Archive for the ‘PC Fingerprint’ Category

Child identity theft is exactly like stealing candy from babies. Easy. It’s easy because the crime is often not detected until the baby is an adult and has his/her credit and reputation ruined.

The Huffington Post relates the story of Jennifer Andrushko.   

When Jennifer Andrushko applied for public aid two years ago, a state employee entered her son Carter’s Social Security number into a computer and discovered something strange: The boy appeared to have been earning wages for the past eight years.

“I thought, ‘How could this be happening? He’s only three years old,’” Andrushko said.

It turned out an undocumented immigrant had been using Carter’s number to acquire jobs since before [Carter] was born. But Carter proved relatively fortunate. Unlike many child identity theft victims who do not realize their credit is ruined until they reach adulthood, his case was caught while he was young, giving him time to recover his good name.

Carter was lucky. He was living in Utah, one of the few states that cross-references its employment database with a list of children receiving public assistance. Well he wasn’t all that lucky. His mother was applying for public assistance.  Anyway, according to the Huffington Post, Utah found thousands of instances of child identity theft, including one where nine people used one nine-year-old’s Social Security number to get employment.

Parents hand over children’s Social Security numbers to schools and health care providers, and other institutions that often don’t have sufficient safeguards in place. It’s been suggested that a solution, or at least a partial one, would be if the Social Security Administration could do something with the numbers to make it possible for credit agencies to know that the holder is a minor.

Last year, more than 18,000 cases of child identity theft were reported to the Federal Trade Commission. The Huffington Post suggests even 18,000 doesn’t come close. “The real figure…is probably much higher because the crime often goes undetected….. ID Analytics estimates that more than 140,000 children are victims of identity theft each year, based on a one-year study of those enrolled in the firm’s identity protection service.

“In the largest study on child identity theft to date, researchers at Carnegie Mellon University found that 10 percent of children were victims of identity theft, compared with less than 1 percent of adults. The study, which was published this spring, analyzed more than 800,000 records — including 40,000 belonging to minors — compromised by data breaches in 2009 and 2010. The data was provided by the credit monitoring service Debix.”

The Huffington Post story says, “Thieves now exploit a gap in the system used by the three major credit bureaus to check consumer credit. When the bureaus pull reports, they look for matching names, birthdates and Social Security numbers. But identity thieves escape detection by pairing a child’s number with a different name and birth date, creating the appearance of a consumer who is applying for credit for the first time. Debix says it recently ran credit reports on 381 cases of confirmed child identity theft and found that credit reports only turned up fraudulent activity in four cases, or 1 percent.”

Companies are able to cross check names, birthdates and SSNs with the Social Security Administration, but the agency charges a $5,000 fee upfront, plus $1 for each check – a tab many companies don’t care to pay.

Stuart Pratt, president of the Consumer Data Industry Association, the trade association for the three credit reporting agencies, asked, “How can somebody open up any kind of account with just a name and Social on its own? Authentication should be much more than that. It has to be robust.”

In the late 1980s, the Social Security Administration started requiring parents to list their children’s SSNs to claim them as dependents. Newborns got spanking new credit histories that remained that way till they turned eighteen. It was an open invitation to crooks.

So what happens when thieves have a multi-year head start?  The Huffington Post relates the story of Jaleesa Suell of Oakland, California.  When Jaleesa was 17, a thief stole her identity to open a credit card. She didn’t find out until she turned 21 and was denied her first credit card. The reason?  She had a $300 unpaid credit-card debt, which had been sent to a collection agency.

Now 22, Suell has spent the last six months disputing the fraud with Plains Commerce Bank, based in South Dakota, where the account was opened. Before accepting the charges were fraudulent, the bank insisted that Suell provide a full police report. But the Oakland Police Department has refused to provide such a report because $300 does not meet the department’s threshold.

Identity Theft 911, which is working pro-bono to help Suell, plans to write letters to the FDIC, FTC and the Better Business Bureau to pressure the bank to “do the right thing,” according to Kelly Colgan, a spokeswoman for Identity Theft 911.

If her case is not resolved, Suell fears she will graduate college in May and be unable to rent an apartment or acquire student loans for graduate school due to her damaged credit.

“I’m at an impasse,” she said. “It’s extremely frustrating.”

Story after story follows the same pattern. Even when victims are able to clear their names, they have still been forced to devote big chunks of time and energy to that end. And that’s time and energy that could be put to better use like improving their grades, finding jobs, etc.

Amending agency regulations and federal and state laws could help stop ID theft.  Another thing that could help the cause is for online businesses to use ThreatMetrix™ solutions.

