The implications of cybercrime's biggest ever bust

By on
The implications of cybercrime's biggest ever bust

Recent arrests in the hacking of nine U.S. retailers and Countrywide Home Loans is just the tip of the iceberg of what's to come, according to experts in the security industry.

The recent arrests of 11 people involved in hacking nine U.S. retailers, and two men who stole data from Countrywide Home Loans, is just the tip of the iceberg of what's to come, according to experts in the security industry.

“The recent arrests demonstrate the essential cooperation between law enforcements around the world to fight cybercrime,” Yuval Ben-Itzhak, Finjan's chief technology officer, told SCMagazineUS.com on Wednesday. “As these criminals managed to cash out millions of dollars, other criminals will follow the pattern. We will continue to see this trend in 2009 as well.”

According to Ben-Itzhak, Finjan's Q2 Trends report indicated that its discoveries were clearly the tip of the fraud iceberg. The fact that nine major retail chains have been hacked and payment card details of 41 million cardholders were obtained, confirms this once again.

“The scale of this fraud is quite breathtaking, and illustrates the professional approach that these fraudsters take. It might be all business to them, but such a fraud leaves a lot of damage, hassle and misery for victims in its wake,” he said. "For companies such as the ones victimised, safeguarding their networks and financial and business data has become a top priority.”

The Countrywide arrests point to a different, but equally disturbing, emerging landscape in identity theft: the corporate insider.

“The criminal insider takes data with the sole purpose of using it, often reselling it to third parties,” explained Paul Davie, COO of Secerno. “Without examining how vulnerable their data is from insider attacks, most companies are leaving critical shortfalls in place that could be costly from both an operational and brand perspective.”

However, Davie said he sees a parallel between the two sets of arrests. In each scenario, the databases were likely not being monitored correctly.

“It's a matter of legitimate use versus normal use,” he said. IT officials need to have a good understanding of how their database is to be used so they are able to quickly notice any abnormal patterns.

Another issue, Davie added, is the continuing blurred line between who is an insider and who is considered external.

“Is a consultant internal or external?” he asked. “What about a third-party company which has access to the information?”

Alain Mayer, CTO of Red Seal, agreed, telling SCMagazineUS.com that one of the biggest challenges is the complexity of networking.

“The perimeter in today's IT infrastructure is shrinking. Extranets, wireless access points and other un-trusted zones dominate the threat profile,” Mayer said. “In such an environment, internal segmentation is crucial.”

See original article on scmagazineus.com

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

New Windows 10 users, are you upgrading from...
Windows 8
Windows 7
Windows XP
Another operating system
Windows Vista
How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?