“Technology makes it easy for scammers to fake or ‘spoof’ caller ID information” and can make it look like they’re calling from a different place or number, including the receiver's’ own number, said a blog post Tuesday from FTC Do Not Call Program Coordinator Bikram Bandy. “Scammers use this trick as a way to get around call-blocking and hide from law enforcement,” Bandy said. Don’t pick up, press buttons to be taken off the call list or talk to a live person as it’s an illegal robocall, he said. Ignore them and move on with your day, Bandy said.
“Thanks to the tireless efforts of my team at [the Office of Personnel Management] and our inter-agency partners," OPM has made progress in the investigation into the attacks on OPM’s background information systems, OPM Director Katherine Archuleta wrote in a blog post Saturday. “We hope to be able to share more on the scope of that intrusion next week, and in the coming weeks, we will be working hard to issue notifications to those affected,” she said. Archuleta said she remains “committed to improving the IT issues that have plagued OPM for decades” and to “finishing the important work outlined in my Strategic IT Plan” to evaluate and improve OPM security systems to ensure sensitive data is “protected to the greatest extent possible, across all of our networks.”
Harvard University “discovered an intrusion on the Faculty of Arts and Sciences and Central Administration information technology networks” June 19, said Provost Alan Garber and Executive Vice President Katie Lapp in a joint statement Wednesday. “Since discovering this intrusion, Harvard has been working with external information security experts and federal law enforcement to investigate the incident, protect the information stored on our systems, and strengthen IT environments across the University,” the statement said. Garber and Lapp said there's no indication now that personal data, research data or PIN system credentials were compromised but said Harvard login credentials may have been used to access individual computers, and university email accounts “have been exposed.” To further secure data, the university is requiring those who are part of the Faculty of Arts and Science, Harvard Divinity School, Radcliffe Institute for Advanced Study or Central Administration to change the password associated with their Harvard account. Those part of the Graduate School of Design, Graduate School of Education, School of Engineering and Applied Sciences, or School of Public Health are required to change their email password. “Password changes will be required again at a later time,” the statement said. Those who are part of the business, Kennedy, law, medical or dental schools “do not need to take any action at this time,” the statement said.
The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) is seeking comment on proposals to explore email security and the addition of derived personal identity verification (PIV) and other second-factor identifications for smart card logons as part of the center’s “building blocks” for companies to demonstrate their cyber capabilities, NIST said Thursday. NCCoE building blocks are cybersecurity implementations that the center uses in many of its sector-specific use cases. The email security building block proposes using the Domain Name System-Based Authentication of Named Entities (DANE) protocol to prevent unauthorized viewing of email. The second-factor identifications building block proposes a method for allowing mobile devices to use two-factor authentication -- derived PIV or other smart card plus a password -- rather than only relying on a password. Both proposals are open for public comment until Aug. 14, NIST said.
Cybersecurity firm Kaspersky Lab coined the term “digital amnesia” to describe the phenomenon of forgetting information that Americans trust a digital device to store and remember for them, the company said Wednesday in a report. That the phenomenon is so prevalent points up the need for Americans to adequately protect their devices with “readily available IT security products,” but protection of the sort that Kaspersky and others sell is lacking, the report said. Kaspersky canvassed 1,000 U.S. consumers aged 16 to 55 online in May and found that 91 percent “can easily admit their dependency on the Internet and devices as a tool for remembering and an extension of their brain,” it said. And 44 percent said their smartphone holds almost everything they need to know or recall. “Not surprisingly, the study also found that the loss or compromise of data stored on digital devices, and smartphones in particular, would leave many users devastated,” the company said. But in the study, 28 percent admitted they don’t protect any of their devices with “additional security,” it said. The firm said it found just one in three installs extra IT security on a smartphone, one in five on a tablet.
The FBI is investigating the Tuesday cutting of a group of three fiber cables in Alameda County, California, as part of a series of 11 fiber cable-cutting incidents across the San Francisco Bay Area over the past year, a spokesman confirmed Thursday. Level 3 Communications and Zayo Group have both said their cables were affected in the Alameda County incident and that they restored service by Wednesday. The perpetrator of the Alameda County incident is believed to have accessed the cables through a manhole, the FBI spokesman said. Outages caused by the Alameda County incident and the other 10 cable-cutting incidents have been concentrated in the Bay Area but have stretched to as far away as Sacramento, the FBI spokesman said. The FBI has noticed similarities among the 11 cable-cutting incidents, the spokesman said. The FBI sought the public’s help last month in identifying the perpetrators in the 10 earlier cable-cutting incidents, which occurred between July 6, 2014, and June 9. Five of the 10 incidents occurred in Fremont, while two others occurred in Walnut Creek. The FBI in June said the perpetrators “may appear to be normal telecommunications maintenance workers or possess tools consistent with that job role.”
“Don’t send verification codes to anyone via text or email,” wrote Kristin Cohen, chief of the FTC's Office of Technology Research and Investigation, in a blog post Wednesday. Verification codes should be used only on the login page, Cohen said. Individuals who get a verification code they didn’t request should tell the provider, she said, because it could be a sign someone is tampering with the account. It’s possible a hacker with an individual’s email address and mobile number can pretend to be an individual’s email provider and send a text asking for a verification code to unlock the email account, Cohen said. The hacker can learn a lot of information looking through an email account or change email settings so emails are forwarded directly to the hacker, she said.
After reports the intelligence community was resistant to integrate its systems with those operated by the Office of Personnel Management’s (OPM) due to security concerns before recent breaches at OPM occurred, Brookings Institution Senior Fellow in Government Studies Benjamin Wittes questioned in a blog post Tuesday why “nobody in the intelligence community bothered, it seems, to help secure OPM’s systems.” If the Director of National Intelligence’s office thought the data OPM managed wasn't secure, why not secure those systems, Wittes asked. Though he says OPM isn’t without fault, “identifying intelligence targets in the federal government and securing them against professional intelligence adversaries is really the job of others in the federal government, and at least some of those others had their eyes on this problem,” he said. “The more I think about it, the less I think it makes sense to blame OPM for the failure here, and the more I think the intelligence community itself must take responsibility for it -- particularly for any portions of the breach or breaches that involve data for security clearance background checks,” Wittes said. The Office of the DNI didn't comment.
Email phishing campaigns appearing to be from the Office of Personnel Management and the identity protection firm CSID increased after last month's announcement that OPM suffered breaches, said the U.S. Computer Emergency Readiness Team (U.S.-CERT) in an alert Tuesday. “For those affected by the recent data breach, the legitimate domain used for accessing identity protection services is https://opm.csid.com.” Users should visit the OPM website for more information and report suspicious emails to U.S.-CERT, it said.
Cisco plans to buy OpenDNS, a San Francisco-based Internet security company, for $635 million in cash, assumed equity and retention-based incentives, to "add broad visibility and threat intelligence," Cisco said in a news release Tuesday. The purchase was spurred by Cisco's desire to "reduce the time to detect and respond to threats, and mitigate risk of a security breach" by combining its security capabilities with OpenDNS' "broad visibility, unique predictive threat intelligence and cloud platform," Cisco said. The buyer said it expects to complete the deal in Q1.