http://infotech.indiatimes.com/articleshow/1238013.cms Be afraid, be very afraid REUTERS[ WEDNESDAY, SEPTEMBER 21, 2005 04:18:07 PM]
The top security experts at the world's two biggest credit-card associations said that the battle against Internet-based thieves had reached a stalemate and the industry would have to spend millions of dollars over the next decade just to keep up with the criminals. Speaking at an conference, John Shaughnessy, Senior Vice President for Fraud Prevention at Visa and Suzanne Lynch, Vice President for Security and Risk Services at MasterCard International, said that organized crime rings - with the help, in many cases, of former Soviet KGB cryptographers - were successfully using the Internet and "crimeware" software programs to circumvent the defenses credit-card issuers erected against them. The picture they presented of an escalating struggle between commerce and criminality offered little hope of quick relief for consumers worried about identity theft or for investors in card-issuing banks concerned about security's escalating costs. The credit-card companies were battling loosely knit, elusive criminal networks responsible for much of the fraud, they said. "They're very, very good at what they're doing," Shaughnessy told attendees at the Bank Card Conference, "and they're a few steps ahead of us in a couple of areas. They' ve done their homework about the payments system and because of (them) we all have a chance to lose some sleep at night." The sobering assessment came one day after Symantec Corp, the world's biggest security software maker, released a report that showed hacking was no longer just the pass-time of precocious teenagers, but now was the province of organized criminals looking to gain access to personal information of computer users - and their assets. Symantec said that viruses designed to capture confidential information made up three-quarters of the top 50 viruses, worms and Trojans during the first six months of 2005, up from 54 percent in the last six months of 2004. Visa's Shaughnessy said FBI data showed the number of Internet-related credit-card crime reports rose 66 per cent in 2004 and the average reported loss associated with the online scams tripled in 2003. Part of that jump reflects the rise of business done on the Internet, Lynch and Shaughnessy said. But part of it also reflects the increasing sophistication of the criminals. "We build a 10-foot wall," Lynch said, "and the bad guys build an 11-foot ladder." While the criminals are increasingly savvy, Shaughnessy and Lynch said that in many cases they were inadvertently helped by sloppy security policies within the payment chain - and by slip-ups by merchants, third-party processors or the credit-card companies themselves. "I will say that of all the hacks we've seen - and we've seen hundreds and hundreds of these - had the third-party been in compliance (with association rules), they probably wouldn't have been hacked," he said. Shaughnessy said Visa and others were looking at ways of protecting data so that even if a consumer's credit card information was compromised, it would be useless to the criminal. But he warned it would take many years, and lots of money, to set up such a system. "This is going to take big investments over a number of years and we're talking hundreds of millions of dollars to come up with a secure system," he said. "Maybe 10 years from now we'll have it solved . . . It's a tough situation." Made tougher by the speed with which the criminals exploit even the most harmless information breaches, Lynch said. Lynch said that as the Red Cross began issuing MasterCard debit cards to victims of Hurricane Katrina earlier this month, a newspaper photographer working on a story about the program took a picture of one recipient holding a card. The photo was quickly posted on the Internet web. "Within eight hours," Lynch said, "there was fraud on the card." "Somebody had seen the picture - and unfortunately they hadn't blocked the number - and so somebody used the card fraudulently." ------------------------ Yahoo! Groups Sponsor --------------------~--> Fair play? Video games influencing politics. Click and talk back! http://us.click.yahoo.com/VpgUKB/pzNLAA/cUmLAA/TySplB/TM --------------------------------------------------------------------~-> -------------------------- Want to discuss this topic? Head on over to our discussion list, [EMAIL PROTECTED] -------------------------- Brooks Isoldi, editor [EMAIL PROTECTED] http://www.intellnet.org Post message: [email protected] Subscribe: [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
