Welcome!

Java IoT Authors: AppDynamics Blog, Pat Romanski, Liz McMillan, Elizabeth White, Akhil Sahai

News Feed Item

KnowBe4 Says South Carolina Department of Revenue Hack Could Have been Prevented

The South Carolina Dept. of Revenue was recently hacked, but Security Awareness Training Company, KnowBe4, says the attack was unnecessary and could have been prevented.

CLEARWATER, Fla., Nov. 26, 2012 /PRNewswire/ -- In August 2012, yet not reported until October, one malicious email opened by an employee of the South Carolina Department of Revue caused a massive cyberattack – theft of 3.8 million tax returns, Social Security numbers of 1.9 million people, access to data on 699,900 business tax returns and 3.3 million bank accounts, according to NBC.com. KnowBe4, an internet security awareness training firm, says that attacks like this could be prevented by training employees not to fall for attacks by hackers using phishing emails.

An international hacker sent South Carolina Department of Revenue employees an email containing an embedded link to a website infected with malware. Unfortunately, one employee unknowingly clicked on the link (1). From that one click, the cybercriminal was able to steal the employee's "secure" user name and password. For weeks after, the cybercriminal started copying large amounts of information and transferring them onto zip files that were transferred outside of the system.

Stu Sjouwerman, CEO and founder of KnowBe4, states that attacks like this can be prevented and millions of dollars, accounts, and identities can be safeguarded. KnowBe4 specializes in protecting governmental agencies against cybercrime. "The hacker literally got into the [South Carolina] system just by one single email that was clicked on," Sjouwerman commented. "We have been noticing that infrastructure companies and government organizations have not yet taken the necessary employee security awareness training to prevent cyberattacks."

Sjouwerman realized the best way to stop a cybercrime is to think like a hacker, so he partnered with formerly 'The World's Most-wanted Hacker,' Kevin Mitnick. Kevin Mitnick gained notoriety for penetrating the complex and highly protected computer systems of companies such as Sun Microsystems, Digital Equipment Corporation, Pacific Bell, and Motorola. Today, he applies his vast knowledge of social engineering, phishing tactics, and network vulnerabilities as a good-guy, consulting for the Fortune 100, and sometimes the very companies he attacked.

KnowBe4 and Kevin Mitnick developed Kevin Mitnick Security Awareness Training. This security awareness training uses knowledge of the latest cybercrime tactics in real-time to train government employees from being duped by cyberattacks. The training is interactive and web-based, and includes case studies, live demonstration videos and short tests. 

"Just one click can cost an organization millions of dollars, or in this recent case, millions of stolen identities," Sjouwerman added. "Employee training is essential to prevent costly cyberattacks – [KnowBe4] has access to the world's foremost hacking expert to ensure the proper safety measures are taken."

Local governments can get started today by requesting a free phishing security test and a free email exposure check (EEC), which will reveal all email addresses that are publicly available to cybercriminals.

For more information on how KnowBe4 can protect against cybercrime, visit http://www.knowbe4.com/products/kevin-mitnick-security-awareness-training.

To view Sjouwerman's interview on CBS regarding cybercrime, visit http://www.youtube.com/watch?v=dultIFSgQS0.

About Stu Sjouwerman and KnowBe4
Stu Sjouwerman is the founder and CEO of KnowBe4, LLC, which provides web-based Internet Security Awareness Training (ISAT) to small and medium-sized enterprises.  A data security expert with more than 30 years in the IT industry, Sjouwerman was the co‑founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010.  Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training.  He and his colleagues work with companies in many different industries, including highly-regulated fields such as healthcare, finance and insurance.  Sjouwerman is the author of four books, with his latest being Cyberheist:  The Biggest Financial Threat Facing American Businesses Since the Meltdown of 2008.  Visit www.knowbe4.com or www.knowbe4.com/cyberheist-the-book.

(1)   Isikoff, Michael. NBCnews.com, November 20, 2012. "One email exposes millions of people to data theft in South Carolina," http://openchannel.nbcnews.com/_news/2012/11/20/15313720-one-email-exposes-millions-of-people-to-data-theft-in-south-carolina-cyberattack?lite=  

Media Inquiries:
Alyssa Kaplan
JoTo PR
888-202-4614
www.jotopr.com

This press release was issued through eReleases® Press Release Distribution. For more information, visit http://www.ereleases.com.