ThreatMetrix doesn’t rely on passwords, user names and cookies to protect its clients.  Instead the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

Okay, the Chinese probably didn’t say “Je suis innocent.” (I am innocent). French Army Captain Alfred Dreyfus famously did upon being convicted of spying for the Germans in 1894 and sent to Devil’s Island.  Ultimately, Dreyfus was proven innocent.  However, the same may not be said of the Chinese about the attacks on the Chamber of Commerce — though they claimed they didn’t do it.

Reports the Wall Street Journal, “A spokesman for the Chinese Embassy in Washington, Geng Shuang, said [presumably not in French] cyberattacks are prohibited by Chinese law and China itself is a victim of attacks. He said the allegation that the attack against the Chamber originated in China ‘lacks proof and evidence and is irresponsible, adding that the hacking issue shouldn’t be ‘politicized.’”

However, somebody did hack the Chamber and people who should know from Richard Clarke, former White House counter-terrorism adviser, to congressional leaders to the FBI either hint or come right out and state the attacks came from China.

Clarke told ABC News, “The Chinese have attacked every major U.S. company, every government agency, and NGOs [non-governmental organizations]. Their attacking the Chamber of Commerce is part of a pattern of their attacking everything in the US. If you’re working on U.S.-China relations with an NGO [or] government agency, you can be sure the Chinese are reading your emails on your computer.” He went on to say, “I don’t think the Chamber of Commerce has anything worth stealing, but it’s part of a pattern of the Chinese stealing everything they can, and that’s worrying.”

The Wall Street Journal characterized the attack as “one of the boldest known infiltrations in what has become a regular confrontation between U.S. companies and Chinese hackers. The complex operation, which involved at least 300 Internet addresses, was discovered and quietly shut down in May 2010.”

It isn’t clear how much of the compromised data was viewed by the hackers. Chamber officials say internal investigators found evidence that hackers had focused on four Chamber employees who worked on Asia policy, and that six weeks of their email had been stolen.

Another report had it that the penetration into the Chamber of Commerce was so complete that a Chamber thermostat was communicating with a computer in China. Another time, Chamber employees were surprised to see one of their printers printing in Chinese.  Of course it might not have been Chinese. Ever see an inkjet suddenly go haywire?  Sure looks like Chinese.

Anyway…

The Chamber’s Chief Operating Officer David Chavern observed, “What was unusual about it was that this was clearly somebody very sophisticated, who knew exactly who we are and who targeted specific people and used sophisticated tools to try to gather intelligence.”

A Bloomberg report stated that “two people familiar with the Chamber investigation said certain technical aspects of the attack suggested it was carried out by a known group operating out of China. It isn’t clear exactly how the hackers broke in to the Chamber’s systems. Evidence suggests they were in the network at least from November 2009 to May 2010.”

Learning of the break-in, Chamber security experts didn’t tip their hands.  According to Bloomberg, “They first watched the hackers in action to assess the operation. The intruders, in what appeared to be an effort to ensure continued access to the Chamber’s systems, had built at least a half-dozen so-called back doors that allowed them to come and go as they pleased….They also built in mechanisms that would quietly communicate with computers in China every week or two.

“The hackers used tools that allowed them to search for key words across a range of documents on the Chamber’s network, including searches for financial and budget information.”

Cyberspies, who have access to a network for many months, often take measures to cover their tracks and to conceal what they’ve stolen.

According to Bloomberg, “To beef up security, the Chamber installed more sophisticated detection equipment and barred employees from taking the portable devices they use every day to certain countries, including China, where the risk of infiltration is considered high. Instead, Chamber employees are issued different equipment before their trips — equipment that is checked thoroughly upon their return.

Chamber officials say they haven’t been able to keep intruders completely out of their system, but now can detect and isolate attacks quickly.”

The Chamber eventually shut down the hackers by unplugging and destroying some computers and overhauling the security system, which was timed for a 36-hour period over one weekend when the hackers, who kept regular working hours were expected to be off duty. (Not a good idea to mess with hackers about overtime — tough union.)

The Bloomberg story went on to say “U.S. intelligence officials and lawmakers have become alarmed by the growing number of cyber break-ins with roots in China. Last month, the U.S. counterintelligence chief issued a blunt critique of China’s theft of American corporate intellectual property and economic data, calling China “the world’s most active and persistent perpetrators of economic espionage” and warning that large-scale industrial espionage threatens U.S. competitiveness and national security.”

About ongoing hacking of American corporations, Senator Sheldon Whitehouse of Rhode Island observed, “I think there’s a case to be made that this may be the greatest transfer of wealth through theft and piracy in the history of the world and we are on the losing end of it.”

Before your intellectual property or business plans become a casualty of cyberspies, get the best protection available.  Get ThreatMetrix™.

