Archive for the ‘Cyber Security’ Category

How the FBI Protects Against Cyber-Hacks

Monday, November 16th, 2015
Cyber Hacking

Information sharing helps protect against cyber-hacking.

You may remember the cyber-attack on Sony last year after they released the film “The Interview”. The comic farce, in which two men try to assassinate Kim Jong-un, was taken as a threat by North Koreans, who launched the cyber-attack as a response. While the FBI was able to figure out where the attack came from, it was still dangerous. James Clapper, the director of national intelligence, described the attack as “the most serious cyber-attack ever made against US interests”. Imagine that these kinds of attacks are directed at banks or sensitive government files. There are two main sources of cyber-attacks to protect from: crime-sponsored attacks that are used for extortion (criminals also make money by selling Malware), and state-sponsored attacks that are used for espionage. It takes constant vigilance to maintain our systems against cyber-attacks, and there are ways that we can ensure we have as safe a system as possible.

What is Information-Sharing?

Back in 2011, the Obama Administration proposed a reform that would make information-sharing easier, and since then, Congress has passed information-sharing bills every year. This kind of information-sharing technology allows for clues about potential hackers to be passed on to others. For example, if Oil Refinery A notices that someone is attempting to hack its systems, then it can pass that information on to Oil Refineries B, C, and D, so they can take preventative measures to keep from getting hacked. Obama’s reform this year has been to make it easier for information from the private sector to be shared with the government, which helps the government to prevent sophisticated cyber-attacks.

How Does Information-Sharing Help Me?

You have nothing to worry about when it comes to this type of information-sharing. The only information that is passed on is information that’s crucial to identifying hackers; things like IP addresses, routing information, and time stamps. Your personal information is not stored or collected. As it stands now, our information-sharing program still only creates a patchwork of security. We’re moving towards more security with security products—like anti-malware, antivirus, and intrusion protection systems—that scan for threats. Sharing crucial information is important to prevent cyber-attacks that affect American businesses and citizens directly. In 2013, US retailers were affected by point of sale malware called BlackPOS. You may remember how Target had to pay hack victims $10 million in damages after hackers stole bank card information for $40 million people from the Target in-store credit cards. Cyber-attacks get worse and worse every year, and it is up to companies like DHA Group, Inc. to stop them.

DHA Group, Inc.

An award-winning management consulting and contracting firm primarily serving federal, civilian and defense agencies, DHA group supports clients’ mission-critical work by delivering expert professional services. If you have more questions about automatic software whitelisting, contact DHA for knowledgeable service.

Follow us on social media on FacebookLinkedInTwitter or Google+.

Post OPM Data Breach, Search For Contractor Begins

Thursday, July 23rd, 2015

 

After it was recently revealed that a data breach at the Office of Personnel Management compromised the information of more than 21.5 million individuals, the fallout has been significant. And despite the fact that it has been two weeks since the announcement was made, the search for a contractor to notify affected individuals and provide identity-fraud protection services, has just begun. Learn more in our blog.

opm-data-breach

Post OPM Data Breach, Search for Contractor Begins

(more…)

New U.S. Cyber Threat Intelligence Integration Center Announced

Thursday, February 12th, 2015

 

The U.S. government recently announced the addition of a new component of its cybersecurity defense system. The U.S. Cyber Threat Intelligence Integration Center (CTIIC) will be a new center modeled after the U.S. National Counterterrorism Center. The center will collect information from other intelligence agencies to analyze cybersecurity threats to help protect the nations virtual interests.

 

The creation of the CTIIC was announced earlier this week on Tuesday by Lisa Monaco, assistant to President Obama for homeland security and counterterrorism. Monaco noted that the new analysis center will not be collecting new intelligence information. The full scope of its operations will be analysis of information collected by other agencies. In this way, Monaco noted, the functions of the CTIIC will not overlap with other agencies, making this a necessary component of the country’s cybersecurity efforts.

 

Monaco noted that recent cyber attacks on big names including retailers like Target and Home Depot, entertainment companies like Sony Pictures Entertainment, and even the U.S. Postal Service have underscored the importance of a comprehensive and cohesive approach to cybersecurity efforts. From IT News:

 

‘We are at a transformational moment in the evolution of the cyberthreat,’ she said. ‘The actions we take today — and those we fail to take — will determine whether cyberspace remains a great national asset or increasingly becomes a strategic liability, an economic and national security strength, or a source of vulnerability.’

