Nearly a Billion Records Were Compromised in 2014

CIO Magazine | Nov 17, 2014

In first nine months of 2014, after 1,922 confirmed incidents, criminals managed to compromise 904 million records.  “Businesses today have a maze of complex dependencies on outside service providers and suppliers. This makes a complex attack surface, and that in turn makes defenses weak. The more complex our infrastructure, the harder it is for defenders to see it all and understand its weaknesses,” commented Dr. Mike Lloyd, CTO at RedSeal.

Microsoft’s Newest Security Flaw

Government Technology Magazine | Nov 12, 2014

Better late than never.  The software company patched a security flaw affecting Windows and Office on Nov. 11 that has been sitting in plain sight for 19 years.

“It’s too early to know what the impact of this will be”, said Stephen Hultquist, chief evangelist at Redseal Networks.

Cybersecurity Industry Experts Weigh in on Alleged Russian Breach of White House

Homeland Security Today | Nov 3, 2014

Cybersecurity experts said they aren’t at all surprised hackers US officials believe work for the Russian government were able to hack into at least unclassified White House computer networks in recent weeks.

“The reconnaissance attack on the White House is a dramatic reminder of a general truth: whenever we look for any kind of attack, we find that yes, indeed, it is happening,” said Dr. Mike Lloyd, CTO at RedSeal, a provider of end-to-end network visibility and analytics to prevent cyber attacks.

White House cyber breach one example of ‘daily’ attacks

Federal Times | Oct 30, 2014

A recent breach of the White House’s unclassified network caused a minor disruption in staffers’ workflows this week as security officials moved to mitigate disruption and any loss of data.

“Whenever we look for any kind of attack, we find that yes, indeed, it is happening,” according to Mike Lloyd, CTO at cybersecurity firm RedSeal, who described the recent breach as akin to “casing the joint.”

The White House breach

Federal Computer Weekly | Oct 29, 2014

Officials acknowledged that hackers breached the White House’s unclassified computer networks in the past few weeks, and a Washington Post report says the Russian government was the likely culprit.

Mike Lloyd, chief technology officer at RedSeal, said modern malware is often designed to do as little as possible in order to avoid detection.

“Adversaries understand the value of good information, of maps and the relationship of assets,” Lloyd said. “Such information can be extracted with a minimum of fuss, unless the person being scanned is very diligent and observant.”

PCI Compliance Under Scrutiny Following Big Data Breaches

CIO Magazine | Oct 22, 2014

As details filter out about the Home Depot hack (and many, many more data breaches), you can’t help but ask: How did this happen – especially when the company was supposed to adhere to specific safety regulations or else lose its capability to process credit card transactions?

That said, PCI standards aren’t perfect against preventing fraud. Mike Lloyd, CTO of RedSeal, a security risk management solutions firm, equates it to signs in bathrooms that tell employees they must wash their hands before returning to work.

APPLE support doc CONFIRMS ‘ORGANIZED NETWORK ATTACKS’

The Register | Oct 22, 2014

Apple is warning its iCloud users over heightened spying risks following the discovery of attacks which security watchers have claimed are down to crude snooping by the Chinese government.

Steve Hultquist, chief evangelist at network visibility and analytics firm RedSeal, opined: “China uses a nationwide firewall system through which they force all internet traffic to pass so they can filter both what enters and what leaves China.”

Why Some Small Businesses Love Hack Attacks

Inc. | Oct 7, 2014

For Aaron Lee, problems with his JP Morgan Chase business bank account started in mid-September, just a few weeks before the nation’s largest bank announced to the world that information related to 80 million of its consumer accounts and 7 million business accounts had been hacked.

A number of Silicon Valley startups are working on solutions, including some that have developed behavioral analytics tools that can crunch big data to do things like identify normal worker behavior, and flag abnormal activity that could be related to a security breach.

In fact, many of the people who start these new companies hail from federal entities such as the National Security Agency and Central Intelligence Agency, says Ray Rothrock, a venture capitalist who jumped ship from Venrock Ventures to run security company RedSeal Networks in February.

JPMorgan’s Supersize Data Breach Hits 76 Million Households

Bloomberg Businessweek | Oct 3, 2014

The biggest U.S. bank said that a breach of its systems, first reported by Bloomberg News in late August, has affected 76 million households and 7 million small businesses.

“The fact that JPMorgan Chase could be breached should send a shiver of fear through every organization on the planet,” says Steve Hultquist, chief evangelist at RedSeal Networks, a cybersecurity company.

What to do in the aftermath of the JPMorgan breach

CSO Magazine | Oct 3, 2014

The compromise of 10s of millions of JPMorgan Chase accounts poses the greatest risk of phishing attacks on consumers and small businesses, experts say.

“Any small business who is already a customer of JPMC should make sure all their employees are aware that the breach happened, and be specifically careful to make sure that anything that looks like communication from JPMC is actually from the bank,” Mike Lloyd, chief technology officer for RedSeal, said.