Archive for the ‘Uncategorized’ Category

Casus belli is polite diplomatic Latin for an act of war. Except for maybe the Greeks getting a bit annoyed over losing Helen and attacking Troy, acts of war have pretty much been confined to blockades (naval and otherwise) and direct military strikes.

Now the Pentagon is in the process of officially redefining acts of war to include hacking that poses a significant threat to U.S. nuclear reactors, subways, pipelines, etc. In poker terms, what it comes down to is we’ll see your virus and raise you the U.S.S. Enterprise – and we ain’t talkin’ Star Trek.

Recently, the Wall Street Journal obtained unclassified portions of the Pentagon’s formal cyber strategy. In Siobhan Gorman and Julian E. Barnes’ WSJ article, they said attacks on Pentagon systems including military contractor, Lockheed Martin, and sabotage against Iran’s nuclear program using the Stuxnet computer worm spurred the U.S. military to action.

One nagging problem is determining where an attack originated. Another is, how strongly to retaliate once the source of the attack is determined. For example, if a cyberattack produces death, damage, destruction or high-level disruption, the offending party could get a visit from Seal Team Six, Predator Drones or the entire Fourth Infantry Division.

The Wall Street Journal story notes attacks that impacted nations since 2007:

• June 2009: First version of Stuxnet virus starts spreading, eventually sabotaging Iran’s nuclear program. Some experts suspect it was an Israeli attempt, possibly with American help.
• November 2008: A computer virus believed to have originated in Russia succeeds in penetrating at least one classified U.S. military computer network.
• August 2008: Online attack on websites of Georgian government agencies and financial institutions at start of brief war between Russia and Georgia.
• May 2007: Attack on Estonian banking and government websites occurs that is similar to the later one in Georgia but has greater impact because Estonia is more dependent on online banking.

The article notes that the “Pentagon itself was rattled by the 2008 attack, a breach significant enough that the Chairman of the Joint Chiefs briefed then-President George W. Bush. At the time, Pentagon officials said they believed the attack originated in Russia, although didn’t say whether they believed the attacks were connected to the government. Russia has denied involvement.”

Cyberwarfare isn’t governed by the traditional rules of armed conflict based on international treaties, i.e., the Geneva Conventions and customary international law.

“Act of war” according to retired Air Force Major General and Duke University law school professor Charles Dunlap is a political phrase rather than a legal term. He also argued that cyber attacks that have a violent effect are the legal equivalent of armed attacks, or what’s called in military parlance, “use of force” and should be governed by basically the same rules as any other kind of attack. In other words, the U.S. “would need to show that the cyber weapon used had an effect that was the equivalent of a conventional attack.”

Center for Strategic and International Studies’ computer security specialist James Lewis says many military planners believe retaliation should be judged by the amount of real or attempted damage the attack caused. Therefore, if a hack attack shut down as much commerce as a naval blockade, it would be considered an act of war the same way a naval blockade is.

The Gorman and Barnes WSJ story says the origin of the Stuxnet virus, meant to sabotage Iran’s nuclear centrifuges, could not be positively identified. “While some experts suspect it was an Israeli attack, because of coding characteristics, possibly with American assistance, that hasn’t been proven. Iran was the location of only 60% of the infections, according to a study by the computer security firm Symantec. Other locations included Indonesia, India, Pakistan and the U.S.” Cyberattacks on American online assets have often been attributed to China or Russia. The difficulty proving exactly where attacks originate have some Pentagon planners seeking to deter attacks by holding the countries that build cyberweapons, themselves, responsible for their use.

Whatever international law comes to recognize as a cyberspace act of war, a growing number of companies have already come to recognize that ThreatMetrix™ offers the best protection available. Without relying on passwords, user names and cookies to protect its clients, the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

Use Google?  Incidentally, does anybody out there know if Yahoo still does searches? Bing? Okay — some serious questions: Do you have a YouTube account? Use Gmail? Do you know what Google’s up to?

