Tax Season 2015: The IRS isn’t who you should fear


In roughly two and-a-half weeks, tens of millions of Americans will be filing their taxes. Every year, Americans expect annual tax returns to help provide a little more cushion in life. Although returns are never life changing, they can help fund that trip to Maui, make that mortgage a little smaller, or just simply make your wallet a little bit bigger. Unfortunately, many will have to hold off on packing their bags for Hawaii as their refunds will be stolen by unscrupulous hackers.

If recent events have taught us anything, it’s that hackers are unpredictable. Whether they want medical info, money or simply just protest a movie, hackers hack for any and all reasons. 

The threat to our private and most sensitive information have never been more at risk. Our names, addresses, social security number are all prime targets to hackers. With this information, hackers can research individuals to fill in the missing information for a tax return.  Looking on social media, like LinkedIn or Facebook, can expose where a person works (for the company tax ID number), position (for salary estimate), and family (dependents). From there, a simple return can be prepared and sent in to the State or Federal government for a return to the hacker’s bank account.  If you are a victim, getting your return can be difficult as you have to prove who you are to the government and that you didn’t file. A daunting process that could take weeks, months or even longer. Our advice, play it safe and protect your information carefully.  Hackers want to go to Disney on your refund.

EdgeWave provides comprehensive Military-Grade cybersecurity to companies large and small in all sectors, deploying the latest in automated protection backed by 24/7 human analysis, and guarding against Advanced Persistent Threats. EdgeWave monitors networks and customizes security rules for over 6000 clients globally, ensuring compliance and timely reporting. Visit to find out how easy it is to secure your network.

Impact of POTUS Cybersecurity Order

obama-signing-wikiPresident Obama’s Executive Order, Promoting Private Sector Cyber Security Information Sharing (Feb 13, 2015), is a push to bring Industry and Government closer together in the cybersecurity fight.

Industry has been preparing to share cyber threat intelligence for some time with the Financial Services industry through the Financial Services, Information Sharing and Analysis Center (FS-ISAC).  While there are similar collaborative groups in other sectors, each industry segment approaches coordinated efforts in a different way. Communication across the sectors is not always standardized. As a result, President Obama’s most recent cybersecurity Executive Order is rightly focused on expanding information sharing organizations to, and between, a broader range of industry segments.  The recent Executive Order also builds upon current public-private collaborative efforts between Government, and 16 industry sectors identified as critical infrastructure through Presidential Policy Directive 21 – Critical Infrastructure Security and Resilience and EO-13636, Improving Critical Infrastructure Cybersecurity.

Perhaps the most significant component of the President’s cybersecurity initiative is the notion of expanding information sharing between Government and Industry at large.  Certainly, private-to-private information sharing will be extremely valuable, but it will pale in comparison to the potential value of a threat clearinghouse which includes threat feeds originating from Government agencies.  As a former Department of Defense Cybersecurity Leader, I can personally attest to the potential value added by a more robust and inclusive information exchange between Government and industry.  The Government faces two challenges as it moves forward with implementation of the President’s initiative.  First, Government agencies will need to determine how to distill classified information down to a level that will not compromise national security, yet still be useful to Industry.  Second, both Government and Industry will need to develop an effective process that provides for information sharing, without compromising sensitive customer information.

Edgewave fully supports President Obama’s Executive Order.  The power of sharing information across cybersecurity systems and capabilities is fundamental to our Military-Grade approach.  For 20 years, EdgeWave security systems have been built from the ground up, with information sharing and customer privacy in mind.  But as always, the devil is in the details.  For the President’s initiatives to be truly inclusive, and more importantly effective, the Government cannot follow the historical path of developing a program that is burdened with regulatory and compliance requirements.  This path ends with participating organizations focusing more on administrative requirements than the actual value of the information being shared.

Here at EdgeWave, we are enthusiastic about the potential of a threat clearing house that we can contribute to through our real time threat intelligence, and leverage to make our security systems stronger and more effective for our customers.  We will win this cyber war as an Industry-Government Team.

