Category Archives: Education

Education, Training, and Awareness

$1M for FBI’s Most Wanted Cyber Fugitive Nicolae Popescu

FBI is offering a $1 Million reward for Romanian cybercriminals Nicolae Popescu and Dumitru Daniel Bosogioiu who were originally charged in a criminal complaint with 11 other defendants for their participation in a cyber fraud conspiracy which targeted U.S.-based websites such as Cars.com and AutoTrader.com  RewardThe defendants allegedly pretended to sell cars from nonexistent auto dealerships in the United States and created phony websites for these fictitious dealerships. As part of the scheme, the defendants produced and used high-quality fake passports to be used as identification by co-conspirators in the United States to open American bank accounts. After the “sellers” reached an agreement with the victim buyers, they would often email them invoices purporting to be from Amazon Payments, PayPal, or other online payment services, with instructions to transfer the money to the American bank accounts used by the defendants. The defendants and their co-conspirators allegedly used counterfeit service marks in designing the invoices so that they would appear identical to communications from legitimate payment services. The illicit proceeds were then withdrawn from the U.S. bank accounts and sent to the defendants in Europe by wire transfer and other methods.
*The charges in the complaint and the indictment are merely allegations, and the defendants are presumed innocent unless and until proven guilty.

Cyber Security Tips for College Computer & Mobile Device users

Cyber Tips for College

(from staysafeonline.org)

When you’re in college, your computer and mobile devices are primary tools in your educational and social life. Students use the Internet for homework, research, social networking, online shopping and other activities.

The Internet is an amazing tool, but must be used safely and securely.

When you log on to a college campus network (or any network), what you do online could impact not only your computer, but other students and the network as well. By combining up-to-date security tools with good judgment, you and your college community are much less likely to encounter a security violation, loss of data, or system problems.

The first step is STOP. THINK. CONNECT. 

Keep a Clean Machine

  • Keep security software current: Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats.
  • Automate software updates: Many software programs will automatically connect and update to defend against known risks. Turn on automatic updates if that’s an available option.
  • Protect all devices that connect to the Internet: Along with computers, smart phones, gaming systems, and other web-enabled devices also need protection from viruses and malware.
  • Plug & scan: “USBs” and other external devices can be infected by viruses and malware. Use your security software to scan them.
Protect Your Personal Information

  • Secure your accounts: Ask for protection beyond passwords. Many account providers now offer additional ways for you verify who you are before you conduct business on that site.
  • Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.
  • Unique account, unique password: Separate passwords for every account helps to thwart cybercriminals.
  • Write it down and keep it safe: Everyone can forget a password. Keep a list that’s stored in a safe, secure place away from your computer.
  • Own your online presence: When available, set the privacy and security settings on websites to your comfort level for information sharing. It’s ok to limit who you share information with.
Connect With Care

  • When in doubt, throw it out: Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as junk email.
  • Get savvy about Wi-Fi hotspots: Limit the type of business you conduct and adjust the security settings on your device to limit who can access your machine.
  • Protect your $$: When banking and shopping, check to be sure the sites is security enabled. Look for web addresses with “https://” or “shttp://”, which means the site takes extra measures to help secure your information. “Http://” is not secure.
Be Web Wise

  • Stay current. Keep pace with new ways to stay safe online: Check trusted websites for the latest information, and share with friends, family, and colleagues and encourage them to be web wise.
  • Think before you act: Be wary of communications that implores you to act immediately, offers something that sounds too good to be true, or asks for personal information.
  • Back it up: Protect your valuable work, music, photos, and other digital information by making an electronic copy and storing it safely.
Be a Good Online Citizen

  • Safer for me more secure for all: What you do online has the potential to affect everyone – at home, at work and around the world. Practicing good online habits benefits the global digital community.
  • Post only about others as you have them post about you.
  • Help the authorities fight cyber crime: Report stolen finances or identities and other cybercrime to the Internet Crime Complaint Center and to your local law enforcement, state attorney general and campus police as appropriate.

Check Point stocks reach all time high after breaches

Check Point is the second largest security company in the world.  After JP Morgan Chase recently reported a breach which involved unemployment benefits and income tax refunds issued by agencies such as the Louisiana Workforce Commission pre-paid debit cards, Check Point Software Technologies Ltd (CHKP) hit an all time stock value of $71.99.  Check Point

 

Along with the JP Morgan breach came the momentum of Apple's iCloud celebrity customers having their nude photos exploited through targeted social engineering attacks by some enthusiastic low level hackers from Reddit.

Bloomberg anticipates the increase of visibility in breaches and the tide of cyber security technology and service requirements will propel Check Point stock to grow sales to more than 6.3% from last year which would come out just shy of $1.5 billion.  This is nine months after Elena Popina's article in Bloomberg which demonstrated Check Point's rise to a 12 year high when earnings beat estimates at a whopping $65.93 on January 27, 2014.

