Archive

Archive for the ‘crime’ Category

Continuing Federal Cyber Breaches Warn Against Cybersecurity Regulation

October 29, 2014 Comments off

Continuing Federal Cyber Breaches Warn Against Cybersecurity Regulation
Source: Heritage Foundation

Recent high-profile private-sector hacks have once again put a spotlight on the issue of cybersecurity. This is a serious problem that requires legislation to improve the United States’ cybersecurity posture, but the U.S. should not reflexively adopt government regulation of cyberspace as a solution. There are concerns that such a response would not be cost-effective and would have an adverse effect on innovation. It could also potentially create a mindset of compliance rather than of security. Additionally, the government’s own cybersecurity track record raises questions about the effectiveness of government cyber regulations.

The following is a list of federal government cybersecurity breaches and failures, most of which occurred during 2013 and 2014. This list is part of a continuing series published by Heritage that serves as a long-term compilation of open-source data about federal cybersecurity breaches dating back to 2004.

This list is in no way complete: Some hacks might not be reported or are classified, and others have yet to be realized. In September 2014, Robert Anderson, executive assistant director of the Criminal, Cyber, Response, and Services Branch of the FBI told the Senate Homeland Security Committee that if a federal department believes it hasn’t been hacked, it is likely that they are simply unaware of the hack. When Senator Coburn asked for a list of all the government hacks the panelists were aware of, he acknowledged that they may have to be discussed in a closed Senate hearing. Furthermore, the list below does not include the large number of private-sector failures. Nevertheless, the seriousness and number of known U.S. government cybersecurity failures undercut the argument for a government-led regulatory approach to cybersecurity.

About these ads

Cyber Attacks on U.S. Companies in 2014

October 29, 2014 Comments off

Cyber Attacks on U.S. Companies in 2014
Source: Heritage Foundation

The spate of recent data breaches at big-name companies such as JPMorgan Chase, Home Depot, and Target raises questions about the effectiveness of the private sector’s information security. According to FBI Director James Comey, “There are two kinds of big companies in the United States. There are those who’ve been hacked…and those who don’t know they’ve been hacked.”

A recent survey by the Ponemon Institute showed the average cost of cyber crime for U.S. retail stores more than doubled from 2013 to an annual average of $8.6 million per company in 2014. The annual average cost per company of successful cyber attacks increased to $20.8 million in financial services, $14.5 million in the technology sector, and $12.7 million in communications industries.

This paper lists known cyber attacks on private U.S. companies since the beginning of 2014. (A companion paper discussed cyber breaches in the federal government.) By its very nature, a list of this sort is incomplete. The scope of many attacks is not fully known. For example, in July, the U.S. Computer Emergency Readiness Team issued an advisory that more than 1,000 U.S. businesses have been affected by the Backoff malware, which targets point-of-sale (POS) systems used by most retail industries. These attacks targeted administrative and customer data and, in some cases, financial data.

This list includes only cyber attacks that have been made known to the public. Most companies encounter multiple cyber attacks every day, many unknown to the public and many unknown to the companies themselves.

The data breaches below are listed chronologically by month of public notice.

Cyber Attacks Likely to Increase

October 29, 2014 Comments off

Cyber Attacks Likely to Increase
Source: Pew Research Internet Project

Experts believe nations, rogue groups, and malicious individuals will step up their assaults on communications networks, targeting institutions, financial services agencies, utilities, and consumers over the next decade.

PTSD Research Quarterly — Impact of Mass Shootings

October 28, 2014 Comments off

PTSD Research Quarterly — Impact of Mass Shootings (PDF)
Source: National Center for PTSD (VA)

Norris (2007) provided an excellent introduction to the literature on mass shootings. Our goal is to provide an update on this literature. Norris focused on individual, as well as broader community factors in examining responses to mass shootings. Our guide focuses solely on quantitative studies examining factors at the level of the individual that appear to be related to adjustment following a mass shooting.

Our definition of a mass shooting involves an individual (with few exceptions, a male), acting alone and with generally personal rather than political motivation, entering a densely populated space and shooting as many people as possible. In addition, while not required in the definition, the shooter typically takes, his or her, own life. Our guide to the literature proceeds chronologically, with an emphasis on studies that use longitudinal data.

Labeling Effects of First Juvenile Arrests: Secondary Deviance and Secondary Sanctioning

October 27, 2014 Comments off

Labeling Effects of First Juvenile Arrests: Secondary Deviance and Secondary Sanctioning
Source: Urban Institute

Does arresting juveniles deter or promote future offending, and how does it affect the chances of future arrests? These questions were studied through official arrest data and self-reported offending data from the Project on Human Development in Chicago Neighborhoods, using propensity score methods. First arrests increased subsequent offending and subsequent arrest through separate processes, and the effects on rearrest were substantially larger. Being labelled as an arrestee seems to trigger “secondary sanctioning” processes beyond any effects on offending. Attempts to ameliorate deleterious “labeling” effects should include efforts to dampen their escalating punitive effects on societal responses.

Identity Theft: Who’s At Risk?

October 27, 2014 Comments off

Identity Theft: Who’s At Risk?
Source: AARP Research

This AARP Fraud Watch Network study aimed to assess Americans’ habits around protecting their personal and financial information. Overall, the study finds that many are not taking precautions necessary to reduce their risk of identity theft.

Identity Theft Legislation 2014

October 23, 2014 Comments off

Identity Theft Legislation 2014
Source: National Conference of State Legislatures

Identity theft occurs when someone uses another person’s identifying information, like a person’s name, Social Security number, or credit card number or other financial information, without permission, to commit fraud or other crimes. Identity theft continues to generate the most complaints with the Federal Trade Commission.

The chart below lists state legislation introduced or pending during the 2014 legislative session relating to identity theft. Legislation in 30 states and Puerto Rico is pending in the 2014 legislative session and includes legislation regarding criminal penalties, identity theft passports and identity theft prevention. Nineteen bills have been enacted in 2014.

Follow

Get every new post delivered to your Inbox.

Join 946 other followers