A group of Russian hackers have reportedly infiltrated the servers of Dow Jones & Co. Inc., owner of the Wall Street Journal and several other news publications, and stole information to trade on before it became public, according to four people familiar with the matter. The breach is described as far more serious than a lower-grade intrusion disclosed a week ago by Dow Jones, a unit of Rupert Murdoch’s News Corp. Ken Westin, senior security analyst at Tripwire have the following comments on it.
[su_note note_color=”#ffffcc” text_color=”#00000″]Ken Westin, Security Analyst for Tripwire :
“Over the past few years there has been an increase in white collar hacking and the goal of these intrusions is to target information that is valuable to traders or competitors. These kinds of intrusions can be pre-meditated — hackers are paid in advance by traders in order to gain access to certain types of data. They can also be opportunistic and the hacker(s) sell the data to traders or competitors after the fact. Embargoed data can have tremendous value in the right hands.
This is not the first time we have seen this type of data targeted and successfully compromised, nor will it be the last. In addition to press releases and earnings reports, patent information and contracts are also at risk. PR and law firms, their partners and as well as any other business partners are all prime targets for this type of activity.”
Dangers to the integrity of the stock market
“White collar hacking poses tremendous risks to the integrity of the stock market. We have seen the risks with insider trading and white collar hacking is much more covert, as there is little indication and evidence as to who is involved. However, the stakes are incredibly high, with a massive amount of money to be made with even the most seemingly innocuous bits of data exposed. What is worse is that as those involved in this illicit activity profit it can drive others to follow suit. Never underestimate the power of greed.”[/su_note][su_box title=”About Tripwire” style=”noise” box_color=”#336588″]Tripwire is a leading provider of advanced threat, security and compliance solutions that enable enterprises, service providers and government agencies to confidently detect, prevent and respond to cybersecurity threats. Tripwire solutions are based on high-fidelity asset visibility and deep endpoint intelligence combined with business-context and enable security automation through enterprise integration. Tripwire’s portfolio of enterprise-class security solutions includes configuration and policy management, file integrity monitoring, vulnerability management and log intelligence.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.