ThreatMetrix doesn’t rely on passwords, user names and cookies to protect its clients.  Instead the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

1917:  The Foreign Secretary of the German Empire, Arthur Zimmermann sent a diplomatic proposal from the German Empire to Mexico to make war against the United States. Intercepted by British intelligence and forwarded on to the United States, the Zimmermann Note angered Americans, adding another reason for the U.S. declaration of war against Germany in World War I.

2011: U.S. officials investigate reports that Iranian and Venezuelan diplomats in Mexico are involved in planned cyberattacks against U.S. targets, including nuclear power plants.

According to the Washington Times, a documentary that aired on the Spanish-language TV network, Univision, included secretly recorded footage of Iranian and Venezuelan diplomats being briefed on planned attacks and promising to pass information to their respective governments.

A former computer instructor at the National Autonomous University of Mexico told Univision that he was recruited by a professor there in 2006 to organize a group of student hackers to carry out cyberattacks against the United States, initially at the behest of the Cuban Embassy.

In an undercover sting, an instructor and several students infiltrated the hackers, secretly videotaping Iranian and Venezuelan diplomats.

State Department spokesperson William Ostick called the reports “disturbing,” but added that U.S. officials “don’t have any information at this point to corroborate them.”  However, earlier this year, U.S. prosecutors charged an Iranian official based in Tehran with trying to recruit a Mexican drug cartel to kill the Saudi ambassador to the United States by bombing a Washington restaurant. Ostick noted, “We constantly monitor for possible connections between terrorists and transnational criminals.”

An aide to New Jersey Senator Robert Menendez, chairman of the Senate Foreign Relations subcommittee on the Western Hemisphere told the Washington Times that the Univision report, which also said that Iranian extremists were recruiting young Latin American Muslims, is “one of a variety of concerns we have about Iran’s efforts to engage with countries and other actors in the region.”

Stating the obvious: technology has changed dramatically since 1917. People haven’t.  To ensure your company is protected against attack from people, who are out to cause harm or perpetrate fraud, the best solutions come from ThreatMetrix. Without requiring personal identifiable information, such as Social Security Numbers, that can be compromised, ThreatMetrix solutions nab criminals in real-time before they can do real damage. The ThreatMetrix™ Cloud-Based Fraud Prevention Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to stop criminals whether in Toledo or Tehran.

Just released in a second edition, Inside Cyber Warfare: Mapping the Cyber Underworld by Jeffrey Carr, is a wide-ranging overview of virtually every type of online illicit activity from cyber spying and cyber stealing to malicious malware attacks and identity theft.

Carr, a cyber intelligence expert is a columnist for Symantec’s Security Focus. A writer who specializes in investigating cyber attacks against governments and infrastructures, he’s been quoted in The New York Times, Washington Post, The Guardian, Business Week, Parameters, and Wired. Carr was also principal Investigator for Project Grey Goose, an Open Source intelligence investigation into the Russian cyber attacks on Georgia in August, 2008.

With a foreword by former Secretary of Homeland Security, Michael Chertoff and guest essays, including an essay by former senior advisor to the Director of National Intelligence and Cyber Coordination Executive,  Melissa Hathaway, Inside Cyber Warfare is encyclopedic in scope as it takes up :

·      The Conficker Worm: The Cyber Equivalent of an Extinction Event?

·      Africa: The Future Home of the World’s Largest Botnet?

·      The StopGeorgia.ru Project Forum

·      The Russian Information War

·      The Gaza Cyber War between Israeli and Arabic Hackers during Operation Cast Lead

·      Control the Voice of the Opposition by Controlling the Content in Cyberspace: Nigeria

·      Are Non-state Hackers a Protected Asset?

·     The Legal Status of Cyber Warfare

·      The Antarctic Treaty System and Space Law

·      The Law of Armed Conflict

·      Is This an Act of Cyber Warfare?

·      Responding to International Cyber Attacks as Acts of War

·      Analyzing Cyber Attacks under Jus ad Bellum – whether entering into a war would be a just war

·      The Korean DDoS Attacks (July 2009)

·      One Year After the RU-GE War (the War between Russia and Georgia)  Social Networking Sites Fall to DDoS Attack

·      Ingushetia Conflict, August 2009

·      Pakistani Hackers and Facebook

·      TwitterGate: A Real-World Example of a Social Engineering Attack with Dire Consequences

·      False Identities

·      Components of a Bulletproof Network

·      The Bulletproof Network of StopGeorgia.ru

·      SORM-2

·      The Kremlin and the Russian Internet

·      A Three-Tier Model of Command and Control

·      Organized Crime in Cyberspace

·      Russian Organized Crime and the Kremlin

·      Using Open Source Internet Data

·      Team Cymru and Its Darknet Report

·      Using WHOIS

·      Weaponizing Malware

·      The Role of Cyber in Military Doctrine

·      China Military Doctrine

·      A Cyber Early Warning Model

·      Advice for Policymakers from the Field

·      When It Comes to Cyber Warfare: Shoot the Hostage

·      The United States Should Use Active Defenses to Defend Its Critical Information Systems