 

Monaco also used the opportunity to call on Congress, “to pass a package of new cybersecurity proposals from Obama, including a national data breach notification law and a law to encourage private businesses to share information about cyberthreats in exchange for protections from customer lawsuits.”

 

IT Security from DHA

 

Cybersecurity is important at every level. From national interests to the interests of private enterprises, cybersecurity is a critical component of the operations of any body. With our third party IT support, DHA offers a comprehensive approach to cybersecurity, including ISO, network and physical security, critical infrastructure protection, and risk and vulnerability management (penetration testing). Don’t risk the loss of valuable information or assets to a cyber attack. Implement an IT security solution with DHA to protect your agency’s or enterprise’s critical data.

 

cybersecurity

 

To learn more about IT security, contact DHA today. An award-winning management consulting and contracting firm primarily serving federal, civilian and defense agencies, DHA group supports clients’ mission-critical work by delivering expert professional services. Follow us on social media on FacebookLinkedInTwitter or Google+.

 

Source

http://www.itnews.com/government/89393/new-us-cyberthreat-center-will-fill-information-gap-official-says

 

 

White House Network Breached By Hackers

Wednesday, October 29th, 2014

 

The Washington Post reported that hackers believed to be working for the Russian government breached the unclassified computer networks in the White House within the past month.

 

There was no official statement from the White House, but officials spoke on the condition of anonymity to Post and confirmed that the breach had occurred and the investigation is ongoing. Officials say that there was no damage done, and stated that there was no evidence to suggest the White House’s classified network was hacked. Officials did not comment on the alleged identity of the hackers. According to the Post:

 

Recent reports by security firms have identified cyber-espionage campaigns by Russian hackers thought to be working for the government. Targets have included NATO, the Ukrainian government and U.S. defense contractors. Russia is regarded by U.S. officials as being in the top tied of states with cyber-capabilities.

 

It is also believed that Russian intelligence was behind an intrusion into the networks of the U.S. military in 2008, a breach which took months to contain and clean up.

 

There was minor disruption of regular services as White House staff dealt with the intrusion.

 

IT Security from DHA

 

From the White House to private enterprise, IT security is of the utmost importance. In a world where hacking and intrusions are inevitable, your organization’s networks must always be protected. External threats can compromise sensitive data and damage the integrity of your operation. DHA offers comprehensive IT support for civilian and federal agencies which includes IT security. From critical infrastructure protection to risk and vulnerability management, DHA can help keep your networks safe and secure.

 

White House network hack

An award-winning management consulting and contracting firm primarily serving federal, civilian and defense agencies, DHA group supports clients’ mission-critical work by delivering expert professional services. Follow us on FacebookLinkedInTwitter and Google+.

Source

http://www.washingtonpost.com/world/national-security/hackers-breach-some-white-house-computers/2014/10/28/2ddf2fa0-5ef7-11e4-91f7-5d89b5e8c251_story.html

 

Cyber Attack Highlights Importance of Cyber Security

Monday, July 7th, 2014

 

Cyber attacks have become commonplace in today’s digital sphere, a fact that serves to underscore the importance of a coordinated cyber security strategy for any operation. A reminder of this came this week as a hacker group based in Tunisia made public its intent to begin a cyber attack on banks and airport computer systems in the United States.

 

The group, known as The Tunisian Hackers Team, took credit for a previously attempted attack on U.S.-based banks in 2013, and this week plans to attempt new cyber attacks on more banks. The group is demanding that the U.S. remove its military presence from several countries in the Middle East.

 

According to the Steven Stalinksky, Executive Director of the Middle East Media Research Institute, the hackers capabilities are unknown, but should be taken seriously and suggest that more cyber attacks from hacker groups based in the area are imminent. Quoted in Homeland Security Today, Stalinksy noted:

 

It’s unclear how strong the THT’s capabilities really are – but their warning that they will be working to gain control of American airport computer and communication systems should be taken seriously by homeland security officials. These types of threats by Middle East and South Asia cybergroups are the new norm and will only be increasing in the future.

