Automated teller machine

Target: Credit Card Data Breach on Black Friday

December 13th, 2013

No organization or company would like to hear about data breach incident that may put consumer credit card information at stake. US retailer, Target is investigating a massive data breach that begin this Black Friday, the biggest shopping day in the US.

It was reported that the data breach incident occurred in the Target retail store and not online. It could potentially involve millions of consumer credit cards from all Target retail locations. The theft involves grabbing the data stored on the magnetic strip of cards.

The data stolen would allow thieves to create counterfeit credit cards by transferring the stolen data on to any card with a magnetic stripe. If the thieves were also able to capture debit card PIN data, they could create fake cards and use ATMs to remove cash from accounts.

Target consumers who shopped at their stores were asked to be alert about any suspicious activity on cards that they used at the retailer. A victim told that he and some of his friends became the target of a similar kind of breach last year at a very popular establishment in Virginia that has some outlets in US. Fortunately, security departments at banks were on the lookout and caught most illegal transactions using the fake cards. His wife was actually called by their bank while standing in line buying groceries with her debit card when a simultaneous purchase using a fake card with her information was going on in Texas.

During these situations consumer is usually protected but the process of canceling and reissuing of cards proves to be inconvenient sometimes. Lawsuits between banks, that business and insurance companies are still arguing as to who was ultimately at fault.

Most of the times companies and banks do not like to talk about these issues publicly, but if the result of breach incident proves to be accurate, it will be one of the largest consumer credit card data breaches in history.

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.

Enhanced by Zemanta

Most External Attacks From Foreign Lands

May 21st, 2013

One of the more interesting trends of data security has been the continued globalization of cybercriminal strategies targeting American firms.  The Verizon 2013 Data Breach Investigations Report showed that companies of all sizes should improve their security if they have yet to do so, and one critical area with which to start is the authentication process, as the report showed 67 percent of network intrusions resulted from weak or stolen credentials.

Knowing that these external threats are coming is key for businesses, as the report showed 92 percent of cyber attacks were by external parties while a mere 14 percent were from an insider. Companies could experience both, so it was noted that this number does not have to add up to 100 percent. Fifty-five percent of attacks were carried out by organized crime syndicates, where spam, identity theft, payment fraud and other strategies were employed.

“The two big reasons for the dominance of external actors are their numerical advantage and greater attack scalability,” the report stated. “An organization will always have more outsiders than insiders, and the Internet connects criminals to a virtually limitless host of potential victims.”

While most would think organized crime would factor in primarily with large companies, the Verizon report showed that 57 percent of attacks on small businesses fell into this category, distantly followed by 20 percent coming from state-sponsored hackers. For large companies, 49 percent of attacks came from organized crime with 24 percent government-affiliated. The primary incentive for these crime syndicates to attack is money, the report said, as there are now more economic and social activities online and a richer amount of data that can be stolen and converted into cash for these criminals.

Organized cybercrime targeting industries such as food, retail and finance tends to come from Eastern Europe and North America, according to Verizon analysts. Attacks can include malware used for spying, brute-force hacking and even physically tampering with databases, desktops and ATMs to get what they want. State-affiliated attacks are expanding as well, with the report saying these attackers are using espionage campaigns to target data to help military interests, find insider secrets and acquire source code. Only 2 percent of attacks come from hacktivists, even though many may think of this as a bigger issue now due to how much mainstream attention it receives.

Securing data for a better future
​Verizon executive vice president Randal S. Milch wrote in a guest post on The Hill that Congress must play a key role in helping to improve the nation’s cyber security posture. One suggestion he had was to start sharing threat information between federal agencies and communications companies which can help find threats earlier and prevent them before they really hurt companies or government bodies, which is essentially the basis of the CISPA bill.

“As we continue to work to find the best solutions to ensure the best cyber security in the middle of this fast‐moving technological war, we must avoid regulatory mandates that will quickly become obsolete and potentially hinder the ability of high tech companies and broadband providers to innovate and coordinate to defeat ever-evolving cyber threats,” he wrote. “These companies must maintain the flexibility to deploy new technologies in real-time to secure networks and to protect customers.”

Milch believes that having a strong partnership between the public and private sectors will bring forth a more secure era of online communication and data sharing, thereby helping the company grow economically. This brand of data security will take teamwork, he said, but he believes that as more realize how important securing the cyber world is, the easier it will get to come together and do as such.

Get your personal as well as office laptops encrypted by Alertsec

Unencrypted laptops present a major risk of data loss. 80% of information theft is due to lost or stolen laptops and other equipment. About 50% of network intrusions are performed with credentials gathered from lost or stolen devices. The penalties for a data breach are severe not only in terms of the monetary fines imposed on the organization, but also the potential loss of trust from customers and suppliers. Encryption software greatly enhances the security of your organization’s data as the information is not compromised if a laptop is lost or stolen.

Alertsec Xpress is the full disk encryption service that delivers a mobile data protection system for all information stored on laptops used throughout your organization.

Enhanced by Zemanta