Security Breaches Leads To Many Federal Bureau Of Investigations Arrests

By Author: EC-COUNCIL
Total Articles: 68
Comment this article

The consequences of a security breach, including financial costs and injury to reputation, can be enough to seriously damage an organization. IT professionals of government and private organizations have realized that ethical hacking training programs is extremely beneficial in minimizing their security risks.
Recently, Federal agents made an arrest and charged a former employee of a New Jersey-based division of a technology company with giving China sensitive military technical data, federal authorities said.
Sixing Liu, 47, who is also known as Steve Liu, was a senior staff engineer at the company who helped work on precision navigation systems for the U.S. Department of Defense, federal authorities said. U.S. customs officers inspected Liu’s his bags and upon his return from Shanghai and found a non-work-issued computer later found to contain hundreds of documents relating to the technology company’s projects.
It was later verified by the Authorities of the U.S. State Department’s Directorate of Defense Trade Controls that the information on Liu’s computer ...
... was "export-controlled technical data" that relates to defense items listed on the United States Munitions List. The United States Munitions List (USML) is a list of articles, services, and related technology designated as defense-related by the United States federal government.
Authorities said, Liu didn’t have the license required under the federal regulations, to export items and data covered by the munitions. Federal regulations also say it’s U.S. policy to deny licenses for exporting munitions list items and data to countries which the United States maintains an arms embargo, including China.
Liu faces a maximum of 20 years in prison and a $1 million fine, authorities said.
The Federal Bureau of Investigation has also investigated into a security breach of Apple's iPad that exposed personal information of AT&T customers, including those of several high-ranking government officials
The breach occurred when a group calling itself Goatse Security hacked into AT&T's iPad subscriber data, obtaining a list of e-mail addresses that also included celebrities, chief executives and politicians. Goatse Security (GoatSec), was established in 2009, and is a loose-knit, nine-person hacker group that specializes in uncovering security flaws
"The FBI is aware of these possible computer intrusions and has opened an investigation to address the potential cyber threat," FBI spokesman Jason Pack said.
AT&T, which has exclusive U.S. rights to carry the iPad and the popular iPhone, has acknowledged the security breach but said it had corrected the flaw and that only e-mail addresses were exposed to hackers who identified a security weakness.
AT&T said stated that a security weak spot exposed the e-mail addresses of more than 100,000 iPad users, and nothing else. Only those who signed up for AT&T's "3G" wireless Internet service were affected. The problem had to do with the way AT&T's website prompted iPad users to log onto their AT&T accounts.
EC-Council, a leading information security certification body, offers technical security training courses that enable IT professionals to have the skills to improve their organization’s information security management and protect affected members in the event of a data breach. EC-Council’s reputable technical security training courses are designed for effective and dynamic implementation, providing organizations worldwide efficient and superior knowledge to safeguard against cyber-crime related incidents including misuse of compromised data.
EC-Council notices the need to address information security challenges, and work with organizations on various aspects of information security attacks. TakeDownCon Dallas 2011, one of the conferences of the brand new EC-Council Take Down information security conference series, is a highly technical conference that will showcase how different systems can be compromised with ease. Topics that will be discussed include how security systems are being breached, and what methods perpetrators are employing to hijack or steal your assets, and proliferate from it. TakeDownCon will also feature a pre-event training platform offering EC-Council certification training including the world-renowned Certified Ethical Hacker (CEH) and Computer Hacking Forensic Investigator (CHFI) programs. In addition, there will also be highly advanced and technical courses offered by EC-Council’s Center of Advanced Security Training (CAST). These programs are designed by industry practitioners and experts, and will allow participants to go through both hands on and real life scenario based training covering domains such as web application security, penetration testing and social engineering. EC-Council will also be inviting their strategic partners and host their training on site, depending on suitability
ABOUT TAKE DOWNCON:
TakeDownCon is a brand new information security conference series, created by EC-Council, the owner and developer of the world famous ethical hacking training , the Certified Ethical Hacker (CEH) course. This highly technical security training series differs from others, and it is very focused - the theme of this first of the series is "Taking Down Security", focusing on attack and defense vectors. World class experts including Barnaby Jack, Kanen Flowers, Joe McCray, Rodrigo Branco, Sean Arries, among others, will demonstrate and showcase how security systems can be taken down at ease. This 2 days conference, in a very casual and relaxed setting, is targeted towards information security researchers, engineers and technical professionals.