 

Cyber security is critical for any sensitive operation where asset protection is of the highest importance. DHA provides ISO, network and physical security, critical infrastructure protection, as well as risk and vulnerability management through penetration testing in order to safeguard the IT aspects of your operation. Cyber security will only continue to grow in importance, which is why it’s important to take preventative measures now and provide the maximum protection available for your operation. Contact us today for more information.

 

cyber security

 

About DHA Group, Inc.

DHA Group, Inc., headquartered in Washington, D.C., is an award-winning management consulting and contracting firm primarily serving federal civilian and defense agencies. DHA Group supports clients’ mission-critical work by delivering expert professional services. Since DHA Group’s 1994 founding, our ability to improve productivity, cost effectiveness and efficiency has contributed to significant corporate growth and earned us a reputation for quality, value and excellence. For more information about Cyber Attack Highlights Importance of Cyber Security, please visit us atwww.dha-inc.com or call 202-347-9865, or join the conversation on FacebookLinkedInTwitter or Google+.

Source

http://www.hstoday.us/briefings/daily-news-analysis/single-article/exclusive-tunisian-hackers-announce-cyber-jihad-against-us-banks-airport-computer-systems/7c3d2373e69fa9319e521816ce539b7d.html

 

What to Do If You’re Keeping Windows XP

Friday, June 13th, 2014

Windows XP has been without support from Microsoft for about 2 months now, but there are still some fans of the operating system who have decided to continue using it. Despite concerns over its vulnerability to threats, “Computerworld has projected that the old OS will still run between 33% and 34% of the world’s personal computers at the end of April 2014.” Running an operating system without support entails a certain amount of risk, but sometimes other factors such as budgetary constraints prohibit the immediate upgrade of an operating system. If you’re keeping Windows XP on your machine or machines for the time being, here are some steps you need to take to minimize your machines’ vulnerability or threats.

What to Do If You’re Keeping Windows XP

Install

First things first, you’ll want to install the last XP update. You’ll also want to install a new internet browser for its security features, because XP only supports IE 9, not 10 or 11. Get current firewalls and anti-virus software on the machine. If you have Microsoft Office, patch it fully to the latest version.

Uninstall

Third-party software and browser plugins may be vulnerable, so the best thing to do is uninstall them. Make sure to set the browser to ask you what to do with PDFs instead of opening them by default, which could carry viruses or malware.

Network

If possible, isolate machines running XP on separate networks. If an attack makes it through a vulnerable XP machine, it could easily spread to other computers on the network. Use an NAT router on the network as well to take advantage of its firewall capabilities.

windows XP

About DHA Group, Inc.

DHA Group, Inc., headquartered in Washington, D.C., is an award-winning management consulting and contracting firm primarily serving federal civilian and defense agencies. DHA Group supports clients’ mission-critical work by delivering expert professional services. Since DHA Group’s 1994 founding, our ability to improve productivity, cost effectiveness and efficiency has contributed to significant corporate growth and earned us a reputation for quality, value and excellence. For more information about What Are the Benefits of Consulting Services from DHA?, please visit us atwww.dha-inc.com or call 202-347-9865, or join the conversation on FacebookLinkedInTwitter or Google+.

Sources

http://www.itworld.com/windows/368839/xps-retirement-will-be-hacker-heaven?source=spotlightpromo

http://www.itworld.com/software/408137/9-must-dos-if-you-must-stick-windows-xp?source=spotlightpromo

eBay is the Latest Victim of a Data Breach

Thursday, May 22nd, 2014

 

The online auction site eBay is the latest to fall victim to an extensive data breach. The data breach compromised the passwords of all 112 million users of the site. Other data that was exposed includes:

 

  • Names
  • Email addresses
  • Phone Numbers
  • Addresses
  • Date of Birth

 

According to officials, no other information, such as debit or credit card numbers, was exposed. In addition, PayPal data was not breached, as it is stored on a separate, more secured network. Still, users have been encouraged to change their passwords as soon as possible, and to use a password that is different than the passwords they use on other sites.

 

The breach occurred earlier this year in February and March, “when attackers got their hands on a group of employee log-in credentials that allowed access to the database housing encrypted passwords. It wasn’t until two weeks ago that eBay became aware of this breach due to a detailed forensic analysis,” according to Security Today.