Mike Walls is Managing Director, Security and Operations and Analysis at EdgeWave. While on Active Duty in the U.S. Navy, Mike served as Commander Task Force 1030 reporting directly to the Navy’s Fleet Cyber Command, and was responsible for Cyber readiness of over 400,000 people, 300 ships, and 4,000 aircraft.  Comments and questions for Mike Walls are welcome:

Dark Reading Exclusive — ‘Why Nations Hack’ Part 6

DR-logoDark Reading — ‘Why The USA Hacks’

The United States operates in the cyber domain as a national entity for a simple reason — to protect its citizens. Like traditional notions of national defense, cyber operations extend across political, economic and military pillars of national power. But cyber operations are, in a sense, more complex, because they affect the pillars of power more profoundly, due to the speed at which they occur.

If you missed any part of the series, be sure to click the links below:

Mike Walls is Managing Director, Security and Operations and Analysis at EdgeWave. While on Active Duty in the U.S. Navy, Mike served as Commander Task Force 1030 reporting directly to the Navy’s Fleet Cyber Command, and was responsible for Cyber readiness of over 400,000 people, 300 ships, and 4,000 aircraft.  Comments and questions for Mike Walls are welcome:

Cyber Threat Update: 2/17/2015


This was not the exploit you were looking for.

A recent report by Kaspersky labs describes a new, and highly sophisticated, exploit found on computers around the world.  This new exploit from a group Kaspersky dubs the “Equation group” possesses the ability to infect host hard drives in the firmware.  This means, even if a hard drive is wiped and a new Operating System (OS) is installed, the malware will persist.  Equation works on almost every large hard drive manufactures.  The malware has the ability to exfiltrate data to host servers without setting off IDS/IPS systems.

Infections from Equation come from a myriad of sources.  Worms, physical devices like CDs or USBs, and web exploits.  Once infected, a program called double fantasy check the computer to see if there is any interest in machine.  If not, the program erases itself.  If there is interest, the Equationdrug malware is downloaded for a full espionage package creates both the firmware re-write and hidden sectors on the drive for storage.

Equation has been observed in over 500 hosts in 30 countries mainly targeting government, Islamic terrorism, energy, and technology.  The malware works on several operating systems including all Microsoft systems both 32 and 64 bit as well on Mac and iPhones.  Kaspersky has listed known MD5 hashes for the exploit as well as known command and control websites.

The exploit was found while Kaspersky investigated other exploits.  The bottom line is that it took a person to find the malware, not only a machine.  This is precisely why we at EdgeWave believe so steadfastly that human oversight is such a critical component of cyber security, and it is why we include it in every aspect of our operations, particularly with regard to network monitoring.

EdgeWave provides comprehensive Military Grade cyber security to companies large and small in all sectors, deploying the latest in automated protection backed by 24/7 human analysis, and guarding against Advanced Persistent Threats. EdgeWave monitors networks and customizes security rules for over 6000 clients globally, ensuring compliance and timely reporting. Visit to find out how easy it is to secure your network.

Why Malware Loves Valentine’s Day and Other Shopping Holidays

hackerholidayNEW YORK (MainStreet) — Hackers are fond of holidays, especially ones where consumers are buying last-minute gifts online.

Online criminal activity increases around holidays, especially Valentine’s Day and Presidents Day when shoppers are more careless and phishing schemes and other attacks are even more prevalent. Cyber criminals are armed with malicious programs that can steal a person’s information with just one offhand click on a laptop or smartphone.

Hackers have been planning ahead for weeks to try and get unsuspecting users to click on links or go to websites solely designed to steal your identity or money through fake websites and spam campaigns, said Tom Chapman , director of the cyber operations group at Edgewave, a San Diego-based cyber security firm.

When you are shopping online or looking for the best deal, type the website in manually instead of just clicking on a link from an email or an advertisement banner, he recommends. Or google the website, because cyber criminals can disguise links easily.

“I can make the link, but it will take you to Google,” Chapman said. “However, if I typed in my browser, it will take me to the correct website.”

The Internet has deals constantly to lure you into buying deeply discounted items, especially gifts for friends and family. If the deal looks too good to be true, trust your instinct, because the majority of those deals are misleading.

