WEEKLY DATA SECURITY NEWS ROUND UP Ed. 10 November 12-16, 2012
Petraeus Scandal Leads to Questions about Cyberprivacy and Accessibility in the U.S.
WEEK IN NUMBERS 7,172
- Amount of times the
U.S. Government requested data from Google in the first half of 2012
44% - Amount of teens that consider Identify Theft a top cyber concern
$88.4 million
- Opening
weekend Box Office numbers for the newest Bond movie Skyfall, in which the villian utilizes cyber terrorism throughout the movie
$330 million - Potential cost for South Carolina businesses
The four-star general’s career is foiled by Gmail. Photo: USATODAY
after the biggest hack on a state in our country’s history.
Unless you’ve been living under a rock for the past week, you’ve heard more than you can handle about the resignation of David Petraeus, the now ex-chief of the C.I.A. and one of the country’s most revered four-star generals. Caught in a bitter love triangle akin to something seen in a bad soap opera, the parties involved have stayed relatively quiet throughout the whole matter. The only real statements that have been made was the official resignation of Petraeus, and the rest is coming from the cybertrail that the woman that Petraeus had an affair with, Paula Broadwell, has left behind for the FBI to sniff out. As you’ve likely heard by now, Broadwell sent some harassing emails via a Gmail account to a Tampa socialite that just happens to have a friend in the FBI. It’s nice to have friends in the FBI, I guess. The FBI did some asking around, and came up with some pretty convincing evidence linking the harassing emails to Broadwell. But just how easy is it for the FBI to get any information they want from giants like Google? It turns out it’s pretty easy, and they’re doing it more often. Also this week, Google released its “Transparency Report” for the first half of 2012, which details how many worldwide government requests for information it gets. Since its initial report released in 2009, the number has increased by 67%, with the U.S’s requests increasing by over 50%. Google policy director Dorothy Chou tried to outline the criteria for giving over this information, but let’s just say when the FBI comes knocking on your door, you’re giving them some information. Where’s the incentive for the FBI to disclose additional information other than “It’s an issue of national security, we can’t say anything else.” Do you see Google declining to hand over information in this scenario? This is perhaps the most relevant part of the story for those concerned with data privacy. Everyone needs to understand information they share over email can be easily traced, collected and used in legal proceedings and matters of the government. No matter what the issue may be, even if it’s the most meaningless and petty e-mail bickering, if the FBI wants to know, they will find out. Sources: Google, Time, Forbes
DID YOU KNOW? Google, Twitter, and Dropbox all release Transparency Reports, whereas Facebook and Microsoft do not.
Teens and Venture Investors Demand Online Safety A new study from the Family Online Safety Institute has found that teens are more connected than ever, and understand privacy and safety issues on a deeper level than adults, at least from a social media standpoint. 44% of teens consider identify theft a top concern, and 29% worry about strangers learning things about them online from their various social networking profiles.
Teens are getting more tech-savvy, and therefore more cautious with their online identity
business, but a core component of its success.
The study also found that venture investors are focusing on safety and privacy issues as a core component when starting a business. Stephen Balkam, the founder and chief of FOSI, said “You obviously have to bake in safety and privacy from the beginning of your business now…Data like this can help new and mature companies think through what matters to the teen market, and parents most.” Once this current generation starts to hit the workforce, data security and protection won’t be an after-thought of the
Scott Weiss, a partner with the firm Andreeseen Horowitz that works with social media companies such as Facebook, Twitter, and Pinterest, analyzes social media and safety issues. He said “[Upcoming entrepreneurs] better be talking about safety and privacy problems they anticipate and how they plan to mitigate these from the start.” Otherwise it’s a red flag, with firms like Andreesen Horowitz being “unlikely to invest.” Current companies continue to get away with putting data security in their backburners, but you can guarantee that any legitimate businesses starting up now need to have data security at the front of their business plan, or they’ll be sent packing. Source: Wall Street Journal
South Carolina Breach Continues to Rack Up Expenses, Potentially Reaching $330 Million for Businesses For the past few weeks, we have covered the huge hack on South Carolina that involved 3.6 million Social Security Numbers and 387,000 credit and debit card numbers being stolen. In what cybersecurity experts are still calling the biggest attack on a state government, the biggest hit could be to the private businesses in the state. If even 15% of the information stolen is misused, the total cost to businesses grows to $331 million based on FBI data of identity theft. South Carolina continues to deal with the colossal breach the best they can, but they have yet to make any progress on finding out who committed these crimes. For now, they’re still helping each citizen and business protect their identities and information as much as they can. Source: Greenville
DID YOU KNOW? K logix data loss calculations can help you identify the potential impact of data loss on your business.
A lot of businesses in South Carolina affected by the breach continue to watch money fly away
Cybersecurity and U.S. Government Still Making No Progress, Obama’s Executive Order Likely to Go Through Shortly. January
Stop Online Privacy Act (SOPA) andProtect IP Act (PIPA) are both introduced and met with heavy online protests from sites such as Wikipedia and Reddit, both bills are postponed
March
August
November
Talks of the Cybersecu-
After many revisions
Yet another Cybersecurity
rity Act of 2012 pick up
which watered the bill
Bill fails to advance through
in Congress, arguments
down too much, it was
the Senate, only getting 51
over the bill drag on for
shelved in early August.
out of the 60 required votes
months
It continues to be a struggle to pass anything Cybersecurity related through Congress, as the Senate has failed to advance the latest attempt at a Cybersecurity Bill. Over a month ago, we created this simple chart showing the progression of U.S. attempts at Cybersecurity regulations and standards in law, and its miserable failure. The same core issues always arise, nobody can agree on terms that will satisfy all parties, including individual citizens, businesses, and government. “The only other thing that can produce legislation is a major cybersecurity meltdown,” said Stewart Baker, a former assistant secretary for policy at the Department of Homeland Security. This kind of mentality, and repeated failures, is making Obama’s attempt at having an Executive Order on Cybercrime go through seem that much more likely. For now, the U.S. government will likely be stuck in this gridlock until a cyber-catastrophe forces it out. Source: NYTimes
DID YOU KNOW? K logix addressed the issue of responsibility for Cybersecurity in SC Magazine.