A great example of “fake it ’til you make it”. Beware of your social networking!

One day Thomas Ryan, who worked as a white-hat hacker and cyber security analyst, created an entire social media background and history for Robin Sage, an attractive 25-year-old girl who claimed to be a cyber threat analyst at the Naval Network Warfare Command in Norfolk, Virginia.

She duped men and women alike (but mostly men) without showing any real biographical information. Within two months time (December 2009-January 2010), she acquired access to email accounts (one NRO contractor posted information on social media which revealed answers to security questions on his personal e-mail), home addresses, family information, and bank accounts.

Read more on this interesting “fake it ’til you make it” story!

Breach at Sony

Data continues to come out about this November 24 Sony breach. In early December, hackers leaked five unreleased movies online and some employees’ Social Security numbers. The security firm Identity Finder found the hack exposed over 47,000 Social Security numbers, including over 15,000 current or former employees. In addition, these numbers appeared more than 1.1 million times on 601 publicly-posted files stolen by hackers. A significant number of files containing the Social Security numbers were accompanied by other personal information, such as full names, dates of birth and home addresses, increasing the chances of identity fraud.

EU holds largest-ever cyber-security exercise

Yahoo news reports that EU holds largest-ever cyber-security exercise.

View gallery

  • .

ATHENS, Greece (AP) — The European Union on Thursday carried out its biggest exercise to prevent cyber-attacks on Europe’s public utilities and communications networks.

The director of the European Network and Information Security Agency, Udo Helmbrecht, told The Associated Press that Thursday’s one-day exercise involving 29 countries and 200 agencies dealt with attack scenarios against “critical infrastructure.”

Helmbrecht said European countries were working to improve their coordination between national security agencies and to further standardize protective software and methods.

Examples of serious past incidents, he said, include a wave of cyber-attacks against Estonia in 2007 that severely affected the country’s banks and government agencies, and the Stuxnet computer virus that was used to target energy and industrial sites in Iran.

“Now this malware is out in the world, so if you are a criminal you can re-engineer it and use it to attack a water supply, or a car manufacturing plant, or a government,” said Helmbrecht, speaking in a windowless office in an EU building where part of the exercise is being held.

The EU agency, based in Iraklio, on the Greek island of Crete, says web-based attacks increased globally by nearly a quarter in 2013 from a year earlier, directed from an increasing number of countries.

“The sophistication and volume of cyber-attacks are increasing every day,” Neelie Kroes, the EU Commission vice president, said in a statement Thursday.

“They cannot be countered if individual states work alone or just a handful of them act together.”

The European cyber-security exercise is held every two years and the results of the current safety tests are due to be issued by the end of the year.