 

AAFES and Navy joust over VOSB online store credentials

Thomas C Shull, the CEO of Army and Air Force Exchange Service (AAFES) has presented a business case to the DoD's Executive Resale board this month to allow over 18 million honorably discharged veterans to use military exchange services.  This creates a $100M increase in revenue possibilityfor AAFES and is currently referred to as the Veterans Online shopping Benefit (VOSB.)

Unfortunately, despite the lack of any increase cost to taxpayers, the Navy & Marine Corps exchange's senior policy officials are challenging an on-line availability of the VOSB.

"{Navy Officials}….believe hurdles to implementing online shopping for all veterans will be higher than AAFES predicts, particularly in finding a foolproof way to verify veteran status and the character of their discharges…"

http://militaryadvantage.military.com/2014/08/aafes-makes-business-case-for-all-vets-to-shop-online/

As an information assurance professional, don't you love a challenge?  Why could there not be a simple gateway to include the already used DS Logon to the AAFES online shop? The Department of Defense Self-Service Logon (DS Logon) is a secure, self-service logon credential which allows individuals affiliated with the DoD or VA to access multiple websites using a single username and password.  The vetting process is proven and the security is quite extensive.
 

Identity Management: Concepts, Technologies, and Systems (Information Security & Privacy) (Hardcover)


List Price: $120.00 USD
New From: $50.00 USD In Stock
Used from: $76.24 USD In Stock

AMERICA’S GREAT GAME by Hugh Wilford

Relatively little has been written about CIA operations in the 1940’s and 50’s. Hugh Wilford’s AMERICA’S GREAT GAME draws on personal interviews, papers, and recently declassified material of former operatives and their associates. The book is centered on the continuation by CIA of the 19th century’s joust by British and Russian agents for control of Central Asia. It delves into the intrigue of the loss of support for Arab nationalists like Nasser. In the book, there are rich anecdotes and the unbelievably larger-than-life three leading CIA pro-Arabists in search of Lawrence of Arabia styled romantic adventure, Miles Copeland, and the Roosevelt cousins Kermit “Kim” Jr and Archie – both grandsons of Theodore Roosevelt.

Kim Roosevelt was the first head of CIA covert action in the Middle East. He also masterminded the 1953 coup operation in Iran which toppled nationalist prime minister Mohammed Mosaddeq which restored power to the Shah. Wilford described Kim as having had clouded judgment of Persian politics which encouraged his tendency to view Iran as a place for personal adventure and playing spy games. Such an attitude is attributed to his identity as “a Roosevelt man” and his comparisons of his work to his father and grandfathers’ writing on their hunting expeditions.

Kim’s cousin Archie was a Middle East scholar and the chief of CIA’s Istanbul station. The cousins are referred to as the Oyster Bay Roosevelts – a tight knit family with common interests, tates, and sense of humor. Archie worked at the Office of War Information headquarters in Washington, DC developing ideas for propaganda in the Arab world. His formative years provided him the opportunity to witness the odds between the Protestant New England missionaries of Beirut at odds with the Catholic Maronites of the French which led to the division of Greater Syria after WWI. In WWII North Africa, France’s reputation grew worse with Vichy officials being allowed to remain in office even after the Allied invasion.

Miles Copeland was a covert action expert who joined the intelligence establishement during WWII. Copeland is quoted as saying “Both leaders and doers in a given society play three games at the same time…the personal, the domestic, the international – and sometimes a fourth, the bureaucratic.”

John Foster Dulles is described by Miles as having resorted to Allen Dulles’ crypto-diplomacy through Miles and Kim Rossevelt (the chief crypto-diplomat): “When someone had to hop on an aeroplane and go to Iran, Egypt, Jordan, or Saudi Arabia to talk to the Shah, Nasser, King Hussein or King Saud, the Dulles brothers would think of either Kim or myself, sometimes together, sometimes singly, and sometimes in the company of some professional VIP”. Wilford explains that crypto-diplomacy allowed for non-public conversation leading to breakthroughs such as the Suez base agreement of 1954. Conversely, the book explains that the crypto-diplomacy bred suspicion in the minds of foreign heads of state which also undermined and embarrassed the effectiveness of individuals like Ambassador Henry Byroade. 

The book expands on early 1950’s CIA’s manipulation of Middle Eastern governments and the inconsistency of American involvement and support for the then emerging Arab nationalist movement

Wilford’s book eventually demonstrates that it was American support for Israel which ultimately destroyed the Arabists’ influence both within CIA and America.

Hugh Wilford is a history professor at California State University Long Beach and author of four books which include The Mighty Wurlitzer.  If you are interested in the development of the Levant, early American Middle East politics, or the emergence of American intelligence in Central Asia, this book will be hard to put down once you get started.

America’s Great Game: The CIA’s Secret Arabists and the Shaping of the Modern Middle East (Hardcover)


List Price: $29.99 USD
New From: $13.42 USD In Stock
Used from: $5.13 USD In Stock