 

According to zdnet, eBay had recently voiced to the Australian Law Reform Commission that it is not in favor of statutory action as a result of privacy breaches. “The Australian Law Reform Commission was tasked last year to review serious invasions of privacy in the digital era, and potential statutory causes of action against companies or individuals in cases of privacy breaches. In a submission to the inquiry, eBay’s acting head of corporate affairs Sassoon Grigorian said that given the company’s own approach to privacy, such an action ‘need not be considered at this point.’”

eBay data breach

About DHA Group, Inc.

DHA Group, Inc., headquartered in Washington, D.C., is an award-winning management consulting and contracting firm primarily serving federal civilian and defense agencies. DHA Group supports clients’ mission-critical work by delivering expert professional services. Since DHA Group’s 1994 founding, our ability to improve productivity, cost effectiveness and efficiency has contributed to significant corporate growth and earned us a reputation for quality, value and excellence. For more information about What Are the Benefits of Consulting Services from DHA?, please visit us atwww.dha-inc.com or call 202-347-9865, or join the conversation on FacebookLinkedInTwitter or Google+.

Sources

 

http://security-today.com/articles/2014/05/21/massive-cyberattack-steals-ebay-user-data.aspx

http://www.zdnet.com/ebay-argued-against-stronger-privacy-breach-penalties-7000029755/

 

Heartbleed Bug Information for Washington D.C. Internet Users

Friday, April 11th, 2014

Heartbleed bugIf you’ve been paying attention to the media lately, you’ve probably heard a lot about the Heartbleed Bug, but there’s a good chance that you haven’t actually learned a whole lot about it that makes sense. Media outlets tend to report in a way that is more confusing than anything. If you have an account on any social media or major website, you need to be aware of what the Heartbleed Bug affects as well as what precautions you can take against it.

What is the Heartbleed Bug?
This is a programming error that allows hackers to easily get past the OpenSSL Certificates that Internet pages use to keep information encrypted and safe. Basically, it allows people to easily steal usernames and passwords, thereby getting any and all information that they want. They can also pose as the company, sending out email under the company name and asking you to do things like change your password or other information. It’s important that you’re diligent in paying attention to what comes through your email. Don’t trust anything that isn’t directly on the website.

What information is being leaked as a result of the Heartbleed Bug?
First and foremost, encryption keys are being leaked. These are what makes the Heartbleed Bug so dangerous. It wouldn’t be such a big deal if people weren’t able to impersonate websites themselves. Usernames, passwords, content, and details are also being leaked. Obviously this is an issue for many websites. Some use a different kind of certificate and are protected and some have already started patching and using an upgraded version of OpenSSL that isn’t vulnerable; however, some websites are still vulnerable and you should be aware of this. For a list of websites and their current status in regards to the Heartbleed Bug, you can visit this website

How can I protect myself and my information?
Currently, changing your password is pretty useless in the whole scheme of things. Since the Heartbleed Bug hasn’t been entirely patched yet, your new password could easily be grabbed by the bug. Your best bet is to be careful about what information you put out on the Internet and take down anything you don’t want seen (i.e. credit card numbers, etc). If you’re going to change your password, change it to something strong using a combination of capital and lower case letters, numbers, and symbols.

You can’t protect yourself from everything that goes wrong with the Internet, but you can protect yourself from some things. Employing strong security measures will help protect you from things like viruses, malware, and spyware. Make sure you know how to protect your computer and your information.

DHA Group, Inc., headquartered in Washington, D.C., is an award-winning management consulting and contracting firm primarily serving federal civilian and defense agencies, such as the Department of Justice, including the Federal Bureau of Investigation; the U.S. Army; the Defense Logistics Agency; and the U.S. Patent and Trademark Office. DHA Group supports clients’ mission-critical work by delivering expert professional services, including program management, procurement and acquisition support, project and budget management, information assurance and cyber-security, information technology modernization and sustainment, data integration and information sharing, eDiscovery, systems engineering and business process reengineering. Since DHA Group’s 1994 founding, our ability to improve productivity, cost effectiveness and efficiency has contributed to significant corporate growth and earned us a reputation for quality, value and excellence. For more information about The Heartbleed Bug, please visit us at www.dha-inc.com or call 202-347-9865, or join the conversation on FacebookLinkedInTwitter or Google+.

Source: http://heartbleed.com/

Are You Protected From Cybersecurity Threats?