·      Scenarios and Options to Responding to Cyber Attacks

·      Whole-of-Nation Cyber Security

·      Conducting Operations in the Cyber-Space-Time Continuum

·      Anarchist Clusters: Anonymous, LulzSec, and the Anti-Sec Movement

·      Social Networks: The Geopolitical Strategy of Russian Investment in Social Media

·      Globalization: How Huawei Bypassed US Monitoring by Partnering with Symantec

·      The Russian Federation: Information Warfare Framework

·      Russia: The Information Security State

·      Russian Ministry of Defense

·      Internal Security Services: Federal Security Service (FSB), Ministry of Interior (MVD), and Federal Security Organization (FSO)

·      Russian Federation Ministry of Communications and Mass Communications (Minsvyaz)

·      Cyber Warfare Capabilities for: Australia – Brazil – Canada – Czech Republic – Democratic People’s Republic of Korea – Estonia – European Union – France – Germany – India – Iran – Israel – Italy – Kenya – Myanmar – NATO – Netherlands – Nigeria – Pakistan – People’s Republic of China – Poland – Republic of Korea – Russian Federation – Singapore – South Africa – Sweden – Taiwan (Republic of China) – Turkey – United Kingdom

·      US Department of Defense Cyber Command and Organizational Structure

·      Active Defense for Cyber: A Legal Framework for Covert Countermeasures

·      Covert Action

·      Cyber Active Defenses as Covert Action Under International Law

The book covers much more in 316 pages that are topical while, at the same time, providing in-depth analyses of the often dark underbelly of cyberspace.

For maximum protection from cyberspace’s dark underbelly, there’s one company that stands out — ThreatMetrix. ThreatMetrix offers superior solutions that can’t be compromised by break-ins. ThreatMetrix solutions protect against bad scripts and fraudulent account logins, payments and transactions.  With customized rules for each, ThreatMetrix solutions are designed to interdict attacks of fraud and other criminal behavior in real-time, while passively and transparently profiling users — without collecting extraneous personal identity information such as Social Security Numbers, birth dates and mother’s maiden names.

The world is a big place with close to seven billion people. And, according to professional researcher Moya K. Mason, something like 50-million new firms are started each year. So when you think about ThreatMetrix making Red Herring’s top 100 leading private companies in all of North America, Europe, and Asia, it’s quite an honor – especially when put in the context of other companies that have made the Top 100 in past years: Google, Skype, Baidu, Salesforce.com, YouTube and eBay. (The full list of winners in 2011 can be found here: http://www.herring100.com/RHG/2011/top100.html)

Red Herring’s editorial staff evaluated the companies on both quantitative and qualitative criteria, such as financial performance, technology innovation, management quality, strategy, and market penetration. This assessment of potential was complemented by a review of the track record and standing of start-ups relative to their sector peers.

Alex Vieux, Chairman of Red Herring, observed, “Choosing the best [companies from] the previous two years was by no means a small feat. After rigorous contemplation and discussion, we narrowed down our list from 1,100 potential companies to 100 winners.  It was an extremely difficult process [and the] competition for the Top 100 was fierce.  [The] Top 100 Global are truly the best of the best.”

“We’re extremely proud to be recognized by Red Herring as among the best technology companies globally,” said Reed Taussig, president and CEO, ThreatMetrix. “Winning the Red Herring Global award further validates ThreatMetrix’s value proposition in the marketplace as a leading provider of online fraud prevention and cybersecurity solutions.”

Many companies have already come to the conclusion that ThreatMetrix is the “right decision” when it comes to protecting their online assets. Offering transaction security from hidden proxies, scripted attacks and cookie and browser manipulation, the ThreatMetrix™ Cloud-Based Fraud Prevention Platform lets companies authenticate payments, new accounts and returning customers in real time. And it doesn’t matter what device is being used from smartphones to PCs to tablets. Combined with aggregated fraud intelligence in the cloud, ThreatMetrix device identification offers companies maximum protection without the need to collect Social Security numbers, email addresses or bank account information.

One of these shoes is priced at $428, the other $26.99. At a glance, can you tell which is which? Answer at blog’s end.

Many consumers, returning to a website where they got a “too-good-to-be-true” price break on a name-brand product, found out they were right. It was — too good to be true. And the one telling them was the U.S. government, which left a message saying the site had been seized and warned “willful copyright infringement is a federal crime.”  Not only did these consumers discover they’d been “had,” they were warned they’d better not try to resell whatever they bought to some other poor sucker without explaining the goods were not brand-name.  Talk about coal in your stocking!

