Establishing Digital Trust: Don't Sacrifice Security for Convenience
According to a Bloomberg report, Russian hackers breached the servers of Dow Jones & Company and stole corporate information prior to its public release.
Bloomberg notes that Dow Jones Newswires publishes more than 16,000 news items every day for financial professionals and investors.
The breach, which may or may not be related to a separate breach at Dow Jones that was disclosed last week, has been under investigation by the FBI, SEC and Secret Service for over year, four sources told Bloomberg.
But in a pointed statement released in response, Dow Jones said, "To the best of our knowledge, we have received no information from the authorities about any such alleged matter, and we are looking into whether there is any truth whatsoever to this report by a competitor news organization."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
In August 2015, 32 people were charged with involvement in a scheme to hack into three other newswire services -- Marketwired, PR Newswire and Business Wire -- in order to steal corporate earnings announcements before they were publicly released.
On August 11, the U.S. government seized 17 bank and brokerage accounts that held more than $6.5 million in alleged criminal proceeds from the scheme, as well as 12 properties worth more than $5.5 million.
"These hackers and traders are charged with reaping more than $100 million in illicit profits by stealing nonpublic information and trading based on that information," SEC chair Mary Jo White said at the time.
Tripwire senior security analyst Ken Westin told eSecurity Planet by email that the past few years have seen a significant increase in white collar hacking targeting information valuable to traders or competitors. "These kinds of intrusions can be pre-meditated -- hackers are paid in advance by traders in order to gain access to certain types of data," he said. "They can also be opportunistic and the hacker(s) sell the data to traders or competitors after the fact. Embargoed data can have tremendous value in the right hands."
"This is not the first time we have seen this type of data targeted and successfully compromised, nor will it be the last," Westin added. "In addition to press releases and earnings reports, patent information and contracts are also at risk. PR and law firms, their partners and any other business partners are all prime targets for this type of activity."
A recent eSecurity Planet article offered advice on improving database security.