Tag Archives: data security

Office of Personal Management Hacked – US Government Downplays the Event

The second admission followed a week later. The Office of Personel Management (OPM) announced that on June 4, a hack attack had succeeded on governmental staff – four million people affected. It now appears that an additional 18 million records were stolen. The government, communicated this as two separate events in an apparent attempt to downplay the scale.

So what happened in the alleged second hack? That 18 million Social Security numbers have been compromised, is a “preliminary, unverified, approximate” according to a letter from the Director of OPM, Katherine Archuleta. The number — 18 million – affects people working for a federal agency or who applied for funding. The data, according to US government circles, may be in the hands of spies from the People’s Republic of China. This has been flatly denied by Chinese officials.

Mrs. Archuleta was called to testify before a Congressional committee: Encryptions are not always possible due to the age of facilities. She argued, however, that even encryption would have not sufficed, because the hackers would then have copied keys and passwords.

An article from the Wall Street Journal mentions that the government described the attack as happening in two waves in orde rto downlplay the severity. In addition, the OPM had denied the disclosure of sensitive information twice, even though the FBI had informed the OPM on June 5 about the attack…

The post Office of Personal Management Hacked – US Government Downplays the Event appeared first on Avira Blog.

OPM: Are Personnel Records of All Fed Workers Exposed?

Two weeks ago OPM, the US Office of Personnel Management got hacked and the information of 4 million federal government workers was exposed. This is of course, horrible. But it’s not all: On Friday we learned that the issue at hand was huge and much bigger than everyone believed at first.

As can be read in a letter to OPM Director Karen Archuletta, David Cox, the president of the  American Federation of Government Employees, believes that “based on the sketchy information OPM has provided, the Central Personnel Data Files was the targeted database, and the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees.”

Cox goes on and says that the thinks the hackers have the Social Security number, military records and even veterans status’ information of every affected person. Addresses, birth dates, job and pay histories, health and life insurances and pension information, age, gender, and almost everything else you’d never want anyone else to know are included on his list as well.

Sounds bad? It’s not all. The letter states: “Worst, we believe that Social Security numbers were not encrypted, a cybersecurity failure that is absolutely indefensible and outrageous.”

I bet they now wish that “only” 4 million records got stolen … :(

The post OPM: Are Personnel Records of All Fed Workers Exposed? appeared first on Avira Blog.

5 steps to keep your SMB data protected

SMB-security

When Edward Snowden came forward in May 2013, accusing the world’s largest intelligence service of spying on US allies, people, and private companies, it became evident that electronic data is quite vulnerable. This major event even caused Russian and German government officials to consider cataloguing their data, using old-fashioned manual typewriters instead of computers. Should you do the same with your business’ data to protect it?

The only way to keep your data absolutely safe from hackers and spies is to keep it far away from computers and servers, but this approach isn’t realistic. So here are five steps that you can take to protect your small or medium size business’ data:

1)     Configure your computer network properly Regardless of the way your computers are connected in your company, via work group or server, make sure that you have implemented the right configuration. Make sure you haven’t left any gaps for hack attacks, such as software that has not been updated or free network accessibility to suppliers or all company employees.

2)     Install a business-grade antivirusThis one sounds obvious, however, it is important to point out that several SMBs still use personal antivirus to protect their business data. A company that opts to use consumer security products might not get into legal problems (although this is possible), but the major issue here is the security of the data itself. Business antivirus allows an entrepreneur to manage the company’s electronic security remotely instead of being obligated to check   each PC’s security manually. With a administration console, you can check on current problems, their solutions, and in the event of an infection or unauthorized action your console can get real-time alerts.

3)     Educate your employees about online security At AVAST we receive 50,000 samples of new viruses a day. Online security is evolving, which means you need to educate your employees about the dangers of online security and how they can best protect your company’s data on a regular basis. Try to focus on explaining the concept of social engineering to your employees, what the most recent methods of attacks are, and what the latest malware on the market is. The AVAST blog is a great place to find this information.

4)     Keep in mind that humans can fail Remember that although a great part of online security can be automated, it continues to be dependable on human actions, which from time to time can fail. Minimize the risks by training your employees properly and sharing the responsibility for data security with everyone. If a mistake is made, take it as an experience to learn from as a company, rather than cracking down on one person.

5)     Encrypt your most important data Currently, SMB owners have the option to encrypt data, so that in the case of an attack, their files will be protected. Encrypting files turns the information into unreadable code and only those who have the access to the encryption key are able to restore the files to their original state. This process is not simple, which is why it is recommended to encrypt your most important and sensitive files.

In addition to these five steps, make sure you stay up-to-date with the latest data security news. If a company in the same field as yours gets attacked, it can hit your SMB quicker than you may think! Remember, the digital world has neither frontiers nor barriers!

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.