4.8 million adults and 200,000 children. Exposed data included contact information, login credentials, download histories and personal information such as children’s age, gender, and birthdays. Photographs and chat logs of children and parents using the Kid Connect service were also…

  • ikanow_oct_graphic-1024x820

    Significant Data Breaches – October 2015

    IKANOW’s major breach index along with a recap of the major data breaches that took place in October 2015 are listed below.   Emergence Health Network – 11,000 records exposed – malicious outsider   Emergence Health Network, a nonprofit health service in El Paso, released a statement this month saying that one of its computer servers was compromised “Through an unauthorized Internet connection” as far back as 2012. The breach exposed the information of about 11,200 patients. Although the organization is confident that no medical records were contained within the…