Everybody with an account on Gmail and YouTube already has an idea something’s in the works. That’s because they have to use the same name and password to logon to Gmail and YouTube. In fact, that’s the way it is across all Google platforms except for Google Wallet, Chrome and Google Books. So, what if you don’t feel like changing your user name or password?  Well, Google took a page from Mike C’s book.  Mike was a guy we used to play touch football with in college.  If he couldn’t play quarterback, he’d take his regulation professional ball and go home.

Mike played quarterback — a lot.  And, if you want to maintain both YouTube and Gmail accounts, you’ll have to play along, too.

So what’s this all about? Google says the move will help the company to better tailor its ads to users’ tastes, benefitting consumers. Notes Cecilia Kang in the Washington Post, “When someone is searching for the word “jaguar,” Google would have a better idea of whether the person was interested in the animal or the car. Or, the firm might suggest e-mailing contacts in New York when it learns you are planning a trip there.”

Common Sense Media chief executive James Steyer observes, “Google’s new privacy announcement is frustrating and a little frightening. Even if the company believes that tracking users across all platforms improves their services, consumers should still have the option to opt out — especially the kids and teens who are avid users of YouTube, Gmail and Google Search.”

Jeffrey Chester, executive director of the privacy advocacy group, the Center for Digital Democracy, says, “There is no way a user can comprehend the implication of Google collecting across platforms for information about your health, political opinions and financial concerns.”

Added Rep. Ed Markey (D-Mass): “It is imperative that users will be able to decide whether they want their information shared across the spectrum of Google’s offerings.”

In a touch of irony…okay, a red-hot branding iron of irony…Google is a partner in sponsoring Data Privacy Day, an annual international celebration designed to promote awareness about privacy and education about best privacy practices.

So, why would Google support Data Privacy Day and in the same calendar quarter change policy to gather even more consumer information?

“The change to its privacy policies,” says Kang in the Post article, “comes as Google is facing stiff competition for the fickle attention of Web surfers. It recently disappointed investors for the first time in several quarters, failing … to meet earnings predictions. Apple, in contrast, reported record earnings …that blew past even the most optimistic expectations.

“Some analysts said Google’s move is aimed squarely at Apple and Facebook — which have been successful in building a unified ecosystem of products that capture people’s attention. Google, in contrast, has adopted a more scattered approach, but an executive explained in interviews that the company wants to create a much more seamless environment across its variety of offerings.”

In addition to consumer privacy advocates, Google’s actions aren’t sitting too well with regulators in Washington. The Washington Post reports, “The company recently settled a privacy complaint by the Federal Trade Commission after it allowed users of its now defunct social network, Google Buzz, to see contacts’ lists from its e-mail program. And a previous decision to use its social network data in search results has been included in a broad Federal Trade Commission investigation, according to a person familiar with the matter who spoke on the condition of anonymity because the investigation is private.”  Well at least some things are still private…more irony…okay a hint of sarcasm.

To keep your company’s and its customers’ online private information private, select ThreatMetrix™. Without relying on passwords, user names and cookies to protect its clients, the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

“It” refers to data. Data Privacy Day, scheduled for January 28, is about keeping data to yourself and out of the hands of cybercriminals.  This annual international celebration is designed to promote awareness about privacy and education about privacy best practices. Official sponsors for Data Privacy Day are EBay and Intel, who are joined by a host of partners including Microsoft, Intuit, Comcast, MasterCard, AT&T, Facebook, Google, the International Association of Privacy Professionals, the State of West Virginia and….

Did we leave anybody out? Probably. But it’s a long list because Data Privacy Day is an excellent cause. Without it, literally the financial, social and political structure of society is at risk. HOLD ON. Just remembered somebody we left out —ThreatMetrix™.  ThreatMetrix strongly supports Data Privacy Day.

“We have entered a world of unprecedented identity theft and surveillance for monetary gain,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “Every site we visit, everything we search for, to everything we now do, buy and share online is tracked by a growing number of powerful players. Unfortunately the evidence suggests that no data is unreachable or un-exploitable by adversaries or advertisers. Whether it be due to data breaches, phishing attacks or over-sharing, the implication is that identity can no longer be relied-on to authenticate a customer online. The distribution of our identities across the net not only threatens our privacy but also makes us all preposterously easy to impersonate.”