On Cyber Monday, Immigration and Customs Enforcement Director John Morton and Assistant Attorney General Lanny A. Breuer announced the results of the ICE and FBI three-month investigation that busted 150 websites selling everything from fake replica NBA jerseys and Louis Vuitton handbags to imitation Ugg boots.

The Feds maintained that while the domain names were registered in the United States, most of the websites were run from China. No one has been charged with a crime in connection with the most recently seized domains, which were just the latest of 350 websites the government has closed since targeting online counterfeiters in June 2010.

An Associated Press account by Alicia A. Caldwell said earlier this year five people were indicted in Virginia on conspiracy and copyright infringement for their roles in operating a website the Justice Department said allowed people to illegally download high-quality movies and television shows. Four, accused of running NinjaVideo.net, have pleaded guilty. A fifth is being sought.

It’s unclear how much money the seized sites have made, or potentially cost legitimate companies. Breuer said since the crackdown on counterfeit sellers started last year, Internet users have gone to the seized domains more than 77 million times.

While withholding comment on whether organized crime is involved in running any of the websites, Morton said, “We are worried about organized crime and [that profits] are going to fuel other criminal activity.”

Whether it’s one consumer or a multinational corporation, the metric is the same.  A product or service has to be genuine and live up to its reputation for quality and delivering what it promises. That’s why more and more companies are turning to ThreatMetrix to help protect their online business.

The ThreatMetrix™ Cloud-Based Fraud Prevention Platform offers a global perspective of risk from a worldwide network of shared intelligence across tens of millions of transactions across all of ThreatMetrix’s customers. The information is always up-to-date and always available. The ThreatMetrix Cloud-Based Fraud Prevention Platform, incorporating ThreatMetrix SmartID™ cookieless device identification, lets financial institutions and others verify new accounts, authorize payments and transactions and authenticate user logins in real-time — without relying on personally identifiable information (PII). So, even in a worst case scenario where a breach has occurred, cybercriminals never have access to personal information such as birth dates, maiden names and Social Security numbers.

The shoe on the left is $428, but getting it for half price (or less) what bargain hunter could resist?  But, if a bargain hunter got the $26.99 shoe when she thought she was getting the $428 shoe, even at half price, she’d be spending about ten times what the shoe is worth.  It’s enough to make you go barefoot.

Hall of Famer, Yogi Berra said, “It’s like déjà vu all over again.” Okay, Yogi probably never said it. But he would have if he’d spoken French … or English.  (That was just meant in good fun.  We love Yogi. So, please don’t email, tweet or Facebook.)

ANYWAY…if you’re of a certain age or had a history class that touched on the Cold War, déjà vu pretty much describes what’s happening in cyberspace between Russia, China and the United States. A just-released US government report, “Foreign Spies Stealing U.S. Economic Secrets in Cyberspace,” accuses Russia and China of cyberattacks against corporate and military targets. In clearly undiplomatic language it states, “Chinese actors are the world’s most active and persistent perpetrators of economic espionage [and] Russia’s intelligence services are conducting a range of activities to collect economic information and technology from U.S. targets.”

Russian and Chinese hacking has been the eight-hundred pound gorilla in the middle of the room that nobody talks about. Corporations generally don’t because they do business with China and Russia. Also, they don’t want to let on that their security has been breached. The stockholders might hold management responsible.

The government doesn’t speak openly about Chinese and Russian hacking because it has a broad foreign policy agenda with cybersecurity being only one part. However, the Washington Post reported that “the government’s unusual candor in naming particular countries was prompted by the severity of the threat.”

Said a government official, “From a counterintelligence standpoint and the threat to our national economy, I think we have to suggest and say who we consider the foreign intelligence services and the countries that are doing the most harm…. We have information that certainly the Chinese and Russians are interested in our technology. … It’s part of China and Russia’s national policy to try to identify and take sensitive technology which they need for their development.”

The report states that China set up something called Project 863 to acquire U.S. technology and sensitive economic information clandestinely. The U.S. government official noted, “We put billions of dollars into research and development….. [What the Chinese learn from cyberespionage places China] on a par with us if they can take that information and use it for their economy.”

From their perspective, the official added, “What’s the downside? What do you lose? There’s no downside to trying to build your economy on somebody else’s informati

In the Washington Post article, the head of U.S. Cyber Command, Gen. Keith Alexander, reported that one American company recently lost $1 billion worth of intellectual property over the course of a couple of days — “technology that they’d worked on for 20-plus years — stolen by one of the adversaries.” “Adversary” was a popular word during the Cold War. You could say “enemy” without saying enemy.

The dollar value of the data that’s lost to cyberattacks is hard to quantify because companies don’t always report thefts and don’t always know how to accurately assess loss.

