Murder in Pyongyang

Christopher Burgess Blog, National Security Issues

The world collectively learned of the passing of Otto Warmbier, the U.S. student who was held in North Korea. Let me correct this, Otto Warmbier who was murdered by the Kim Jung Un regime. Warmbier had the audacity to lift a poster off a wall (think souvenir) and was arrested for taking the wall poster. Warmbier was then tried by the …

Dmitry Dokuchaev – Playing Both Sides?

Christopher Burgess Blog, Russia

Dmitry Dokuchaev, Major in the Russian Federal Security Service of the Russian Federation (FSB; Russian: Федеральная служба безопасности Российской Федерации (ФСБ)), was arrested by the Russian FSB and charged with treason in December 2016 (see: Russian FSB cybersecurity implosion continues with more arrests). On 28 February 2017, Dokuchaev is indicted by the United States on charges of Espionage, Computer Fraud and a host …

Social Engineering: From Qatar With Love – Cyber espionage

Christopher Burgess Blog, Information Security

Is the Government of Qatar perfecting their social engineering or is this a case of Qatar vigilantism? A recent write-up by Claudio Guarnieri, a security researcher working for Amnesty International, leans toward nation state sponsorship, exercising what he describes as “Operation King Phish“.   A review of Guarnieri’s report and one’s brain will have a flurry of memory triggers, synapses, bringing to …

Prevendra: Intellectual Property Theft

Departing Zynga Employees Heist Intellectual Property?

Christopher Burgess Blog, Information Security, Insider Threat, IP Theft

Easiest way to lose your intellectual property?  When your departing employee walks your intellectual property right out the door. It happens far too often and the insider threat you thought of as a hypothetical?  Well, it is now a reality. This is what apparently happened to Zynga. Zynga (yes the game company is still alive and kicking) alleges in their …

Prevendra - FSB cybersecurity in handcuffs

Russian FSB cybersecurity implosion continues with more arrests

Christopher Burgess Blog, Russia

As we discussed in our recent piece, “Russia’s FSB Cybersecurity Team Implodes” the number of individuals who are in shackles from within the FSB cybersecurity entities continues to increase, and the timeline of the Russian security service, Federal Security Service of the Russian Federation (FSB; Russian: Федеральная служба безопасности Российской Федерации (ФСБ)), investigation continues to expand. Over the course of …

Prevendra - Privacy

January 28, 2017 – International Data Privacy Day

Christopher Burgess Blog, Information Security

I am pleased to be recognized as a Data Privacy Day Champion, as is Prevendra. Every day efforts are expended to assist companies and individuals protect their collective privacy. In 2016 we witnessed millions of individuals having had their private information compromised. A healthy percentage of those compromised, found their information was being exploited and used. This year’s theme for Data …

Lubyanka FSB Headquarters

Russia’s FSB Cybersecurity Team Implodes

Christopher Burgess Blog, Russia

While the world was watching the United State’s election and the debate over whether or not the Russian’s hacked the DNC and influenced the election, the Russian Federation was engaged in some of their own housecleaning. A followup report to this post has been filed 28 January 2017:   Russian FSB Cybersecurity Implosion Continues With More Arrests The Federal Security …

Customer Loyalty Sweepstakes: The winner engages the customer securely

Christopher Burgess Blog, Information Security

The 2016 Nielsen report addressing customer loyalty,  “Allegiant Alignment: What Faithful Followers of Retail Loyalty Programs Want” based on the 2016 Nielsen Global Survey of Loyalty Sentiment polled more than 30,000 online consumers in 63 countries throughout Asia-Pacific, Europe, Latin America, the Middle East/Africa and North America. They found loyalty programs continue to hook and keep hooked individual consumers. Nielsen …

Prevendra - Ameriprise FInancial

Financial Advisor at Ameriprise exposes millions in assets via NAS

Christopher Burgess Blog, Data Breach (Financial, Education, Business, Government, Healthcare), Information Security

Do you use a financial advisor? I do, and I recommend mine to others without reservation. Part of that recommendation comes from the manner in which the account data is secured, which provides me more than a modicum of assurance that the folks managing my money are not asleep at the switch when it comes to protecting my identity (and …

BYOD: Users are a nightmare without policies

Christopher Burgess Blog, Burgess writes for IBM MidSize Insider, Information Security

Over the course of the past several years business leaders have evaluated and implemented the bring-your-own-device (BYOD) movement as a cost-effective methodology to preserve or reduce information technology (IT) operating expenses. In the quest to reduce these operational expenses, one might overlook the need to have a robust BYOD policy. A policy of this order addresses not only the technological …