We  should all be concerned about data security being at risk in today’s cybercrime infested environment. And the list of companies and institutions that have had data compromised continues to grow at an alarming rate. From the criminals’ perspective, it just makes good sense. Why try knocking over a bank with a gun and a good chance of getting caught or killed when you can sit back on a beach six time zones away and with your trusty laptop steal more money in one day than bank robbers Willie Sutton, John Dillinger and Baby Face Nelson and Bonnie and Clyde did in their whole lives?
Just a cursory glance at the number and types of recent breaches that compromised personal data from finance to health records and employment histories underscores the importance of calling attention to this Pandora’s Box.

• Facebook (Social Networks): A computer worm stole 45,000 login credentials from Facebook accounts in the UK and France.

• Yale University (Academic Institutions): 43,000 Yale University faculty, staff, students and alumni names and Social Security numbers were made public via Google because a File Transfer Protocol (FTP) where data was stored became searchable.

• Cyworld (Online Gaming): 35-million records including phone numbers, email addresses, names and encrypted information about the sites’ members were taken from South Korea’s largest social networking site, Cyworld.

• PBS (Communities): Thousands of user names and passwords were compromised when a PBS Website was hacked.

• Patco Construction (Online Banking): $300,000 was stolen from Patco Construction Company’s online bank account when hackers gained access to the company’s account credentials by sending employees email with Zeus, a password stealing trojan, that infected the company’s computers.

• Citbank (Financial Services): 360,000 Citibank customers (originally Citibank said it was 210,000 customers) had their account numbers and contact information stolen by hackers.

• Pittsford, N.Y. (Government): $139,000 was stolen from the hamlet of Pittsford, a town of 25,000 near Rochester, N.Y. when cyberthieves logged onto the town’s online commercial bank account. Initiating a small batch of automated clearing house (ACH) transfers, the thieves covering their tracks by sending the transfers to “money mules” around the country.

• Comerica Bank (Banking): $560,000 of Experi-Metal Inc. (EMI) hard-earned cash slipped away when Comerica Bank let fraudsters waltz away with it.

• Sony PlayStation (Online Gaming): 70-million Sony customers were put at risk when hackers broke into Sony’s PlayStation Network (PSN) and stole credit card details. The security breech caused Sony to take down the network for “maintenance.” Subsequently, 93,000 Sony customer accounts were hacked in a separate incident. Sony believed those customers used the same Sony login credentials to logon to other sites and that the other sites were hacked, providing access to the customers’ PII (personally identifiable information).

• Sega (Online Gaming): 1.3 million users had personal information put at risk by a Sega online network breach causing the company to temporarily shut down its online network.

• Washington Post (Media): Either 1.27 million, 1.3 million or 1.6 million user IDs and email addresses were ripped off from the Washington Post’s job section.

• Pentagon (Government): 24,000 military files were stolen from a defense contractor doing business with the Pentagon in a cyberattack. On a side note, the Pentagon is now consider cyberattacks as an act of war.

• Zappos (E-Commerce): 24 million customers’ personal information was put at risk when Zappos, the online shoe outlet owned by Amazon, was hacked.

• Toshiba (Computer Manufacturing): 7,520 Toshiba customers’ email addresses, telephone numbers and passwords were stolen by cybercriminals.

• NATO (Government/Military): A Gigabyte of NATO data was stolen by Anonymous which had accessed NATO servers.

• FTC (Government): More than 18,000 cases of child identity theft were reported to the Federal Trade Commission. Children’s identities provide the kind of clean backgrounds that make it possible for thieves to create entire fictional credit histories. Often the theft is not found until the person turns 18 and starts college or looks for a job.

• Credit Card Fraud: Restaurant workers, bank tellers and other service employees skimmed, swiped and scammed millions of dollars worth of personal credit information from thousands of American and European consumers. The cost to victims, financial institutions and retail business?  More than $13 million over a 16-month period.

