For those in the oil and gas industry or others with any type of SCADA devices (e.g. electric, water, sewer), we have received numerous notifications on the Havex Trojan. To date we have not supported any incidents involving this threat, but TRUE does understand the challenges Industrial Control Systems present to these organizations. The days of “air gap” are of the past.
In the course of a recent incident response engagement, I ran into a hard-to-track-down problem involving imaging a drive. I was using a forensically sound hardware ATA drive imager (the awesome DiskJockey Pro Forensic edition), and was attempting to make several copies of a 2.5″ 250GB SATA Western Digital laptop drive that had a single Windows XP NTFS partition. The client had no similarly sized drives available, so our destination disks were brand new Western Digital Scorpio Blue 500GB 2.5″ SATA drives. 250GB can be copied by the DiskJockey in under an hour, so we figured this was going to be a two or three hour process. Oh, how wrong we were…Read more
Not to make light of the gravity of the event, but here we go again – Consumers are subjected to another round of warnings about yet another credit card information breach! Unfortunately, these data breach warnings are in danger of becoming as common as the daily weather report. This time the source of the breach, which affects Visa and MasterCard credit and debit cards, has been laid at the feet of Atlanta-based payment processor Global Payments. Global Payments self-reported that unauthorized access into its processing system had indeed taken place earlier this year.
Most organizations are going to experience a computer security incident each year. Those organizations that don’t experience an incident only avoid doing so by being blind to what is going on in their information systems. If you are even casually looking at your computers and networks, you will find incidents. Read more