Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Category Archives: Cybercrime

Slashdot Post On Security Ethics Demonstrates Professional Naiveness

April 18, 2008 – 6:00 am – Over at Slashdot, an anonymous reader was quoted as follows (in entirety): “I am a senior security xxx in a Fortune 300 company and I am very frustrated at what I see. I see our customers turn a blind eye to blatant security issues, in the name of the application or business requirements. I…
By Kenneth F. Belva | Also posted in Auditing, CSO/CISO Perspectives, Compliance and Laws, Privacy, Risk Analysis | Tagged | Comments (4)

Looking Through the Wrong End of the Telescope

April 2, 2008 – 6:00 am – At this point in time most companies have done at least a reasonable job of keeping the bad guys out. They probably have a firewall, Anti-Virus, URL filtering and some sort of centralization and viewing capability, whether home grown scripts or a commercial product. Many also have implemented…
By Allan Pomerantz | Also posted in CSO/CISO Perspectives, Human Elements | Tagged , , | Comments (2)

Save The Whales

March 25, 2008 – 6:00 am – By now we all familiar with Phishing, which is the attempt to extract valuable information from an unsuspecting user via some form of social engineering which is usually done via E-Mail but can also be done via telephone (called Vishing.) In the case of an individual, the target is usually…
By Allan Pomerantz | Also posted in CSO/CISO Perspectives, Human Elements | Tagged , , | Comments (0)

French Trader Jerome Kerviel Spoofed Emails to Legitimize Fake Transactions

January 30, 2008 – 6:00 am – Le Monde reports that, among other things, the French Trader spoofed emails to trick co-workers into believing his trades were legitimate. The english is a bit broken — for instance mall is email — but here is the translation from Babelfish: Remain that the bank is questioned and asks…
By Kenneth F. Belva | Also posted in CSO/CISO Perspectives, Compliance and Laws, Human Elements, Information Security News, Security in Popular Culture | Tagged , | Comments (0)

Spiteful Employee destroys $2.5 Million worth of data, data recovered

January 25, 2008 – 4:23 pm – A CNN video report: an employee believed she was to be fired and deleted the firm’s 7 years worth of data valued at $2.5 million dollars. The data was forensically recovered in full. The cop had it correct and simple: backup your data. …
By Kenneth F. Belva | Also posted in Information Security News, Security in Popular Culture | Tagged , | Comments (0)