What's happening: It's not just businesses that are losing money to cybercriminals. This post shows that schools are also at risk. We can conclude, by inference, that not-for-profits are being hit as well. The news just hasn't surfaced.
What it means: Every small and medium size organization is at financial risk from cybercrime.
What to do: Management must get on top of this problem. Check bank transactions daily. Train staff to recognize cybercrime danger signs. Tightly manage technology controls. Consider a separate PC used only for on-line banking. Check your cyber-insurance. Be prepared to sue your bank: Email our Guide An Emerging Information Security Minimum Standard of Due Care to your attorney.
**********************************
Brian Krebs: Washington Post: A gang of organized cyber criminals that has stolen millions from businesses across the United States over the past month appears to have turned its sights on public schools and universities.
On the morning of Aug. 17, hackers who had broken into computers at the Sanford School District in tiny Sanford, Colorado initiated a batch of bogus transfers out of the school's payroll account. Each of the transfers was kept just below $10,000 to avoid banks' anti-money laundering reporting requirements, and went out to at least 17 different accomplices or "money mules" that the attackers had hired via work-at-home job scams.
http://voices.washingtonpost.com/securityfix/2009/09/cyber_mob_targets_public_priva.html?wprss=securityfix
Citadel Information Group
Information Security Management for Business and the Not-for-Profit Community
www.citadel-information.com
Delivering Information Peace of Mind ®
www.citadel-information.com
Delivering Information Peace of Mind ®
Posts
Search This Blog
Index of Topics
- Business at risk (115)
- Citadel in the news (7)
- Citadel Information Security Guides (8)
- Citadel: Guide to Blog (1)
- Citadel: Thinking about Security (10)
- Cloud Security (2)
- Consumers at risk (13)
- Credit card fraud (14)
- Culture Change (1)
- Financial systems security (67)
- Healthcare (7)
- Identity theft (30)
- Insurance (1)
- Internet badlands (113)
- ISSA-LA (2)
- Law Firms (2)
- Legal (23)
- Miscellany (6)
- national security (46)
- Not-for-Profit (5)
- Privacy (27)
- Ray of Sunshine (15)
- School security (3)
- Security Alert: Vulnerability Management (74)
- Security management (24)
- Security Research (5)
- Security Surveys (13)
- Social Engineering (1)
- Social networks (13)
Blog Archive
-
►
2011
(2)
- ► January 2011 (2)
-
►
2010
(237)
- ► December 2010 (6)
- ► November 2010 (9)
- ► October 2010 (7)
- ► September 2010 (8)
- ► August 2010 (13)
- ► April 2010 (39)
- ► March 2010 (65)
- ► February 2010 (38)
- ► January 2010 (27)
-
▼
2009
(83)
- ► December 2009 (17)
- ► November 2009 (7)
- ► October 2009 (9)
-
▼
September 2009
(22)
- Cybercriminals breach payroll services firm, go af...
- Cybercriminals rob not-for-profit healthcare provi...
- Cybercriminals use fake IRS emails to steal on-lin...
- Security of Online Banking Threatened by Defeat of...
- Company sues bank after $588,000 stolen by cyberth...
- Cyberthieves using Twitter to sell fake antivirus ...
- Adding Insult to Injury, Cybercrime Victims May Be...
- Like Generals, in Battle Against Cybercrime IT Sta...
- Cyber Crooks Target Public & Private Schools
- Cyber Thieves Steal $447,000 From Wrecking Firm
- Updates Plug iPhone, QuickTime Security Holes
- Critical bug infests newer versions of Microsoft W...
- Microsoft Fixes Eight Security Flaws
- Citadel's Stan Stahl talks about web security and ...
- Personal Privacy Threatened: How Secure Are Your E...
- Hackers already exploiting IIS flaws
- Hackers embed malicious links in websites about st...
- Court Allows Woman to Sue Bank for Lax Security Af...
- More Business Banking Victims Speak Out
- Apple Updates Java, Backdates Flash
- 5 More Indicted in Probe of International Carding ...
- Blog Purpose: Assist Senior Management Secure Orga...
- ► August 2009 (17)
- ► February 2009 (1)
Information Security Links
- Citadel Information Group
- Google Online Security Blog
- Information Systems Security Association
- Information Systems Security Association - LA Chapter
- InfraGard - Los Angeles
- Krebs on Security
- Microsoft Malware Protection Center
- MITRE CVE
- NIST Computer Security Resource Center
- Open Web Application Security Project (OWASP)
- Privacy Rights Clearinghouse
- SANS Internet Strom Center
- US CERT
Disclaimer
Citadel provides this blog as a public service to the community. We make no claim or representation that items posted on this blog are correct. We post "Security Alerts" primarily to assist readers manage security vulnerabilities on their personal home computers; these alerts are NOT comprehensive and are not to be relied upon as such.
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com