The Post said “one senior official noted that the value of U.S. research and development is $400 billion.”  In the last six years, cases involving espionage where the perpetrators were prosecuted were:  “$100 million worth of insecticide research from Dow Chemical, $400 million worth of chemical formulas from DuPont, $600 million of proprietary data from Motorola; $20 million worth of paint formulas from Valspar.”

At a news conference accompanying the report’s release, Robert “Bear” Bryant, the National Counterintelligence Executive, called online spying “a quiet menace to our economy with notably big results. Trade secrets developed over thousands of working hours by our brightest minds are stolen in a split second and transferred to our competitors.”

Joel F. Brenner, the former National Counterintelligence Executive, whose new book, “America the Vulnerable,” commented, “The leaders of the pack are Russia, China and Iran….The Russians are very quiet and very good. But for relentlessness and sheer volume, the Chinese are in a class by themselves.”

“This is definitely the golden age of cyber espionage,” said Steven Chabinsky, deputy assistant director of the FBI’s cyber division. “Foreign states are stealing data left and right from private-sector companies, nonprofit organizations and government agencies.”

The report observed that Russia was motivated by a dependence on natural resources, a need to diversify its economy and the belief that the global system is tilted toward the West at Russia’s expense. The last has been an ongoing theme of Russian history since before the days of the Czars.

Not all the stealing is done via the Internet. According to the report, employees also steal data on behalf of a foreign government or company. All it takes is a memory stick and sticky fingers. Of seven insider theft cases prosecuted under the Economic Espionage Act in fiscal year 2010, six had links to China.

The report says the threat is not just to the economy but also to national security. The illicit transfer of technology with military applications to a hostile state such as Iran or North Korea could endanger the lives of U.S. and allied military personnel.

Safeguard your company’s proprietary information from a foreign power with the power of ThreatMetrix solutions. ThreatMetrix takes data encryption to a new level with improved data encryption architecture that addresses strict security requirements with minimal impact to customer response times. This means multi-layered encryption of customer-siloed data, as well as global customer data. If any one customer account is compromised, the data loss is limited to that single customer. Even if the data center hosting ThreatMetrix services were to be compromised, the encrypted data would still remain confidential.  This ensures all customer data shared with ThreatMetrix for purposes of fraud protection is kept secure, while at the same time meets performance concerns.

Ericka Chickowski, a contributing editor at Darkreading.com, did a piece titled “Tales of De-Crypt 2011.” Considering it was scheduled to run sometime around Halloween, the title was “scary clever” while the subject matter was just plain scary. Chickowski observes that 2011 has been “a banner year for authentication and Identity and Access Management (IAM) failures, with embarrassments of epic proportions hitting the headlines nearly every month…. [There have been] targeted authentication tokens, sophisticated password-stealing Trojans, rogue certificates, stolen passwords and misappropriated accounts.”

Compiled by Ms. Chickowski is a list of the top ten worst “hacks, vulnerabilities and screw-ups to hit the headlines in 2011.” The upside is that the top-ten list only has seven entries.  It also has some lessons to be learned.

1. The RSA Tokens That Took a Lot of People for a Ride. “After a junior employee at security heavyweight RSA fell prey to a run-of-the-mill phishing attack, hackers were able to make their way into the company’s network and hack into its SecurID servers. RSA confirmed that some ‘information related to the RSA SecurID product had been extracted.’” Extracted is another way of saying ripped off.

So what was learned? Don’t put all your eggs in one basket and leave the basket where anybody can trip over it. Or as Darkreading.com put it, “Security experts were aghast that the token seeds were resident in a place on the network where a hacker could even find them. The incident illustrates that network segmentation is a key best practice to mitigate the risk of a company’s most critical assets.”

2. The Death of DigiNotar.  A hacker with the moniker, ComodoHacker created fraudulent Comodo SSL certificates in March, then, later, hacked CA DigiNotar to issue 500 more certificates. The actions of ComodoHacker, who claimed to have hacked other certificate authorities, ultimately led to the demise of the company.

So what was learned? A stitch in time saves nine?  A penny saved is a penny earned? A wet bird never flies at night?  No, what was learned was, “DigiNotar knew about the fake certs long before the news went public and did nothing to get the word out. The situation is a good reminder at how important communication is in high-impact breach situations. It also illustrates that the fundamental basis of trust for Internet authentication still needs work.”

3. HBGary Federal’s “federal case” Over Anonymous Backfires.  After the company’s CEO said he was about to release information about Anonymous, the group infiltrated HGGary’s network through SQL injection, stole stored passwords and got control of the company’s email, internal accounts and its executives’ social media accounts.

