Beware if your bank sends you a text message saying something’s amiss and to call immediately. If you make that call, something could really go wrong.
It seems regional banks and credit unions are prime targets for criminals using phishing schemes to steal account numbers, passwords and other sensitive information. Law enforcement officials say the scheme has been going on for a year, but has escalated in recent months. According to IDG Connect:
“The criminals pick a bank — say a credit union in Medford, Oregon — then they bombard every phone in Medford’s 541 area code with a phishing message sent by SMS (Short Message Service) telling the victims to call a fake 800 number that looks like it’s from a local credit union. Because they’re targeting a bank in the region, the bad guys have a pretty good chance of hitting real customers who may not have heard about the scam.
“They use the open-source asterisk software to set up a fake voice-operated system and steal information when people enter their account numbers, passwords and other sensitive information to authenticate themselves on the system. When the criminals use this information to transfer money overseas, the banks take the loss.”
Regional banks and small credit unions are particularly vulnerable because national financial institutions have security teams to guard against such scams. Nick Newman of the National White Collar Crime Center says, “With a regional bank, their entire IT team might be only five people.”
This InfoWorld article says research company Forrester has released a report titled “The Value of a Green IT Maturity Assessment” to guide companies in devising a “sensible green-tech agenda.” They say the challenge is pinpointing what areas in your organization to assess in the first place. It’s not only the data center, but also the desktops and print stations that can greatly contribute to greener IT.
Of course EasyStreet is focusing on creating a greener data center, because that’s where the big efficiencies will come from, but take a look at all of our sustainability approaches and you can see how the little things can add up.
These tips come to you courtesy of SilverBack Migration Solutions. EasyStreet has no relationship with SilverBack, and they’re located in California, but you might find their migration tips handy:
- Understand your environment. “If you don’t know what you are moving, you will break it when you move it.”
- Complete work that can be done before the migration…before the migration.
- Make sure you use the right resources for the right tasks. “I have personally seen a mover set a server on its end, and roll it down a folding table end over end to wrap it in bubble wrap. That server did not survive the migration.”
To see the entire list of tips, click here.
New research at MIT and the University of California shows how cloud service providers using virtualization on virtual machines belonging to multiple customers is creating data risks. These cloud infrastructures let attackers locate and eavesdrop on virtual machines anywhere in the cloud.
The attack described in the report was against Amazon’s Elastic Computer Cloud (EC2) service. Most troubling is the fact that the vulnerabilities that enabled the attack are generic and likely exist with other cloud providers.
“The research raises questions about a fundamental assumption about cloud computing which says that data hosted in a cloud is relatively safe from targeted attacks because it’s hard to know where in the cloud the data is located,” according to IDG Connect. “The research also comes at a time when concerns are high about security and privacy issues related to cloud computing.”
It’s possible for attackers to identify the physical server on which a targeted virtual machine is hosted in the cloud, the researchers found. The attackers can then establish a rogue virtual machine on the same machine to go after the victim.
Hopefully, as cloud technology evolves, these risks will be reduced.
If you’re interested in reading the research paper, click here.
When HP hired Forrester last May to conduct a multi-national survey of data center inefficiencies, the research firm found many companies seriously lacking in information about their IT equipment. (The survey included 185 IT professionals in the US, UK and Australia.)
“A substantial number of our survey respondents were not able to estimate the utilization of their server or storage infrastructure,” the Forrester report stated. “Upon consolidating systems, many firms discover that a portion of their servers are ghosts – servers that are turned on but crashed or abandoned.”
In light of this lack of knowledge, Forrester suggests collecting asset information including business owner, hardware configuration, and utilization before proceeding with virtualization, consolidation, or data center infrastructure changes.
