Domain: wpengine.com
Stories and comments across the archive that link to wpengine.com.
Stories · 2
-
North Korean Hackers Are Targeting US Defense Contractors (wpengine.com)
chicksdaddy quotes Security Ledger: North Korean hackers have stepped up their attacks on U.S. defense contractors in an apparent effort to gain intelligence on weapon systems and other assets that might be used against the country in an armed conflict with the United States and its allies, The Security Ledger is reporting. Security experts and defense industry personnel interviewed by The Security Ledger say that probes and attacks by hacking groups known to be associated with the government of the Democratic People's Republic of Korea (DPRK) have increased markedly as hostilities between that country and the United States have ratcheted up in the last year. The hacking attempts seem to be aimed at gaining access to intellectual property belonging to the companies, including weapons systems deployed on the Korean peninsula.
"As the situation between the DPRK and the US has become more tense, we've definitely seen an increase in number of probe attempts from cyber actors coming out of the DPRK," an official at an aerospace and defense firm told Security Ledger. The so-called "probes" were targeting the company's administrative network and included spear phishing attacks via email and other channels. The goal was to compromise computers on the corporate network... So far, the attacks have targeted "weakest links" within the firms, such as Human Resources personnel and general inquiry mailboxes, rather than targeting technical staff directly. However, experts who follow the DPRK's fast evolving cyber capabilities say that the country may have more up their sleeve.
CNBC also reports that America's congressional defense committees have authorized a last-minute request for $4 billion in extra spending for "urgent missile defeat and defense enhancements to counter the threat of North Korea."
Other countries newly interested in purchasing missile defense systems include Japan, Sweden, Poland, and Saudi Arabia. -
Equifax Tells Investors They Could Be Breached Again - And That They're Still Profitable (nypost.com)
"Equifax executives will forgo their 2017 bonuses," reports CNBC. But according to the New York Post, the company "hasn't lost any significant business customers... Equifax largely does business with banks and other financial institutions -- not with the people they collect information on."
Even though it's facing more than 240 class-action lawsuits, Equifax's revenue actually increased 3.8% from July to September, to a whopping $834.8 million, while their net income for that period was $96.3 million -- which is still more than the $87.5 million that the breach cost them, according to a new article shared by chicksdaddy: The disclosure, made as part of the company's quarterly filing with the US Securities and Exchange Commission, is the first public disclosure of the direct costs of the incident, which saw the company's stock price plunge by more than 30% and wiped out billions of dollars in value to shareholders. Around $55.5m of the $87.5m in breach-related costs stems from product costs â" mostly credit monitoring services that it is offering to affected individuals. Professional fees added up to another $17.1m for Equifax and consumer support costs totaled $14.9m, the company said. Equifax also said it has spent $27.3 million of pretax expenses stemming from the cost of investigating and remediating the hack to Equifax's internal network as well as legal and other professional expenses.
But the costs are likely to continue. Equifax is estimating costs of $56 million to $110 million in "contingent liability" in the form of free credit monitoring and identity theft protection to all U.S. consumers as a good will gesture. The costs provided by Equifax are an estimate of the expenses necessary to provide this service to those who have signed up or will sign up by the January 31, 2018 deadline. So far, however, the company has only incurred $4.7 million through the end of September. So, while the upper bound of those contingent liability costs is high, there's good reason to believe that they will never be reached.
The Post reports that some business customers "have delayed new contracts until Equifax proves that they've done enough to shore up their cybersecurity."
But in their regulatory filing Thursday, Equifax admitted that "We cannot assure that all potential causes of the incident have been identified and remediated and will not occur again."