So what was learned? As they used to say in the U.S. Infantry (and probably still do) in not such genteel terms, “Don’t let your alligator mouth overload your hummingbird ass.” Darkreading.com put it this way, “Hubris is not becoming of security executives who run companies that store passwords on insecure servers. Even the humble should learn to keep passwords better protected from multi-stage attacks that start with SQL injection. Anonymous was able to use Rainbow tables to crack the passwords’ encryption because the firm used weak MD5 hashes to protect them.”

4. Beware the LulzSec. After breaking into networks, LulzSec members distributed unencrypted passwords and other sensitive information, such as emails that impacted everyone from Sony to the U.S. Senate and compromised millions of accounts.

So what was learned? The bigger they come, the harder they fall. That could be one of the things learned.  But, Darkreading.com pulled out some other lessons like, “a lack of input validation or database monitoring [allow LulzSec] to commit SQL injection attacks at will. And …organizations [have a tendency] to store login information unencrypted and unprotected within network systems.”

5. Don’t Count on Citi Account Numbers. Darkreading.com says, “Hackers were able to game Citgroup’s online account site by manipulating the account number that appeared in the Web address browser bar to randomly guess other account numbers and gain access to random customers’ accounts. The trick gave them access to customer names, account numbers, and transaction information.”

So what was learned? Money is the root of all evil?  Or rather lack of money is the root of all evil?  No.  Actually it’s that, “web applications providing access into sensitive information, financial or otherwise, must be tested not only for vulnerabilities but also for business logic flaws such as the one that allowed hackers to circumvent Citi’s online banking authentication engine.”

6. Bank of America Rogue Employee Was a Rogue. A Bank of America employee leaked information to an identity-theft ring.  Fake accounts were created under victims’ names and $10-million was stolen before the thieves were nailed.

So what was learned? One rotten apple can spoil the whole barrel. He/she can also steal $10-million. The other thing that was learned is frequent reviews of access controls might have prevented this type of theft.

7.Duqu Worms Its Way Into the World. “A refinement on the code foundation laid down originally by Stuxnet… this password- and data-stealing Trojan features a rogue certificate [now revoked. However,] it’s able to fly under the detection radar by injecting itself into running processes.”

So what was learned? “[This was] another instance of hackers manipulating the certificate authority ecosystem…”

Perhaps the most important lesson to be taken from the seven disasters described above is many could have been averted by using ThreatMetrix solutions. The first perimeter and the most effective element in a multi-layered defense against cyber criminals is device identification. Offering transaction security from hidden proxies, scripted attacks and cookie and browser manipulation, the ThreatMetrix™ Cloud-Based Fraud Prevention Platform lets companies authenticate payments, new accounts and returning customers in real time. And it doesn’t matter what device is being used from smartphones to PCs to tablets. Combined with aggregated fraud intelligence in the cloud, ThreatMetrix device identification offers companies maximum protection without the need to collect Social Security numbers, email addresses or bank account information.

Misha Glenny’s book, DarkMarket, relates the brief history (2005 – 2008) of DarkMarket.ws, an Internet cybercrime forum (in English) that was kind of a cross between a chat room and Amazon.com.

If you haven’t heard about the site, it probably says something about your honesty. You see DarkMarket.ws was “by-invitation-only.”  If you weren’t a cybercrook who knew a cybercrook, you were not about to get access to the URL.  Very exclusive.

You know the expression “honor among thieves?”  Well, you could call getting an invitation to join, “a high honor among thieves.” The Website provided criminal entrepreneurs — stolen identity and credit-card data buyers and sellers — a venue to meet and exchange information and ideas with their peers and learn from experts about the latest technologies and scams in a professional, friendly atmosphere. Created in London by Renukanth Subramaniam, who went by the user name JiLsi, the site had 2,500 users at its peak and was a place where an online thief could buy “skimming machines” (devices installed in ATMs to record users’ credit-card details), find reviews of hardware advertised on the site, and generally catch up on the latest and greatest in crime.

You’ve probably heard this other old saying one time or another.  “You can’t bulls_ _t a bulls_ _ _ ter.”  While you may have heard it, the FBI evidently didn’t because they ended up scamming the scammers.

FBI agent J. Keith Mularski infiltrated the DarkMarket site using the name of an infamous Polish spammer, Master Splyntr. In fact, he not only infiltrated it, he became the site’s administrator!

Misha Glenny’s DarkMarket is the story of how DarkMarket.ws was taken down. Says Evgeny Morozov in his review in the Wall Street Journal, “Mr. Glenny, a gifted investigative reporter, has sought out investigators and cyber criminals alike (he visited many convicted offenders in prison and got them to talk about their trade). He dissects DarkMarket’s transient but maddeningly convoluted history in a highly meticulous, almost forensic manner….Before the story is over, Turkish military intelligence agents, the Tamil Tigers, members of the Saudi royal family and the brother of Supreme Court Justice Stephen Breyer all make appearances.”