• RSA (Security): After a junior employee at security firm RSA fell prey to a run-of-the-mill phishing attack, hackers were able to make their way into the company’s network and hack into its SecurID servers. The attack compromised RSA tokens requiring users to enter a unique number generated by the token each time they connected to their networks. Facebook, Amazon, Abbot Laboratories, Charles Schwab, Microsoft — In all 20% of the Fortune 100 had been compromised.

• Online Advertising: An East European cybergang hijacked at least four million computers in over 100 countries. Included in the half-million hijacked computers in the United States were some at NASA.  Using these computers, the gang stole $14 million in four years with a PPC and ad scheme based on redirecting traffic and replacing genuine ads with their own.

• Steam (Online Video Game Distribution): In a major hack, 35 million user accounts at Steam, one of the world’s largest distribution networks for online video games, may have been compromised exposing credit card details and billing addresses.

• Stratfor Global Intelligence Service (Security): Stratfor Global Intelligence Service, a company which helps clients with security and is famous for its secrecy and its top-secret client list was hacked resulting in names, emails, credit card details, passwords and home addresses for some 4,000 people being compromised. Additionally, this information was used to have clients involuntarily donate to charity to the tune of a million bucks.  The hackers also said they had details for more than 90,000 credit card accounts.

• San Francisco City College (Education): For more than a decade San Francisco City College servers have been stealing personal banking information and other data from thousands, or even tens of thousands, of students, faculty and administrators in what the San Francisco Chronicle refers to as “an infestation” of computer viruses with origins in criminal networks in Russia, China et al.

• South Africa’s Postbank (Government): $6.7 million was stolen from South Africa’s Postbank when cyberthieves accessed a computer from a remote location and hacked into Postbank’s server system using stolen login details for a Postbank teller and a call-center agent.

• Epsilon (Email Marketing Services): Epsilon, a large email marketing services company, reported a data breach that could affect the email addresses of thousands of customers of major banks, retail and hotel chains. This impacted financial services institutions such as Capital One, US Bank, JPMorgan Chase, Citi and Barclays Bank of Delaware. However, the only Barclays Bank of Delaware customers affected were the ones who have an LL Bean VISA card. In addition to the banks, other impacted companies included hotel brands Ritz-Carlton Rewards and Marriott Rewards, and retail heavyweights Home Shopping Network, Walgreens, Brookstone, New York & Company and Kroger. TiVo is also included in this list.

• WordPress.com (Blogs): WordPress.com, which hosts more than 19 million blogs, had its servers compromised and sensitive data taken.

• The State of Texas (Government): 3.5 million Texans had their names and Social Security numbers (and in some cases their dates of birth and driver’s license numbers publicly posted in a data breach at the Texas state comptroller’s office.

• International Monetary Fund (Banking/Government): Damage still not assessed or admitted to by the International Monetary Fund which fell victim to a large and sophisticated cyberattack that led the IMF to cut the link that allowed it and the World Bank to share confidential information.

Keep it to yourself. Protect your data with ThreatMetrix solutions. Without relying on passwords, user names and cookies to protect its clients, the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

Okay, the Chinese probably didn’t say “Je suis innocent.” (I am innocent). French Army Captain Alfred Dreyfus famously did upon being convicted of spying for the Germans in 1894 and sent to Devil’s Island.  Ultimately, Dreyfus was proven innocent.  However, the same may not be said of the Chinese about the attacks on the Chamber of Commerce — though they claimed they didn’t do it.

Reports the Wall Street Journal, “A spokesman for the Chinese Embassy in Washington, Geng Shuang, said [presumably not in French] cyberattacks are prohibited by Chinese law and China itself is a victim of attacks. He said the allegation that the attack against the Chamber originated in China ‘lacks proof and evidence and is irresponsible, adding that the hacking issue shouldn’t be ‘politicized.’”

However, somebody did hack the Chamber and people who should know from Richard Clarke, former White House counter-terrorism adviser, to congressional leaders to the FBI either hint or come right out and state the attacks came from China.

