Two separate attacks on banks in the United States and Pakistan revealed this week highlight once again the inherent weakness of a security practice that relies on passwords or knowledge-based credentials to protect critical information.
Business
Podcast Episode 118: White Hat Eye on the Gaming Guy
In this week’s episode, #118: modern computer games are like mini economies and that makes them a big target for hackers. We talk with four leading researchers from Bug Crowd about how even popular games fall down on security. Also: Srinivas Mukkamala, the CEO of RiskSense about how artificial intelligence and risk based approaches to securing elections systems could pay off.
Research: Russian Disinformation Campaigns Target African Americans
Russian misinformation campaigns have been targeting African Americans in a number of ways to create division between left and right political agendas, create racial division and discord, and even suppress Black voter turnout, new research has found.
Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats
In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In the first segment, we talk with Thomas Harvey of the firm RMS about the problem of “silent cyber” risk to insurers and how better modeling of cyber incidents is helping to address that threat. In part II, we invite Chip Block of the firm Evolver back into the studio to talk about the challenge that “converged” cyber physical systems pose to insurance carriers as they try to wrap their arms around their exposure to cyber risk. Editor’s note: as an experiment this week, we’re posting each interview as a separate download, to see if that makes it easier for listeners to jump to the content they’re most interested in. Use the comments section or Twitter (@securityledger) to let us know what you think or whether you prefer the single download!
Apple, Amazon Throw Shade on Supply Chain Hack Story
A report by Bloomberg alleging a massive operation by China’s Peoples Liberation Army (PLA) to plant spy hardware on servers used by some of the U.S.’s most high profile corporations is being refuted by tech vendors Apple as well as Amazon, who contend that no such compromises took place. The report written by Jordon Robinson and Michael Riley and released Thursday says that PLA agents implanted tiny surveillance chips on server motherboards manufactured by Super Micro Computer. The devices, no larger than a pencil tip, could give Chinese agents access to and control over critical hardware used by Apple Computer, Amazon and other large, U.S. firms, including financial services firms and intelligence agencies, the report says. [You might also want to read: Massive Facebook Breach Affects 90 Million Accounts] If true, the incident would be one of the most serious uses of a so-called “supply chain” hack, in which sophisticated adversaries […]