Pointing out that it’s impossible to end cybercrime without understanding the psychology of cybercriminals, Morozov says Glenny’s book offers valuable insight. “Even though many cyber criminals have day jobs, they spend inordinate amounts of time online, mostly in a futile attempt to impress their peers and join the ranks of the digital übermenschen. Many choose cybercrime for the same reasons that disaffected youngsters choose more pedestrian forms of crime; tales of desperation, rejection and poverty loom large in this book. Faced with an unpalatable choice between a life of violent crime or seemingly victimless cybercrime, 13-year-olds in Ukraine choose the latter.”

However, no matter how they found their way into cybercrime, once in it, these criminals often act like mainstream business. “Obsessed with profit-maximization, they vie to annihilate competition, establish absolute monopoly and ratchet up the prices.”

While European and American police agencies seemed to work well together, the same couldn’t be said of American internal police agencies.  Offers Morozov, “Mr. Glenny recounts a grotesque story of how the FBI and the Secret Service had been investigating each other’s undercover agents, in both cases believing them to be actual criminals. Only the intervention of their British colleagues, who were privy to the secrets of both groups, prevented a major crisis.”

So, lacking guns, explosions and car chases, what kind of read is DarkMarket? Wall Street Journal reviewer calls it, “an eminently readable, witty narrative that sustains suspense until the very last pages.”

As a result of the FBI sting, there were more than sixty arrests worldwide with the man who started it getting sentenced to nearly five years in prison. So, what’s the best way to fight cybercrime if you’re not an FBI agent with unlimited time and funds?

ThreatMetrix™.

The ThreatMetrix™ Cloud-Based Fraud Prevention Platform offers a global perspective of risk from a worldwide network of shared intelligence across tens of millions of transactions across all of ThreatMetrix’s customers. The information is always up-to-date and always available. Incorporating ThreatMetrix SmartID™ cookieless device identification, the Platform lets companies authenticate user logins in real-time — without relying on personally identifiable information (PII). So, even in a worst case scenario where a breach has occurred, cybercriminals never have access to personal information such as birth dates, maiden names and Social Security numbers.

Integrated into the latest release of the ThreatMetrix™ Cloud-Based Fraud Prevention Platform is a new multi-layered data encryption architecture feature that takes data encryption to a whole new level.  Addressing strict security requirements, the new feature provides multi-layered encryption of customer-siloed data and global customer data with minimum impact on customer response times.

Should any one customer account be compromised, data loss is limited to that one customer.  Even if the data center hosting ThreatMetrix services were compromised, the encrypted data would remain confidential. Customer data shared with ThreatMetrix™ for fraud protection purposes remains secure. And, there’s no worry about a degradation in performance.

“It’s our goal to raise the bar for the level of security and privacy of online transactions,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “The question is not if a consumer’s identity will be compromised, but it’s a matter of when it will be compromised. Credit card companies can update their credit cards if they’ve been compromised, but consumers can’t simply recycle their identity. ThreatMetrix is staying one step ahead so fraudulent activity is minimized and our clients can do a better job of protecting their customers.”

Faulkner added, “ThreatMetrix, in broadening its strategy as a leader in digital cyber identification, views the new data encryption feature as a critical next-step toward protecting privacy and enhancing the security of confidential consumer information during online transactions. Activities associated with hacker group LulzSec and many recent high-profile data breaches like Epsilon and PlayStation — which resulted in millions of compromised accounts — underlines the need for new encryption technology that better protects both online brands as well as consumers.”

The new release offers a host of new benefits including new fraud detection rules, device identification improvements, administrative enhancements, queue management improvements, and changes to the ThreatMetrix Portal around access and data privacy.

Faulkner observes, “PII is no longer an effective authentication tool by itself, as it can’t authenticate the person behind the transaction.  Context is key, which means looking past the device and also considering other factors associated with the device, like phone number and email. We’re looking for anomalies in customer data, in conjunction with the underlining device reputation behavior. It’s whether or not all transactions and customer and device information make sense in the context of that transaction. We then apply this intelligence across a comprehensive global network to stop fraud in real-time and better protect consumers.”

Today, ThreatMetrix serves social networks, financial services, e-commerce companies et al. by authenticating payments, new accounts, and customers in real-time —without hassling those customers for personal information like Social Security Numbers, mothers’ maiden names, etc. It’s estimated that ThreatMetrix helps screen up to one-billion online transactions each month and is successfully eliminating the threat of an estimated 300,000 fraudulent attempts every day!  That’s why ThreatMetrix has become the fastest growing provider of cloud-based fraud prevention solutions that don’t require personally identifiable information.