Clarke told ABC News, “The Chinese have attacked every major U.S. company, every government agency, and NGOs [non-governmental organizations]. Their attacking the Chamber of Commerce is part of a pattern of their attacking everything in the US. If you’re working on U.S.-China relations with an NGO [or] government agency, you can be sure the Chinese are reading your emails on your computer.” He went on to say, “I don’t think the Chamber of Commerce has anything worth stealing, but it’s part of a pattern of the Chinese stealing everything they can, and that’s worrying.”

The Wall Street Journal characterized the attack as “one of the boldest known infiltrations in what has become a regular confrontation between U.S. companies and Chinese hackers. The complex operation, which involved at least 300 Internet addresses, was discovered and quietly shut down in May 2010.”

It isn’t clear how much of the compromised data was viewed by the hackers. Chamber officials say internal investigators found evidence that hackers had focused on four Chamber employees who worked on Asia policy, and that six weeks of their email had been stolen.

Another report had it that the penetration into the Chamber of Commerce was so complete that a Chamber thermostat was communicating with a computer in China. Another time, Chamber employees were surprised to see one of their printers printing in Chinese.  Of course it might not have been Chinese. Ever see an inkjet suddenly go haywire?  Sure looks like Chinese.

Anyway…

The Chamber’s Chief Operating Officer David Chavern observed, “What was unusual about it was that this was clearly somebody very sophisticated, who knew exactly who we are and who targeted specific people and used sophisticated tools to try to gather intelligence.”

A Bloomberg report stated that “two people familiar with the Chamber investigation said certain technical aspects of the attack suggested it was carried out by a known group operating out of China. It isn’t clear exactly how the hackers broke in to the Chamber’s systems. Evidence suggests they were in the network at least from November 2009 to May 2010.”

Learning of the break-in, Chamber security experts didn’t tip their hands.  According to Bloomberg, “They first watched the hackers in action to assess the operation. The intruders, in what appeared to be an effort to ensure continued access to the Chamber’s systems, had built at least a half-dozen so-called back doors that allowed them to come and go as they pleased….They also built in mechanisms that would quietly communicate with computers in China every week or two.

“The hackers used tools that allowed them to search for key words across a range of documents on the Chamber’s network, including searches for financial and budget information.”

Cyberspies, who have access to a network for many months, often take measures to cover their tracks and to conceal what they’ve stolen.

According to Bloomberg, “To beef up security, the Chamber installed more sophisticated detection equipment and barred employees from taking the portable devices they use every day to certain countries, including China, where the risk of infiltration is considered high. Instead, Chamber employees are issued different equipment before their trips — equipment that is checked thoroughly upon their return.

Chamber officials say they haven’t been able to keep intruders completely out of their system, but now can detect and isolate attacks quickly.”

The Chamber eventually shut down the hackers by unplugging and destroying some computers and overhauling the security system, which was timed for a 36-hour period over one weekend when the hackers, who kept regular working hours were expected to be off duty. (Not a good idea to mess with hackers about overtime — tough union.)

The Bloomberg story went on to say “U.S. intelligence officials and lawmakers have become alarmed by the growing number of cyber break-ins with roots in China. Last month, the U.S. counterintelligence chief issued a blunt critique of China’s theft of American corporate intellectual property and economic data, calling China “the world’s most active and persistent perpetrators of economic espionage” and warning that large-scale industrial espionage threatens U.S. competitiveness and national security.”

About ongoing hacking of American corporations, Senator Sheldon Whitehouse of Rhode Island observed, “I think there’s a case to be made that this may be the greatest transfer of wealth through theft and piracy in the history of the world and we are on the losing end of it.”

Before your intellectual property or business plans become a casualty of cyberspies, get the best protection available.  Get ThreatMetrix™.

ThreatMetrix doesn’t rely on passwords, user names and cookies to protect its clients.  Instead the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

Perhaps a little birdie told Twitter to buy a malware company or maybe they took a page from the ThreatMetrix™ playbook. On January 10, ThreatMetrix acquired Australia-based TrustDefender, which provides secure browsing technology to protect against malware and man-in-the-browser (MitB) attacks. Or maybe it was done in advance of Twitter’s new advertising launch? Say, didn’t one of the company’s founders say Twitter would never use advertising as a way to monetize the company? Nah, must’ve been another company with the same name. 

