by Chris H Chris H No Comments

Ukrainian Military says they hacked Russia’s federal tax agency

The Ukrainian government’s military intelligence service says it hacked the Russian Federal Taxation Service (FNS), wiping the agency’s database and backup copies.

Following this operation, carried out by cyber units within Ukraine’s Defense Intelligence, military intelligence officers breached Russia’s federal taxation service central servers and 2,300 regional servers across Russia and occupied Ukrainian territories.

Read more:

by Chris H Chris H No Comments

World’s Fastest Academic Supercomputer Unveiled in Texas

The Texas Advanced Computing Center at the University of Texas at Austin unveiled Frontera—the fastest supercomputer at any university and the fifth most powerful supercomputing system in the world. 

Funded through a $60 million award from the National Science Foundation and officially launched Tuesday, the system will support U.S. and international research teams as they work to solve some of the world’s most massive advanced computational challenges.

“The system itself is a remarkable system,” John West, TACC’s director of strategic initiatives and co-principal investigator on Frontera, told Nextgov. “It’s an incredible opportunity for open science to have access to a resource at this scale so that investment by the National Science Foundation is going to be incredibly important for discovery and innovation going forward.”

West, who previously led the Defense Department’s high-performance computing modernization program and was once responsible for supercomputing research and development across the agency’s enterprise, explained that NSF works with a variety of cyber-infrastructure providers across the country because running such state-of-the-art systems is incredibly resourced and facility intensive. It also requires a great deal of floor space and immense amounts of power and cooling. 

TACC already has several large-scale computing systems—including the 19th fastest system in the world, Stampede2—that solve a variety of highly complex computational jobs. But Frontera— Spanish for “frontier” and an allusion to the title of a 1945 report to President Harry Truman that led to the creation of NSF—will power even more cutting-edge discoveries. 

“Frontera is different,” West said. “Its audience is really those scientists that need the most capable computational resources, so it will run less of a mix of jobs, focusing instead on scientists at the very tip of computational capability that we can provide today.” 

Through a solicitation first awarded in 2018, the system aims to act as a resource not just to UT students but to the entire open science community, meeting the needs of some of the most massive science and engineering computational experiments that need to be performed. West and his team at TACC have been constructing the system all year. The system will operate for at least five years and in that time it will likely be used by thousands of researchers across nearly all fields of science. 

“The focus is on supporting the entire research enterprise so it is across all the scientific disciplines,” West said. “And this is not just a UT resource, this is a resource for scientists all over the world to use.”

Those who want to run research on the system—and who can prove that they require a computer at Frontera’s scale to solve their problems—will be selected to use it through a competitive application process. The gigantic machines are fairly specialized to run and are highly complex in their analysis and applications, so TACC has specialists on hand to support researchers who will work directly with it. Faculty from the university’s Oden Institute for Computational Engineering and Sciences, with partners from other schools including the California Institute of Technology, Ohio State University, Princeton University, the University of Chicago, the University of Utah and others will lead Frontera’s science applications and technology team.

“The idea here is not only provide the machine but provide the expertise that science needs to make use of the machine,” he said. 

Read the rest:

by Chris H Chris H No Comments

IRS Warns of New Imposter Scam That Spreads Malware

Online bad actors are impersonating tax collectors to spread malware and potentially gain access to people’s computers, according to the IRS.

Last week, agency officials warned taxpayers to watch out for a new phishing campaign involving fraudsters disguised as IRS agents. The agency does not send taxpayers emails out of the blue, they said, so all unsolicited messages should be viewed with suspicion.

As part of the scam, imposters send taxpayers emails claiming to contain information about their refunds, electronic returns or online accounts, according to agency officials. The emails include links to websites that closely resemble, as well as temporary passwords that supposedly allow recipients to access their relevant files. 

When people access those files, however, they release malware that could allow fraudsters to gain control of users’ computer or covertly download spyware that obtains sensitive passwords and accounts. The scam relies on dozens of spoofed web addresses, which makes difficult to shut down, officials said.

Officials noted the IRS doesn’t request personal or financial information—including PINs, passwords or other account credentials—from taxpayers through email, text message or social media. The agency also doesn’t contact people demanding immediate payment through gift cards, prepaid debit cards or wire transfers, they said, so taxpayers should be wary of any such attempts.

While the agency has made significant strides in reducing taxpayer identity theft in recent years, officials said phone and email scams by IRS imposters still pose a significant threat to taxpayers.

