Once again we learn about a credit card processor being hacked and millions of credit card numbers being stolen. The latest incident involved Global Payments Inc (NYSE: GPN) who detected and reported that less than 1.5 million credit card numbers have been stolen. The fact that they detected this and reported it is good news. The fact that they were prepared is better. According to GPN’s press release of April 1, 2012 the criminals were not able to obtain the cardholders names, addresses and social security numbers. This limits the amount of future identity fraud that could occur.
Why do hackers go after credit card processors? They do so because there are millions of credit card numbers in one place. This underlines a critical issue about the Internet. It is unsafe! Individuals and organizations can make themselves safer but never safe. Once you put anything on the Internet it becomes available to the entire world. The reason why we keep hearing about and will continue to hear about major break-ins.
This incident isn't as big of a problem as you might think at first because of the prevent steps taken by GPN. GPN is contacting credit card holders so you might get a letter in the mail with a new card. I would not expect an email but you might get a phone call.
While this incident is unpleasant other crooks are attempting to make money from the publicity of this problem by sending out scam emails pretending to be GPN or a bank. In the lower left of the GPN website is a small note that, “Global Payments never sends e-mails requesting customer passwords or login credentials”. Protect your personal information and never click on unsolicited web links provide in an e-mail or other correspondence.
If you need to follow a link provided in an email then enter it by hand and always be aware that the link that is shown and the underlying address can be different. Even the address shown might be a slight misspelling to throw you off the course!
It is fairly easy for you to protect yourself against credit card fraud. First, call the telephone number on the back of your card and ask if your number was stolen. Secondly, read all of the charges on your statements. You should be doing this every month because there are a lot of things that can cost you money on your statement that you didn’t authorize. If you find any problem use the phone number on the back of the card to question or deny any suspected charges.
In an article by Devlin Barrett in the Wall Street Journal, 28 Mar 2012, the FBI's top cyber expert Mr. Shawn Henry provided a negative opinion of the United State's ability to keep computer hackers from stealing. He is quoted as stating that the current public and private approach of defending against cyber attacks is "unsustainable".
Meanwhile the Whitehouse website posted on 23 March 2012 a blog entry from Howard A. Schmidt, Cyber security Coordinator and Special Assistant to the President, stating that his office is coordinating with cyber security experts from DHS, DOD, NIST and OMB. These efforts benefit the Federal Government.
In a July 2011 speech by Deputy Secretary of Defense William J. Lynn III, he addressed the need for stronger cyber defense. He feels that the DOD Cyber Strategy should mirror their position in the real world and work toward preventing wars.
That is all very nice but who is taking care of us? If the statement by Mr Shawn Henry is accurate that the current defense against cyber attacks is “unsustainable” then I would suggest that small business look to CyberSoft’s VSTK product because of the innovative features that are constantly evolving to address the various types of cyber attacks. The FBI seems to be the only agency that is helping us little people. They are arresting international crime syndicates, picking up spies and generally doing their best at an impossible job.
Who has the responsibility to protect us? It's a shared responsibility with Congress. They have to provide authority and funding to the FBI, DOD and other agencies. Business need to change their behavior in using computer networks and improving the technology will go a long way in providing protection. Products such as VSTK can contribute to providing the protection companies need against cyber attacks.
Federal agencies are doing what they can but Congress hasn’t given them the funding necessary to adaquately protect our infra structure. The FBI is trying to protect us, the DOD is trying to protect the Federal Government and prepare for a cyber war, the Whitehouse is trying to coordinate efforts within the Federal Agencies to protect themselves but not protecting the general public is leaving the biggest loaded gun anyone ever saw lying around. There are paths to improving the situation:1- we improve the technology and change our behavior in operating vulnerable networks; 2- we support american companies that are developing innovative products such VSTK and 3- we support providing the resources to protect our government. The longer we delay the less our ability to address these issues before its too late.
What can you do? Write a letter to your Congressmen telling them you want to see action on this issue. The FBI and DOD are doing a great job with the resources they have and should be allowed to continue but with the money and tools needed to defend not just the government but also the general population before its too late. After that your best course of actions is to keep your computer fully patched, have a good antivirus product installed. If you find yourself caught in a cyber war unplug your computer from the Internet or just turn it off.
I was recently asked to investigate a computer that was sending out spam email. This is a common problem and is usually a trojan infection. In this case there was no infection! In fact, everything looked normal so this became a challenge. How did the attacker gain control of this computer without a backdoor? A firewall, antivirus, up-to-date patches and full security protected the computer. I started to investigate the email system, which is Yahoo. I checked the web browser and there was nothing wrong. The password on the email account was random words and numbers and would not be guessed.
Finally, I logged on to the Yahoo Email service and investigated the settings. Eureka! The setting had a referral email address for a smart phone! I knew this was fake. After investigation it was clear that the smart phone address was set to another email address on Yahoo. This address was very similar to the real email address with only one character out of place. When I investigated where this account was sending messages from it showed countries all over the world. Clearly was just an attempt at stealth. I deleted the settings, changed the account password and reported the fraud. The problem went away and has not returned.
I believe it was a drive-by attack from a hacked website. My guess is all the major email services have similar attacks. If you find that your friends are reporting spam from your email address and you have already checked everything else then check the settings on your account and change the password. What made this attack so clever is that there was nothing on the computer for a virus scanner to detect! Thankfully, it is easy to get rid of.