In any case, in preparation for its new ad service, Twitter announced the acquisition of spam and malware protection service, Dasient. Rachael Horwitz, a Twitter spokesperson told Mashable.com that Dasient would be integrated into Twitter’s “revenue engineering team because they have a deep understanding of advertising-platform security issues.” Considering the cybercrime-ridden environment into which Twitter is starting its new ad service, it would seem prudent that first and foremost the company would address security.

According to an Aite Group report (“Know Your Enemy: Successful Online Fraud Mitigation Strategies”), 25 million new, unique strains of malware were released in 2011. That number is projected to grow to 87 million strains by the end of 2015.

A Gartner Group report (“The Five Layers of Fraud Prevention and Using Them to Beat Malware”) containing a survey of 76 U.S. banks found malware was the number one cyberthreat.

Of the advertising platform, Mashable.com reports, “The self-serve platform lets advertisers purchase ads without going through a sales representative. Anyone with a credit card and the desire to utilize ‘Promoted Products’ to boost their brand recognition can get on-board with this service. However, the service is not yet available to the public.”

eMarketer, which does market research and statistics, projected Twitter’s ad-generated revenue could earn the company $399.5 million by 2013. With that kind of money on the table, Twitter would appear to be a magnet for cyberthieves.

Mashable.com observes that Twitter is already the object of malware threats going back to 2010, when “the FTC ruled that Twitter would be subject to a bi-annual security audit after 55 celebrity accounts were hacked, including the accounts of Barack Obama, Britney Spears and Facebook. Spammers have also taken advantage of Twitter’s trending topics in order to target a large amount of people.”

Till now, Twitter’s reputation was on the line with the possibility of a search engine blacklisting any site “overrun” by malware.  However, adding big advertising dollars to the mix raises the stakes considerably and makes the Dasient acquisition a very smart move.

Is buying and integrating a malware company into your company a bit “over the top?”  No worries.  You can still get the best protection on the planet from malware and the full range of cyberthreats from ThreatMetrix.

Without relying on passwords, user names and cookies to protect its clients, the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

Is this the latest round in a fight against McCarthy-ism and fifties-style blacklisting or an overreaction to a law that protects intellectual property, privacy and copyright?

Basically, according to Wikipedia, the Stop Online Piracy Act (SOPA) allows the U.S. Department of Justice, as well as copyright holders, to seek court orders against websites accused of enabling or facilitating copyright infringement. Depending on who requests the court orders, the actions could include barring online advertising networks and payment facilitators such as PayPal from doing business with an infringing website. The bill also includes barring search engines from linking to such sites, and requires Internet service providers to block access.  Additionally, SOPA makes unauthorized streaming of copyrighted content a felony while offering immunity to Internet services that voluntarily take action against websites dedicated to infringement.

SOPA proponents say it protects the intellectual property market and corresponding industry, jobs and revenue, and is necessary to bolster enforcement of copyright laws especially against foreign websites.

Opponents, like the Electronic Frontier Foundation (EFF), hold that SOPA would create blacklists for online censorship, harm cybersecurity efforts, set bad international precedent, and lead to a fractured Internet.

Whatever side you take in regard to SOPA or if you believe both sides have valid points, the one area everyone agrees on is protection of online assets from fraud, theft and other cybercrimes.  And, nobody protects those assets better than ThreatMetrix™.

ThreatMetrix doesn’t rely on passwords, user names and cookies to protect its clients.  Instead the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals whether they’re in San Jose, Shanghai or St. Petersburg. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

Zappos, the online shoe outlet owned by Amazon, was hacked putting some 24-million customers’ personal information at risk. PCWorld.com reported that Zappos CEO, Tony Hsieh, told customers that, “names, email addresses, billing and shipping addresses, phone numbers, the last four digits of credit card numbers, and encrypted passwords may have been exposed.”  He added that the good news was that the database storing actual credit card and payment data had not been breached.

