One day Thomas Ryan, who worked as a white-hat hacker and cyber security analyst, created an entire social media background and history for Robin Sage, an attractive 25-year-old girl who claimed to be a cyber threat analyst at the Naval Network Warfare Command in Norfolk, Virginia.
She duped men and women alike (but mostly men) without showing any real biographical information. Within two months time (December 2009-January 2010), she acquired access to email accounts (one NRO contractor posted information on social media which revealed answers to security questions on his personal e-mail), home addresses, family information, and bank accounts.
Read more on this interesting “fake it ’til you make it” story!
In August, International Dairy Queen began an investigation into a data breach in its stores. In November, it confirmed the breach took place in 395 locations and may have affected nearly 600,000 debit and credit cards. The company found that Backoff malware, used in so many recent cyber attacks, affected the payment systems in these locations. Customer names, debit card and credit card numbers and their expiration dates were compromised.
Enterprises will increasingly employ data science experts to help drive security analytics and risk mitigation
As IT security leaders try to base more of their day-to-day decisions on statistical analysis of relevant data coming from IT infrastructure and business processes, they’re running into a skills and resource gap. Often security teams have lots of specialists with deep technical knowledge of attack techniques and trends, but they frequently lack the skills to aggregate and manipulate data in order to draw meaningful conclusions from statistical trends.