In Business ACH Account Hijacking, Legal Ruling Favors Bank
Tracy Kitten writes on BankInfoSecurity.com:
A magistrate has recommended that a U.S. District Court in Maine deny a motion for a jury trial in an ACH fraud case filed by a commercial customer against its former bank. According to the order [.pdf], which must still be reviewed by the presiding judge, the bank fulfilled its contractual obligations for security and authentication through its requirement for log-in and password credentials.
Now Mark Patterson, president of PATCO Construction Inc., the commercial customer in the case, says he's weighing his legal options. "Things are not always fair, and we have to decide how long we want to fight the fight," Patterson says. "We do feel very strongly about this issue, but how far do we want to go?"
At issue for PATCO is whether banks should be held responsible when commercial accounts, like PATCO's, are drained because of fraudulent ACH and wire transfers approved by the bank. How much security should banks and credit unions reasonably be required to apply to the commercial accounts they manage?
"Obviously, the major issue is the banks are saying this is the depositors' problem," Patterson says, "but the folks that are losing money through ACH fraud don't have enough sophistication to stop this."
More
here.
June 6, 1944: Operation Overlord - D-Day in Normandy
A United States Navy LCVP disembarks troops at Omaha Beach, Normandy, France on D-Day, June 6, 1944.
.
The Battle of Normandy was fought in 1944 between the German forces occupying Western Europe and the invading Allied forces as part of the larger conflict of World War II. Over sixty years later, the Normandy invasion, codenamed Operation Overlord, still remains the largest seaborne invasion in history, involving almost three million troops crossing the English Channel from England to Normandy in then German-occupied France.
The majority of the Allied forces were composed of American, British, Canadian, and French units. Other countries including Australia, Belgium, Czechoslovakia, Greece, the Netherlands, New Zealand, Norway, and Poland also took a major part.
The Normandy invasion began with overnight airborne paratrooper and glider landings, massive air attacks and naval bombardments, and an early morning amphibious assault on June 6, "D-Day". The battle for Normandy continued for more than two months, with campaigns to establish, expand, and eventually break out of the Allied beachheads. It concluded with the liberation of Paris and the fall of the Falaise Pocket.
You Are Not Forgotten.
More
here.
Image source: Wikimedia
Flashback: Tiananmen Square Protests, 4 June 1989
4 June 1989
In Passing: Lawrence Eagleburger
August 1, 1930 - June 4, 2011
Stolen Data Is Tracked to Hacking at Lockheed
Christopher Drew writes in the New York Times:
Lockheed Martin said Friday that it had proof that hackers breached its network two weeks ago partly by using data stolen from a vendor that supplies coded security tokens to tens of millions of computer users.
Lockheed’s finding confirmed the fears of security experts about the safety of the SecurID tokens and heightened concerns that other companies or government agencies could be vulnerable to hacking attacks.
The tokens, which are used to protect remote access to computer networks, are sold by the RSA Security Division of the EMC Corporation. RSA officials said Friday that they accepted Lockheed’s findings and were working with customers to offset the risks through other measures.
RSA disclosed in March that hackers had stolen data that could compromise a company’s SecurID system in a broader attack, and the breach of Lockheed, the nation’s largest defense contractor, is the first time that is known to have occurred.
More
here.
Gmail Hack Targeted White House
Devlin Barrett and Siobhan Gorman write on WSJ.com:
People who work at the White House were among those targeted by the China-based hackers who broke into Google Inc.'s Gmail accounts, according to one U.S. official.
The hackers likely were hoping the officials were conducting administration business on their private emails, according to lawmakers and security experts.
The government has acknowledged senior administration officials were targeted in the "phishing'' attacks on hundreds of users of the email service. White House officials declined to discuss who was targeted.
The Obama administration reiterated Thursday that no official messages were compromised. But lawmakers and outside computer-security experts said recent White House history suggests administration officials sometimes use personal email to talk business, despite rules against doing so.
The Federal Bureau of Investigation and the Department of Homeland Security are working with Google to investigate. "These allegations are very serious," Secretary of State Hillary Rodham Clinton said Thursday.