“This latest scheme is yet another reminder that tax scams are a year-round business for thieves,” IRS Commissioner Chuck Rettig said in a statement. “We urge you to be on-guard at all times.”


by Chris H Chris H No Comments

These 6 Principles Helped Navy Federal Deliver Superior Customer Experience

Navy Federal Credit Union continually receives accolades for the top-notch customer experience it provides its more than 8 million members, most recently ranking as the top multi-channel bank or credit union in Forrester’s Customer Experience Index.

But the credit union’s customer experience strategy is not particularly complex, according to 

Ryan Fairley, assistant vice president of Omni Channel Strategy and Innovation at Navy Federal. Speaking Aug. 15 at Nextgov’s Digital Citizen Summit, Fairley said the credit union instead bases member-focused decisions on six customer experience principles. 

Developed in-house and in concert with its chief executive officer, Fairley said the principles “really are our anchor point for everything we do.” 

  1. Show me you know me. Fairley said there is no excuse nowadays for not knowing who customers are and differentiating services based on their unique needs. “Data is king,” Fairley said. “We have a lot of data on members, and they expect that we will understand why they came here today and know what they need.”
  2. Keep it simple. There are so many tech platforms and shiny objects organizations and agencies can buy, but Fairley said simplicity is key. For example, Navy Federal revamped its mobile application two years ago—a major effort considering it handles 100 million logins per month. The credit union went through 17 rounds of focus group and iterative development before it finalized tweaks to the app, ensuring users—and not necessarily stakeholders—had their voices heard. Fairley said Navy Federal reorganized the 178 things users can do in the app based on their feedback, moving some up the hierarchy and some down. The end result? Fairley said some app features saw usage uptick rates of more than 400% in the new app.
  3. Do it for me. The less users have to worry about, the better. Fairley said technologies like artificial intelligence, machine learning and analytics give organizations opportunities to perform better services for customers. “This has become more of an aspirational experience principle,” Fairley said. “There are more and more things we should be able to do for you.”
  4. Tell me what’s next. When users come to the credit union with an issue, the last thing they want is more uncertainty or confusion, Fairley said. Whether users are engaging with people in person or an application, they need to know what’s next. “Don’t make me guess, don’t make me come back, don’t make me have a second contact,” Fairley said. “The first contact resolution is important in telling users what’s next”
  5. Help me feel secure and in control. Navy Federal users check on their money an average of 27 times per month, and Fairley said it goes without saying that they should be able to do so safely and securely. But security isn’t as much a given as it should be, and the recent Capital One breach is evidence of that.   “We’ve seen headlines recently of things that can compromise people’s sense of feeling in control,” Fairley said.
  6. Tech should be as friendly as people. Navy Federal has an 85-year history as a member services organization, and for the vast majority of those years, customers engaged the credit union in person. Technology has changed that. Now, 20 percent of its users interact with Navy Federal exclusively through digital channels, foregoing the human quotient in favor of technological ease of use. “How do we create the same connection to our brand if they only touch us through our technology?” Fairley said. “Anybody who has worked with our member service reps walk away feeling that much stronger of a connection to us. It’s a real challenge we put on ourselves to think about making our technology as friendly as our people.”


by techce8_wp techce8_wp No Comments

8 Cyber Security Best Practices For Your Small To Medium-Size Business

8 Cyber Security Best Practices for Business

It’s easy to think that because you have a small business, cybercriminals will pass over attacking your company. The “not much to steal” mindset is common with small business owners in regards to cyber security, but it is also completely incorrect and out of sync with today’s cyber security best practices.

In reality, the U.S. Congressional Small Business Committee found that 71 percent of cyber-attacks happened at businesses with less than 100 employees. Even more concerning, the 2016 State of SMB CyberSecurity Report by Ponemon and @Keeperfound that 50 percent of SMBs have had a security breach in the past year.

But why are small businesses attacked more often than larger businesses? Almost all cyber-attacks are to obtain personal data to use in credit card or identify theft. While larger enterprises typically have more data to steal, small businesses have less secure networks, making it easier to breach the network. by IDG’s article “Why criminals pick on small businesses” says that by using automated attacks, cybercriminals can breach thousands or more small businesses, making the size less of an issue than the network security.