Friday, April 4th, 2014

How important is cybersecurity in today’s increasingly cyber world? Well, a recent Lockheed Martin Cyber Security Alliance survey of federal, defense/military, and intelligence agencies found that 85% of respondents see cybersecurity as a high priority. And while most agencies believe they are “well prepared” to handle cyber threats, these agencies are constantly striving to improve the cyber efforts, including investments in mobile device initiatives, cloud computing, and more.177002377

Cybersecurity Threats

  • Malware
  • Phishing
  • Data Leaks
  • Cyber Espionage
  • Mobile
  • Misuse
  • Hacking
  • Spam
  • Social
  • Insider
  • And more!

“Government’s challenge is two-fold, adopting transformational technologies to help reduce operating costs while also keeping systems and data safe,” said Rick Johnson, Vice President and Chief Technology Officer, Lockheed Martin Information Systems & Global Solutions. “Our Lockheed Martin Cyber Security Alliance partners are keenly focused on collaboration and innovation to provide seamless end-to-end security with affordability in mind.”

Cybersecurity and your Business

What has your business done to protect itself from cyber threats?

While you may think you are safe, the truth is that hackers are beginning to target small and medium-sized businesses even more than larger businesses and government agencies. Why? Because, unlike government agencies and large Fortune 500 companies, smaller businesses typically do not have the cybersecurity measures in place to protect their critical data.

So what are you doing to protect your business?

DHA can help ensure your organization is keeping pace with technological advancements by applying new technologies with intelligence. At DHA, we are experienced at providing IT Security support services within and around Federal Government systems and networks, and can help ensure the safety of your most critical IT assets. Our cybersecurity services include:

  • Vulnerability Assessment: This is the process of identifying and quantifying vulnerabilities in a system.
  • Penetration Testing: This is the process of simulating a cyber-attack by a hacker. The process involves an active analysis of the system for any weaknesses, technical flaws or vulnerabilities.

If you have any questions regarding Cybersecurity and IT Security, please contact DHA by visiting DHA-Inc.com today!

Innovative IT solutions are at the core of modern business, and robust, scalable models are necessary to achieve long-term success.

You can also follow DHA on FacebookTwitterLinkedIn, and Google+.

What Is The Importance of Anti-Virus Software?

Friday, March 21st, 2014

Most computer users blindly download, install, and ascribe to an anti-virus program without actually fully understanding the necessity of such software. At DHA Group Inc., we care about your safety and want to ensure your business, files, and computers remain safe and functioning smoothly.In between spaces

What are threats?

Malware, short for “malicious software,” is the catchall phrase for potentially damaging threats to your computer: viruses, trojan horses, worms, spyware, and the like. Generally this software is created to either disrupt or worse – destroy – files and programs on your computer.

What happens when malware infects your computer?

Without a reliable anti-virus program, your infected computer often becomes unusable, requiring the hard drive to be wiped clean, and your computer’s operating system reinstalled. To avoid lost data and a dysfunctional system, effective malware-combatants are necessary.

What does Antivirus software do?

Antivirus software serves double duty, both removing preexisting malware and working to prevent them from occurring in the first place. Taking the precaution against harmful viruses will save you money and time in the long run, protecting your computer and by extension, your business. Let the Information Technology professionals at Working Nets, Inc. help you do just that, by outsourcing your computer support needs from our company.

About DHA Group, Inc.

DHA Group, Inc., headquartered in Washington, D.C., is an award-winning management consulting and contracting firm primarily serving federal civilian and defense agencies, such as the Department of Justice, including the Federal Bureau of Investigation; the U.S. Army; the Defense Logistics Agency; and the U.S. Patent and Trademark Office. DHA Group supports clients’ mission-critical work by delivering expert professional services, including program management, procurement and acquisition support, project and budget management, information assurance and cyber-security, information technology modernization and sustainment, data integration and information sharing, eDiscovery, systems engineering and business process reengineering. Since DHA Group’s 1994 founding, our ability to improve productivity, cost effectiveness and efficiency has contributed to significant corporate growth and earned us a reputation for quality, value and excellence. For more information about DHA Group and its capabilities, please visit us at www.dha-inc.com, call 202-347-9865, or join the conversation on FacebookLinkedInTwitter or Google+.

Source:

The Importance of Antivirus and Security Software