Ransomware: Attack and Resolution

Christopher Burgess Blog, Data Breach (Financial, Education, Business, Government, Healthcare), Information Security

Companies continue to fall victim to ransomware* on a regular basis. According to an IBM X-Force® Research report, “Ransomware: How consumers and businesses value their data” 70 percent of companies who have fallen victim to ransomware, have paid the ransom. The FBI tells us the typical ransom is in the range of $200 to $10,000 paid, with some notable cases of ransome …

Ethics in sports? Insider threat in ACC football evidenced

Christopher Burgess Blog, IP Theft

Nothing is sacred, as the hosts of ESPN’s Pardon the Interruption Tony Kornheiser and Michael Wilbon, discuss. Trade secrets and intellectual property (the playbook contents) in collegiate football have value, and apparently some schools within the Atlantic Coast Conference (ACC) were willing recipients of plays purloined from the Wake Forest program by a Wake Forest insider.   [x_pullquote cite=”Wake Forest Football …

Prevendra: Madison Square Garden

Madison Square Garden customer payment cards harvested

Christopher Burgess Blog, Data Breach (Financial, Education, Business, Government, Healthcare)

On 22 November, Madison Square Garden Company (The Garden) began notifying their customers that a breach of the point of sale (POS) system had occurred, and may have affected those customers who purchased goods at merchandise and food concessions at The Garden’s various properties, during the period 09 November 2015 – 24 October 2016, you may be affected. Properties affected Madison …

Prevendra - MSU data breach

MSU data breach: Database with 400,000 records accessed

Christopher Burgess Blog, Data Breach (Financial, Education, Business, Government, Healthcare), Information Security

Michigan State University (MSU) has confirmed that on Nov. 13 an unauthorized party gained access to an MSU server containing certain sensitive data which included the personal identifying information of 400,000 individuals. The MSU data breach, characterized by the MSU President Lou Anna K. Simon as a,”criminal act in which unauthorized users gained access to our computer and data systems”. …

China - Shanghai

JPMorgan runs afoul of the FCPA: $264 million settlement

Christopher Burgess Blog, China, National Security Issues

This past week we learned that the Foreign Corrupt Practices Act (FCPA) has teeth. JP Morgan Chase (JPMorgan) essentially, used the hiring of the children of Chinese leaders as a bribe in exchange for US$100,000,000 in deals in China a violation of the FCPA. In addition the bank violated the anti-bribery, books and records, and internal controls provisions of the …

Prevendra Privacy

Data Breaches again at Horizon Blue Cross Blue Shield New Jersey (Horizon BCBSNJ)

Christopher Burgess Blog, Data Breach (Financial, Education, Business, Government, Healthcare), Health Care

It seems health insurer Horizon Blue Cross Blue Shield New Jersey (Horizon BCBSNJ) can’t catch a break. During the course of 2015 (1100) and 2016 (170,000), they have had two more incidents which compromised or placed at risk the protected health information or the personal identifying information of their insured. In December 2013, we commented on how Horizon had suffered …

Prevendra - Putin's gambit fails

Kremlin’s Clinton Gambit Fails With Trump’s Election

Christopher Burgess Blog, National Security Issues, Russia

A little over a month ago I wrote of the Russian gambit to influence the US national elections by seemingly backing the Republican party candidate Donald J. Trump in hopes that the US electorate would swing in mass to back Democratic party candidate Hillary R. Clinton. In my piece, US Presidential Election 2016: The Kremlin Prefers??? I made the argument that …

Prevendra - Canada - Privacy breaches in Canadian health services

Insider Threat – Canadian privacy breached as PHI/PII goes missing in Manitoba

Christopher Burgess Blog, Health Care, Insider Threat

Patients in Manitoba are receiving notification from their healthcare providers, that their personal and sensitive information has been lost or inappropriately accessed. As all who have responsibility for the security of information, the insider threat is very real. Often times we associate the insider threat to be associated with the actions of nefarious individual. As you’ll read below, the breaches …

Prevendra - blu phone's phone home

Chinese Cyber Espionage: What’s leaving your smartphone?