“No one sells a dozen roses for $5,” he said. “Even if they did, they are probably not great roses. The same goes for Ugg boots, Oakley sunglasses or other high-end items. The lure of cheap items gets people to click on the bad link or ad.”

Avoid shopping when you are out grabbing coffee or when you are accessing public Wi-Fi, because “secure Wi-Fi is really a misnomer,” Chapman said. Public Wi-Fis are open connections, and it is too easy for hackers to gain access. Even if you have to use a password to access it, that means everyone else in the store also has access to it.

When you are surfing in public, make sure you are using “https” to connect to sites, which means the transactions are encrypted. If it is possible, use a VPN instead. They are not difficult to set up, inexpensive and can shield you snooping from criminals, he said.

Use two- factor authentication as much as possible and on sites that have it. Many email and social media have the option available. Even if a snooper gets your password, he won’t be able to log in.

One way to prevent your email from being corrupted is to ensure that your email application doesn’t automatically download attachments, said Paul Lipman, CEO of iSheriff, a Redwood Shores, Calif. cloud security provider.

Keep your anti-malware software updated, and only download apps from trusted app stores such as iTunes and Google Play.

“They should run a security application that can scan other apps for potential vulnerabilities and protect against web-borne mobile threats,” he said. “Cyber criminals know that tens of millions of us will be going online to buy gifts, cards and candy hearts, and they simply step in front of this flood of clicks and transactions since they expect they will be able to snare many unsuspecting victims along the way.”

It is easy to be fooled into installing apps from dubious sources by clicking links we receive in text or email messages from seemingly authentic sources, said Michael Shaulov, CEO of Lacoon Mobile Security, a San Francisco-based mobile security company.“Sometimes we can be fooled or we can be tricked easily into clicking malicious links in banner or pop-up ads,” he said. “Cyber criminals use this technique to get you to install fake or altered apps that compromise device security. Think twice when clicking on links offering free apps, even if they’re shared with you from friends, family and colleagues.”

While installing apps is fast, be wary when ask for broad permissions, which most of us grant without question, Shaulov said. When you are installing or updating apps, take the time to carefully review the requested permissions.

“Stop to consider when apps ask for more than they seem to need or if an update requests additional permissions it didn’t need before,” he said. “If a flashlight app is requesting access to your contact list, there could be something to worry about.”

Know where your data from the app is being stored since sometimes it is stored on the device, sometimes it is in the cloud and sometimes it is not even stored at all,” Shaulov added. Knowing where an app is keeping your sensitive data should be a “significant part of vetting its security, both for personal and enterprise apps,” he said.

Check for conspicuous consumption on your phone, and always be wary if one app is using too much data. The primary way malicious apps get data into the hands of cyber criminals is by sending it a remote server, he said. Keep an eye on your monthly bill, since the hackers can extract data from your phone, which will result in higher data usage or unusual usage patterns. Some apps like YouTube or backup solutions will use a lot of data for a good reason.

“If you notice high data use from an app that seems strange like a wallpaper app or from an unfamiliar app you don’t remember installing, be suspicious,” Shaulov said. “This could be an indication that someone’s been stealing sensitive data off of your device.”

Sharing passwords with anyone should be verboten, even among people you trust, since the information could be leaked or shared without your permission.“Don’t share passwords with anyone, including significant others and family members,” said Michelle Dennedy, vice president and chief privacy officer for Intel Security, a Santa Clara, Calif. cloud security provider. “If you need to share it, create a unique code just for that account and change it immediately if you suspect foul play.”

Deleting data not only will make your phone work faster, but it could also help you save face later on. If you send personal or intimate messages, make sure to delete the content from your device and in the cloud as soon as possible, Dennedy said. A 2015 Intel Security study found that 32% of respondents in the U.S. admitted that they know their significant other’s bank or credit card passwords, and more than a quarter of them don’t delete intimate media after sharing them with the intended recipients.

“It can save you from years of damage control for your reputation later on, both online and offline,” Dennedy said. “The Internet is forever – once you share, post or tweet, your private information is available to the public and is out of your control, so be mindful of what you are sharing.”

–Written by Ellen Chang for MainStreet