SOURCE KnowBe4

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
Whether your IoT service is connecting cars, homes, appliances, wearable, cameras or other devices, one question hangs in the balance – how do you actually make money from this service? The ability to turn your IoT service into profit requires the ability to create a monetization strategy that is flexible, scalable and working for you in real-time. It must be a transparent, smoothly implemented strategy that all stakeholders – from customers to the board – will be able to understand and comprehe...
It’s 2016: buildings are smart, connected and the IoT is fundamentally altering how control and operating systems work and speak to each other. Platforms across the enterprise are networked via inexpensive sensors to collect massive amounts of data for analytics, information management, and insights that can be used to continuously improve operations. In his session at @ThingsExpo, Brian Chemel, Co-Founder and CTO of Digital Lumens, will explore: The benefits sensor-networked systems bring to ...
SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...
"Tintri was started in 2008 with the express purpose of building a storage appliance that is ideal for virtualized environments. We support a lot of different hypervisor platforms from VMware to OpenStack to Hyper-V," explained Dan Florea, Director of Product Management at Tintri, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Identity is in everything and customers are looking to their providers to ensure the security of their identities, transactions and data. With the increased reliance on cloud-based services, service providers must build security and trust into their offerings, adding value to customers and improving the user experience. Making identity, security and privacy easy for customers provides a unique advantage over the competition.
Is your aging software platform suffering from technical debt while the market changes and demands new solutions at a faster clip? It’s a bold move, but you might consider walking away from your core platform and starting fresh. ReadyTalk did exactly that. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, will discuss why and how ReadyTalk diverted from healthy revenue and over a decade of audio conferencing product development to start an innovati...
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
Large scale deployments present unique planning challenges, system commissioning hurdles between IT and OT and demand careful system hand-off orchestration. In his session at @ThingsExpo, Jeff Smith, Senior Director and a founding member of Incenergy, will discuss some of the key tactics to ensure delivery success based on his experience of the last two years deploying Industrial IoT systems across four continents.
There will be new vendors providing applications, middleware, and connected devices to support the thriving IoT ecosystem. This essentially means that electronic device manufacturers will also be in the software business. Many will be new to building embedded software or robust software. This creates an increased importance on software quality, particularly within the Industrial Internet of Things where business-critical applications are becoming dependent on products controlled by software. Qua...
SYS-CON Events has announced today that Roger Strukhoff has been named conference chair of Cloud Expo and @ThingsExpo 2016 Silicon Valley. The 19th Cloud Expo and 6th @ThingsExpo will take place on November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. "The Internet of Things brings trillions of dollars of opportunity to developers and enterprise IT, no matter how you measure it," stated Roger Strukhoff. "More importantly, it leverages the power of devices and the Interne...
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
The Internet of Things will challenge the status quo of how IT and development organizations operate. Or will it? Certainly the fog layer of IoT requires special insights about data ontology, security and transactional integrity. But the developmental challenges are the same: People, Process and Platform. In his session at @ThingsExpo, Craig Sproule, CEO of Metavine, demonstrated how to move beyond today's coding paradigm and shared the must-have mindsets for removing complexity from the develo...
The IETF draft standard for M2M certificates is a security solution specifically designed for the demanding needs of IoT/M2M applications. In his session at @ThingsExpo, Brian Romansky, VP of Strategic Technology at TrustPoint Innovation, explained how M2M certificates can efficiently enable confidentiality, integrity, and authenticity on highly constrained devices.
SYS-CON Events announced today that MangoApps will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device.
"We've discovered that after shows 80% if leads that people get, 80% of the conversations end up on the show floor, meaning people forget about it, people forget who they talk to, people forget that there are actual business opportunities to be had here so we try to help out and keep the conversations going," explained Jeff Mesnik, Founder and President of ContentMX, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Internet of @ThingsExpo has announced today that Chris Matthieu has been named tech chair of Internet of @ThingsExpo 2016 Silicon Valley. The 6thInternet of @ThingsExpo will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
When people aren’t talking about VMs and containers, they’re talking about serverless architecture. Serverless is about no maintenance. It means you are not worried about low-level infrastructural and operational details. An event-driven serverless platform is a great use case for IoT. In his session at @ThingsExpo, Animesh Singh, an STSM and Lead for IBM Cloud Platform and Infrastructure, will detail how to build a distributed serverless, polyglot, microservices framework using open source tec...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
From wearable activity trackers to fantasy e-sports, data and technology are transforming the way athletes train for the game and fans engage with their teams. In his session at @ThingsExpo, will present key data findings from leading sports organizations San Francisco 49ers, Orlando Magic NBA team. By utilizing data analytics these sports orgs have recognized new revenue streams, doubled its fan base and streamlined costs at its stadiums. John Paul is the CEO and Founder of VenueNext. Prior ...
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.