The article says that lack of time, budget and expertise for proper security is a top reason for the high rate of SMB attacks. Other reasons include not having an IT security specialist, not being aware of the risk, lack of employee training, not updating security programs, outsourcing security and failure to secure endpoints.

How can your business avoid being a victim of a cyber-attack? Here are 8 cyber security best practices for business you can begin to implement today.

1. Use a firewall

One of the first lines of defense in a cyber-attack is a firewall. The Federal Communications Commission (FCC) recommends that all SMBs set up a firewall to provide a barrier between your data and cybercriminals. In addition to the standard external firewall, many companies are starting to install internal firewalls to provide additional protection. It’s also important that employees working from home install a firewall on their home network as well. Consider providing firewall software and support for home networks to ensure compliance.

2. Document your cybersecurity policies

While small businesses often operate by word of mouth and intuitional knowledge, cyber security is one area where it is essential to document your protocols. The Small Business Administration (SBA)’s Cybersecurity portal provides online training, checklists, and information specific to protect online businesses. The FCC’s Cyberplanner 2.0provides a starting point for your security document. Consider also participating in the C3 Voluntary Program for Small Businesses, which contains a detailed toolkit for determining and documenting cyber security best practices and cyber security policies.

3. Plan for mobile devices

With 59 percent of businesses currently allowing BYOD, according to the Tech Pro Research 2016 BYOD, Wearables and IoT: Strategies Security and Satisfaction, it is essential that companies have a documented BYOD policy that focuses on security precautions. With the increasing popularity of wearables, such as smart watches and fitness trackers with wireless capability, it is essential to include these devices in a policy. Norton by Symantec also recommends that small businesses require employees to set up automatic security updates and require that the company’s password policy apply to all mobile devices accessing the network.

4. Educate all employees

Employees often wear many hats at SMBs, making it essential that all employees accessing the network be trained on your company’s network cyber security best practices and security policies.

Since the policies are evolving as cybercriminals become savvier, it’s essential to have regular updates on new protocols. To hold employees accountable, have each employee sign a document stating that they have been informed of the policies and understand that actions may be taken if they do not follow security policies.

5, Enforce safe password practices

Yes, employees find changing passwords to be a pain. However, the Verizon 2016 Data Breach Investigations Report found that 63 percent of data breaches happened due to lost, stolen or weak passwords. According to the Keeper Security and Ponemon Institute Report, 65 percent of SMBs with password policies do not enforce it.  In today’s BYOD world, it’s essential that all employee devices accessing the company network be password protected.

In the Business Daily article “Cybersecurity: A Small Business Guide,” Bill Carey, vice president of marketing and business development at Siber Systems, recommended that employees be required to use passwords with upper- and lowercase letters, numbers and symbols. He says that SMBs should require all passwords to be changed every 60 to 90 days.

 6. Regularly back up all data

While it’s important to prevent as many attacks as possible, it is still possible to be breached regardless of your precautions. The SBA recommends backing up word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files.  Be sure to also back up all data stored on the cloud. Make sure that backups are stored in a separate location in case of fire or flood. To ensure that you will have the latest backup if you ever need it, check your backup regularly to ensure that it is functioning correctly.

7. Install anti-malware software

It’s easy to assume that your employees know to never open phishing emails. However, the Verizon 2016 Data Breach Investigations Report found that 30 percent of employees opened phishing emails, a 7 percent increase from 2015. Since phishing attacks involve installing malware on the employee’s computer when the link is clicked, it’s essential to have anti-malware software installed on all devices and the network. Since phishing attacks often target specific SMB employee roles, use the position-specific tactics outlined in the article “5 Types of Employees Often Targeted by Phishing Attacks” as part of your training.

8. Use multifactor identification

Regardless of your preparation, an employee will likely make a security mistake that can compromise your data. In the PC Week article “10 Cyber Security Steps Your Small Business Should Take Right Now,” Matt Littleton, East Regional Director of Cybersecurity and Azure Infrastructure Services at Microsoft, says using the multi-factor identification settings on most major network and email products is simple to do and provides an extra layer of protection. He recommends using employees’ cell numbers as a second form, since it is unlikely a thief will have both the PIN and the password.

Security is a moving target. The cyber criminals get more advanced every day. In order to protect your data as much as possible, it’s essential that each and every employee make cyber security a top priority. And most importantly, that you stay on top of the latest trends for attacks and newest prevention technology. Your business depends on it.

Source: Cox Business