The compromise of hundreds of payment cards, apparently tied to fraud worldwide, has been linked to a network hack affecting an Arizona supermarket chain. And the attack involved a new kind of malware, the chain says.
Although hacktivists announced suspension of DDoS attacks against banks, other industries are now getting hit, and banks can't afford to get complacent because of the fraud risk, says security specialist Bill Stewart.
"We felt that it was very important to come out with this and say this was how easy it is for them to break into any U.S. company, and here's how they're doing it," The New York Times' Nicole Perlroth says.
A quick glance at a new survey suggests that businesses care more about protecting the privacy of their customers than governments do about their citizens. That's what the numbers say. But the numbers don't necessarily tell the whole story.
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
"We're going to have to find a way to address the interests of other states to ... find common ground," Secretary of State John Kerry says. "We're just going to have to dig into it a lot deeper. I don't have a magic silver bullet to throw at you here today."
The FFIEC has issued proposed risk management guidance for the use of social media. Find out about the key recommendations, and why experts say the guidance could prove valuable to banking institutions.
Hacktivists on Jan. 22 threatened more DDoS attacks against U.S. banks and claimed they recently hit three institutions. Despite banks' improvements in staving off online outages, the longevity of the attacks is concerning, experts say.
It's not malware, crime rings or hacktivists. What, then, are among the threats that concern security leaders most? CISO Tom Newton offers new insight on today's top threats and strategies to combat them.
Banks have improved DDoS defenses, but ensuring ongoing online reliability requires a more offensive measure - one that rids the Internet of vulnerable sites that can too easily be used for bot traffic.