by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : September 30, 2016
6 1715 42 6 24 9 13 3419 25 56 THE2O16FEDERALLIST evidence to suggest the criminals targeted hospitals specifically to obtain a larger ransom,” he said. “Without proper defenses, these institutions and other critical infrastructure will be targeted by criminals looking for a big payday.” financial officer of a company and email employees who have access to tax data. Industry experts have warned that this phishing scam will be a growing threat. “Many individuals were duped by these emails and replied with the tax records for hundreds of employees,” Olson said. “The scammers used these documents to file fake tax returns and claim the victim’s tax refund for themselves.” He cited the common warning 8 September 30, 2016 FCW.COM that unwary employees can be the weakest security link. “These attacks demonstrated how simple it can be for a clever scammer to get the information required for fraud when users aren’t skeptical of the emails they receive,” Olson said. Malware attack on Wendy’s Ryan O’Leary, vice president of WhiteHat Security’s Threat Research Center, said the malware attack on pointof-sale systems at Wendy’s fast food restaurants deserved a spot on the list. “The concerning thing here is the length of time it took for Payroll phishing Wendy’s to realize it had been compromised,” he said. “It took nearly five months for Wendy’s to detect it had an issue, and then another three months to release a statement about the breach. Then came the news that they discovered more malware that affected even more stores, which then had to be disabled.” scams In these scams, phishers pose as the CEO or chief 7 8 payment systems Russian cybercriminals infiltrated Russian crimeware targeting Oracle’s Micros Oracle’s Micros division, which is one of the largest vendors of payment systems for restaurants, hotels and department stores. Justin Heath, senior security specialist at Vectra Networks, said such attacks are extremely damaging because point-of-sale systems are easily compromised, and the hacks can affect hundreds of millions of customers and can go undetected for a long time. “In this case, it is estimated that roughly 330,000 devices were compromised, which means an untold number of consumer records — certainly in the millions — were potentially stolen and could be made available on the black market,” Heath said. Office of Personnel Management data breach Although the hack happened in 2015, Pam Walker, senior director for federal public-sector technology at the IT Alliance for Public Sector, argued that it deserves to be on the list because it continues to evolve and demonstrate the ongoing vulnerabilities of legacy systems across the government. The attack compromised the personal information of 21.5 million current, former and prospective federal employees and contractors. Federal officials “are still continuing to discover that more people were exposed,” Walker said. “You’re going to see more government agencies have issues until they’ve modernized and put the proper protocols and investments in place around cyber.” 9 Russia’s hack of Ukraine’s power grid None of the experts we polled included this hack in their top three, but it was a milestone in cyber warfare. It is the first known cyberattack to take out a power grid. Attributed to the Russian-backed BlackEnergy APT Group, the attack prompted the Energy Department to seek additional funding to modernize the U.S. electrical grid and harden it against potential cyberthreats. The U.S. government has avoided directly attributing the attack to Russia, even though a number of cyber experts have done so. n
September 15, 2016