Christopher Burgess Blog, China, Information Security, IP Theft, National Security Issues

This week we saw, possible evidence of, yet another form of the Chinese cyber espionage. Smartphones calling “home” to China with user data. This is every government’s worst counterintelligence and cyber security nightmare. We are warned, repeatedly about the threat of Chinese cyber espionage, especially those in the national security arena. For those in the private sector, having the data …

Prevendra - China Agro Espionage

Agro Espionage – China’s corn espionage lead, MO Hailong, sentenced to prison

Christopher Burgess Blog, China, IP Theft

[cs_content][cs_section parallax=”false” style=”margin: 0px;padding: 45px 0px;”][cs_row inner_container=”true” marginless_columns=”false” style=”margin: 0px auto;padding: 0px;”][cs_column fade=”false” fade_animation=”in” fade_animation_offset=”45px” fade_duration=”750″ type=”1/1″ style=”padding: 15px;”][x_columnize]One chapter of the saga of China’s agro espionage targeting US research and development of corn has come to a close with the sentencing Mo Hailong, a/k/a Robert Mo, 46, a Chinese national. According to the Department of Justice, Mo was sentenced to …

Prevendra - China Agro Espionage

Agro Espionage – Rice to China – Wengui Yan’s guilty plea

Christopher Burgess Blog, China, Insider Threat, IP Theft

On 24 October 2016, Wengui Yan, an Arkansas resident, an employee of the USDA Dale Bumpers National Rice Research Center since 1996, and a naturalized US citizen originally from the PRC, successfully negotiated a plea-bargain with the Kansas US Attorney in his agro espionage case. Yan and his co-defendant, Weiqiang Zhang, PRC citizen, facilitated the theft of genetic rice from the …

IP Theft - Counterfeit Goods - Prevendra

IP Theft: Crowdfunding sites harvested by Chinese counterfeiters

Christopher Burgess Blog, China, IP Theft

It should surprise no one to learn that the Chinese factories which are engaged the production of counterfeit goods produce goods which are identical or indistinguishable from the originals. The factories are engaged in intellectual property theft (IP theft) and are building their products by reverse engineering a product then creating the counterfeit version, or creating the counterfeit product by stealing …

Prevendra - Data backup

Where’s Your data and Can You Actually Get To It?

Christopher Burgess Blog, Burgess articles - Huffington Post & El Huffington Post, Information Security

You arrive at work or home. You unload your laptop or go to your desktop and power up the system by pressing the “ON/OFF” button. Lights flicker; nothing happens. If you’re like me your mind races; you sigh and think, “I don’t need this today.” You repeat. You inspect. You scratch your head. This was my situation a few weeks …

Prevendra - Insider Theft

Insider Threat Becomes Insider Theft: What’s your plan.

Christopher Burgess Blog, Information Security, Insider Threat

In a prime example of insider threat, becomes insider theft, we saw the FBI arrest and the Department of Justice file a criminal complaint against Ralph Mandil, an employee of an unidentified distributor of “As Seen on TV” products (we believe to be Corvex Cookware). Mandil faces two federal charges: Theft of Trade Secrets and Wire Fraud. A Ralph Mandil’s, LinkedIn Profile identifies him …

Prevendra: Prevent data breaches

Data breach – Are you prepared? Most are not.

Christopher Burgess Blog, Data Breach (Financial, Education, Business, Government, Healthcare)

According to the new survey conducted by the Ponemon Institute on behalf of Experian, companies are complacent and lack confidence when it comes to data breach preparedness. A result which I found to be most astounding given the fact that every day we read of yet another company, institute, organization or governmental entity experiencing a data breach.  The study, “Is Your …

Prevendra - Gregory Allen Justice - arrest

Selling secrets to Russia? It’s a bad idea

Christopher Burgess Blog, Burgess writes for Clearance Jobs, Insider Threat, National Security Issues, Russia

The headline read:  Selling Secrets to the Russians? Jason Bourne Fan arrested in spy drama of his own.  Thus implying the motivation for Gregory Allen Justice was his sick wife, a job at which he felt unappreciated and a fascination with cinematic secret operatives such as Jason Bourne and James Bond. There’s more to the story. When he was arrested for what the …

Prevendra

Fake LinkedIn profiles engaged in global espionage targeting

Christopher Burgess Blog, National Security Issues

The BBC reports that hackers are using fake LinkedIn profiles to befriend professionals and use their information in future attacks. Source: Fake LinkedIn profiles used by hackers – BBC News The BBC article pulls from a Symantec Threat Report “Fake LinkedIn accounts want to add you to their professional network” this report comes on the heels of the piece crafted …

Prevendra - China

Rest easy: China says U.S. OPM data breach was criminal

Christopher Burgess Blog, China

Reuters recently reported how the Chinese are claiming they have concluded their official investigation into the allegation that the Chinese government were responsible for the Office of Personnel Management data breach which compromised the identities of ~20 million individuals government clearance portfolios. It is interesting to note, the Chinese government spokesperson did not indicate the US Government response to this …