Jeffrey Johnson has the stamp of a military man, perhaps as a result of his early career in the U.S. Navy. The part in his hair might as well have been drawn with a ruler; his shirt is tucked as tight as a hospital corner. He looks slightly incongruous striding around his downstairs den in suburban Virginia in his socks and eating Chick-fil-A takeout, as he explains why SquirrelWerkz isn’t just another cybersecurity startup.
His contention is that hacking isn’t a technical issue: It’s a business and competitive issue, and that’s how companies need to approach it. “All this time we’ve been focused on the technology layer, but it’s just a means to an end,” he says. “What we forgot to do was to focus on the business transactions.” Johnson began doing just that as a cyber-risk specialist at EY (formerly Ernst & Young). In 2012 he was called in to examine a breach at a U.S. chemical company. An earlier investigation by the FBI concluded that Chinese hackers had penetrated the company’s network using a phishing e-mail and gained control of servers in Germany and Canada for two months.
As Johnson began digging into the company’s business plans and operational data, it became clear the damage was more extensive and insidious. He uncovered evidence that the hackers were intercepting inbound orders, as well as outbound e-mails with price quotes and other terms. They also tampered with the ordering system for raw materials, causing production delays, and made off with valuable research related to a line of environmental products. For the full article click here
from hacker samurai http://ift.tt/1YGjW8f
via IFTTT
No comments:
Post a Comment