The next attack was a phishing attack that I received that appeared to be from American Express. It stated that the email address on my account was changed. This might panic people into clicking on the link provided. Their words were, “If the new e-mail address is not correct or you did not request this change, please click here.” If you hover your cursor over the link you find it is a website in Jakarta, Indonesia. Other link in the email went to the country of Uzbekistani. You cannot trust the “from” address in the email since that can be made to appear as if it is from anyone. If you clicked on the link, you got infected.
Your best method of detecting these types of attacks is to use the hovering cursor to see the actual link. If you still think the message is real then call on the phone or enter the company’s website address by hand. If you don’t know the real website address use a search engine. In this case I would go to www.americanexpress.com.
Peter Radatti is the CEO of the CyberSoft Operating Corporation and has been dealing with computer security for governments for over 24 years. Contact him at www.cybersoft.com.
The anti virus industry is all excited about a new remote control worm and its gaining press coverage. If you are an average home computer user you don’t have to worry too much about it. If you use remote desktop help than you need to worry. The Microsoft Remote Desktop Protocol (RDP) is often used by help desks to provide off site system administration and repairs. The RDP feature defaults to off on most systems so unless you turned it on it will not be a problem. The good news is that Microsoft fixed the problem in patch release MS12-020. Run the Windows Update service and you won’t have to worry.
As my readers already know the Chinese Army is the world leader in cyber war and has been successfully attacking the United States for many years. According to the US Government the Chinese have managed to steal many military and government secrets along with commercial secrets that can be used to give their industry a competitive edge against us. This is in addition to their research in how to take over our electrical grid and other services. The Chinese are also concentrating on stealing the source code secrets of many computer security products and have been successful. Having the source code makes it easier to bypass the security. Companies have made it easy for them in many cases by either contracting the work out to Chinese companies or by allowing the source code on networks with a connection to the Internet. There is a new unsubstantiated rumor that the Chinese Army has moved into a new phase in their attacks against the United States. Smaller computer security companies tend to be more secure than larger companies and generally their products are 100% made in the USA. This is very hard for them to steal. These products also tend to be very specialized and used by the government. The one weapon the Chinese Army has that is hard to defend against is a lot of US money. The rumor is that the Chinese Army is spreading around money to try and put these smaller computer security companies out of business. If this rumor is true then you can expect to see a lot of not well known but critical smaller companies go out of business.
A report on the Chinese Capabilities for Computer Network Operations and Cyber Espionage concludes “Chinese computer network operations reflect a nation fully engaged in leveraging all available resources to create a diverse, technically advanced ability to operate in cyberspace”. Computer technology is strategic for the Chinese beyond military applications and is applied to long-term national development. The Chinese People’s Liberation Army considers the ability to seize information dominance as prerequisite for achieving victory. Their Army considers that it is critical to protect their own networks while attacking an enemy’s network. Meanwhile the United States is being left in the dust for our ability to defend or attack.
Peter Radatti is the CEO of the CyberSoft Operating Corporation and has been dealing with computer security for governments for over 24 years. Contact him at www.cybersoft.com.
The Internet is full of scammers. Every thief that thinks they can trick people out of money has some scam on the Internet and unfortunately many of them are successful. Scams are designed to appeal to our basic natures. Either they are pleas for help or appeal to our need for money or greed. Any strong emotion can be used to control us as part of a scam. According to the FBI and the Internet Crime Complaint Center the latest scams are all new twists to old crimes. The first is the Mystery Shopper scam. The thieves contact people who either respond to online advertisements for jobs or have their resumes posted on a jobs site. These are unemployed people who need jobs and that make them susceptible to this scam. They are offered a job as a mystery shopper evaluating banking services. The victim is mailed a cashier’s check or money order with instructions to cash the check, keep their fee and wire transfer the rest back to the crooks. They then fill in a survey with how they liked the transfer process at that bank. Of course the check is fake and victim has to make up the loss in thousands of dollars. If you sign up for this deal but don’t follow through the crooks send you threatening emails. Do not fall for this scam but if you do get involved with this or any similar scam don’t ever transfer money to someone you don’t know. Ask the bank for help before you try to cash the check to make sure it is real or fake. It is never real.
The next scam is by thieves who claim to be military contractors doing construction in Libya. The hook comes in the form of unsolicited email sent to thousands of individuals. They have mystery boxes of money, guns, drugs and other valuables found in Muammar Gaddafi’s homes. They want help transferring the money out of the country and you lucky person you are their chosen victim. Of course they need your bank account number and personal information for the deal to work. It is a scam.
My last warning for today is an Internet version of the Pox Party that some parents send their children to in order to contract the Chicken Pox while still a child. The parents think they are doing their children a service since the pox is easier to weather as a child but dangerous as an adult. These Internet advertisements offer to sell you candy, rags and other material infected by a child with the pox. Not only is deliberately spreading infectious diseases a federal crime but it is very dangerous! The Center for Disease Control warns that pox infected material may also carry other diseases including hepatitis A and strep. Stay safe and don’t fall for this scam.
Peter Radatti is the CEO of the CyberSoft Operating Corporation and has been dealing with computer security for governments for over 24 years. Contact him at www.cybersoft.com.
