Why are we doing this?
When we first introduced the Tiles project, our goal was to make New Tabs more useful. We started by giving Firefox users a quick, visual reference to the sites that they visited most often.
As it turned out, a lot of people liked it. But, being Mozillians, we like to experiment. While we certainly don’t want to brake things, we can at least build some new castles in our sandbox.
Enhanced Tiles will be the first of many experience Mozilla will be bringing to Firefox. We hope you enjoy it, and are always invited to comment. (Seriously, we mean it.)
How did we do?
How would you rate your experience?
Awesome sauce!
It could be better
Lame
What did you like about it (or not) and why?
Send Feedback
What will you do with my feedback?
Thanks for the feedback!
Here's how you and 129,712 other users rated Enhanced Tiles:
Awesome sauce!
XX,XXX
It could be better
XX,XXX
Lame
XXX
Search
Gmail
Gmail
Gmail
Gmail
(Add tile)
Amazon
Amazon
Amazon
Amazon
(Add tile)
WIRED
WIRED
WIRED
WIRED
(Add tile)
Visit WIRED
BMWBlog
BMWBlog
BMWBlog
BMWBlog
(Add tile)
NYTimes
Cybercriminals Zero In on a Lucrative New Target: Hedge Funds
By NICOLE PERLROTH
As hedge fund capital soars, so too has the number of cyberattacks on their...
NYTimes
NYTimes
Cybercriminals Zero In on a Lucrative New Target: Hedge Funds
By NICOLE PERLROTH
As hedge fund capital soars, so too has the number of cyberattacks on their...
NYTimes
(Add tile)
the Onion
the Onion
the Onion
the Onion
(Add tile)
RollingStone
RollingStone
RollingStone
RollingStone
(Add tile)
(Add tile)
Visit NYTimes
SECURITY
Cybercriminals Zero In on a Lucrative New Target: Hedge Funds
By NICOLE PERLROTH JUNE 19, 2014 5:16 PM 7 Comments
They say crime follows opportunity.
Computer security experts say hedge funds, with their vast pools of money and opaque nature, have become perfect targets for sophisticated cybercriminals. Over the past two years, experts say, hedge funds have fallen victim to targeted attacks. What makes them such ripe targets is that even as hedge funds expend millions in moving their trading operations online, they have not made the same investment in security.
The latest evidence comes in the form of a new report Wednesday from BAE Systems, a computer security firm, that an unnamed hedge fund lost millions of dollars after criminals installed malware on its trading systems late last year. The malware was designed to insert a lag time in the hedge fund’s trading system and record the details of orders, so the attackers could trade on the information themselves.
According to BAE Systems, the attack began with a so-called spearphishing email, which contained links purporting to be about capital markets. Once they were clicked, an employee inadvertently downloaded malware onto a computer that gave criminals deeper access to the fund’s trading systems. The attack was noticed only after the fund’s analysts and tech staff discovered the lag times in its algorithmic trading strategy and abnormal file movement on its network. The breach, which was first reported by CNBC, cost the fund millions of dollars in recovery, according to BAE Systems, which did not name the fund.
But security experts say the crime is hardly new. “Hedge funds have been victims of targeted cyberattack over the past two years,” said Tom Kellermann, the chief cybersecurity officer at TrendMicro. “Hedge funds are woefully undersecured. The lack of investment in their cybersecurity has placed them in the line of fire.”
The first such attacks on capital markets, Mr. Kellermann said, began in 1999, right around the time brokerage houses began to move private computer networks online. Early on, the most common mode of attack was to hack into a broker’s account to steal user names and passwords so that hackers could trade securities under a victim’s name. More recently, the most common attack on the financial industry has been distributed denial of service or DDoS attacks on banks from hackers based in Iran.
But unlike the DDoS attacks, which are a costly nuisance, the attacks against hedge funds are more sophisticated and profitable, experts say. The hedge fund industry has grown enormously in recent years and many have moved to digital trading systems, which allow funds to profit by trading milliseconds faster.
By moving their trading operations online, though, funds have also become a target. “The cybercrime underground is cognizant that convergence in the securities market has fostered a fertile environment for fraud,” Mr. Kellermann said. “These attacks are conducted for the purpose of front-running market participants.”
Almost a decade ago, Mr. Kellermann wrote a report for the World Bank about financial fraud. The report outlined seven attack scenarios — all of which had been realized by 2005 — and warned that “certain costs and risks associated with the e-finance revolution have yet to be fully appreciated.”
Since then, Mr. Kellermann and others say the problem has only become worse. In addition to online trading swindles, in recent months numerous funds have been struck by Cryptolocker, the particularly vicious, so-called ransomware that encrypts infected users’ files and demands a ransom to unlock them. Often, security experts say, these crimes go unreported by victims who fear that law enforcement agencies will dig through their systems.
But increasingly, government officials are asking companies to step forward so that they can learn more about criminals’ tools, techniques and patterns. At the annual RSA security conference in San Francisco last February, James B. Comey, the director of the Federal Bureau of Investigation, asked companies to start disclosing attacks.
“We understand that you are reluctant to report intrusions, either because you’re worried the government will start rummaging around your networks or because you fear your reputation will take a hit in the marketplace,” he said. “We need to examine patterns and behaviors, to determine how they operate, and how best to stop them.”
INTRODUCING
Enhanced Tiles
INTRODUCING
Enhanced Tiles