More
here.
Attackers Stole Secret Canadian Government Data
Julie Ireton writes for CBC.ca:
Hackers who attacked two of Canada's federal departments stole classified information before being discovered last January, CBC News has learned.
The revelation comes from documents obtained under Access to Information laws, and contradicts what the minister in charge said at the time.
Six months ago, hackers launched an unprecedented cyber attack on the federal government. In January, the government's computer system came under attack.
Hackers sent malicious emails to staff that appeared to be coming from senior managers. When staff opened the attachments, hackers found a path into the federal network, providing access to classified information.
"Indications are that data has been exfiltrated and that privileged accounts have been compromised," said a memo written Jan. 31, 2011.
More
here.
In Passing: James Arness
May 26, 1923 – June 3, 2011
UK: Spies Hack al-Qaida's Inspire Magazine
An AP newswire article by Paisley Dodds, via Salon.com, reports:
Britain's spy agencies have a new message for terrorists: make cupcakes, not war.
Intelligence agents managed to hack into the extremist Inspire magazine, replacing its bombmaking instructions with a recipe for cupcakes.
It's the first time the agents sabotaged the English-language magazine linked to U.S.-born Yemeni cleric Anwar al-Awlaki, an extremist accused in several recent terror plots.
The quarterly online magazine, which is sent to websites and email addresses as a pdf file, had offered an original page titled "Make a Bomb in the Kitchen of Your Mom" in one of its editions last year. The magazine's pages were corrupted, however, and the instructions replaced with the cupcake recipe.
"We're increasingly using cybertools as part of our work," a British government official who spoke on condition of anonymity to discuss intelligence matters said Friday, confirming that the Inspire magazine had been successfully attacked.
The hackers were reportedly working for Britain's eavesdropping agency, GCHQ, which has boosted its resources in the past several years.
More
here.
In Passing: Jack Kevorkian
May 26, 1928 – June 3, 2011
Identity Theft to Steal Tax Refunds Goes Through the Roof, Official Reports
Via FCW.com.
The Internal Revenue Service has seen a nearly fivefold increase in taxpayer identity theft in the past few years — from 51,702 incidents in 2008 to 248,357 in 2010, Larry Margasak reports for the Associated Press. However, a government official recently told a congressional panel that the IRS hasn’t been chasing many of the perpetrators.
Tax identity thieves typically file returns for refunds earlier than legitimate taxpayers, who then receive notification from the IRS that two returns were filed using the same Social Security number, Margasak wrote.
According to the AP article, James White, director of strategic issues at the Government Accountability Office, said in testimony prepared for a subcommittee of the House Oversight and Government Reform Committee that "IRS officials told us that IRS pursues criminal investigations of suspected identity thieves in only a small number of cases."
White said that in fiscal 2010, the IRS' criminal investigations division launched slightly more than 4,700 investigations of all types — far less than the number of identity theft cases.
More
here.
Mark Fiore: Snuggly & Otto Pen
More Mark Fiore brilliance.
Via The San Francisco Chronicle.
- ferg
U.S. Defense Contractors Said to Be Bleeding Secrets to Cyber Foes
Jim Wolf writes for Reuters:
Top Pentagon contractors have been bleeding secrets for years as a result of penetrations of their computer networks, current and former national security officials say.
The Defense Department, which runs its own worldwide eavesdropping, spying and code-cracking systems, says more than 100 foreign intelligence organizations have been trying to break into U.S. networks.
Some of the perpetrators "already have the capacity to disrupt" U.S. information infrastructure, Deputy Defense Secretary William Lynn, who is leading remedial efforts, wrote last fall in the journal Foreign Affairs.
Joel Brenner, the National Counterintelligence executive from 2006 to 2009, said most if not all of the big defense contractors' networks had been pierced.
"This has been happening since the late '90s," he told Reuters Tuesday. He identified the main threats as coming from Russia, China and Iran.
"They're after our weapons systems and R&D," or research and development, said Brenner, now with the law firm of Cooley LLP in Washington.
More
here.