Nevertheless, the New York Daily News reported that the company had put out a statement informing customers of the incident and asking them to change their passwords. Customers, who attempted to phone Zappos for information, were met with the sounds of silence. Zappos’ CEO said in a memo, “We have made the hard decision to turn off our phones and direct customers to contact us by email because our phone systems simply aren’t capable of handling so much volume. (If 5% of our customers call, that would be over 1 million phone calls, most of which would not even make it into our phone system in the first place.).”

In an email to employees, which was posted to the Zappos blog, the company said the cyberattack came from a criminal who had gained access to parts of the company’s internal network and systems through a server in Kentucky.

Andrew Storms, director of security operations at nCircle, told PCWorld.com that Zappos’ response to the incident seemed to be appropriate in so far as it had notified customers, and reset all passwords to force customers to create new ones to replace those that may be exposed or cracked as a result of the breach.

Security expert, Neil Roiter, research director for Corero Network Security, observed, “Companies such as Zappos should have technology in place that monitors activity on their networks and reports in real time on suspicious activity or activity that does not conform to security policy. The sooner an organization detects a breach, the more quickly it can contain it.”

ThreatMetrix, the fastest-growing provider of integrated cybercrime prevention solutions, offers superior solutions that can’t be compromised by break-ins. The ThreatMetrix™ Cybercrime Defender Platform helps companies protect customer data and secure transactions against fraud, malware, data breaches, as well as man-in-the browser (MitB) and Trojan attacks. The Platform consists of advanced cybersecurity technologies, including TrustDefender™ ID, which is cloud-based, real-time device identification, as well as malware protection with TrustDefender™ Cloud and TrustDefender™ Client. The company serves a rapidly growing global customer base across a variety of industries, including financial services, e-commerce, payments,social networks, government, and healthcare.

To meet the ever mounting threat posed by malware, ThreatMetrix™, the fastest-growing provider of integrated cybercrime prevention solutions, announced today that it has acquired the Australian-based company TrustDefender™, a recognized leader of secure browsing technology to stop man-in-the-browser (MitB) attacks and provide malware protection.

The ThreatMetrix™ Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform.

This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

The combined companies will operate under the ThreatMetrix name with global operations in the United States, Australia and Europe. The corporate headquarters will be located in San Jose, California.

“The natural synergies between device identification and secure browsing are very obvious,” said Reed Taussig, president and CEO, ThreatMetrix. “Successful transaction profiling requires sophisticated malware detection and intelligent device identification to determine if the device is compromised or if the transaction is at risk of being fraudulent. While our customers have recognized this for a long time, the only available solution – until now – was to implement multiple products across different vendors. By integrating advanced device identification and secure browsing into a single, competitively priced, easy-to-install and easy-to-use product, ThreatMetrix is delivering the most complete online fraud management solution available in the market today.”

The Growing Global Malware Threat 

According to an Aite Group report (“Know Your Enemy: Successful Online Fraud Mitigation Strategies”), 25 million new, unique strains of malware were released in 2011. That number is projected to grow to 87 million strains by the end of 2015.

A Gartner Group report (“The Five Layers of Fraud Prevention and Using Them to Beat Malware”) containing a survey of 76 U.S. banks found malware was the number one cyberthreat.  Gartner’s recommendation:  banks and financial institutions implement a layered approach to fraud prevention to prevent and contain against cybercriminal attacks.

According to Andreas Baumhof, co-founder and CEO of TrustDefender, who now joins ThreatMetrix as CTO, the acquisition addresses the growing global malware threat.

“In 2011 we saw a huge increase in sophisticated MitB Trojan activities supporting fraudulent transactions with stolen identities,” said Baumhof. “Malware protection and fraud prevention are closely related, yet no truly integrated solutions were available in the market. The merger allows ThreatMetrix to address fraud prevention and malware protection as a single problem and deliver real benefits to customers at a lower cost.”

ThreatMetrix Cybercrime Defender Platform

With the acquisition, the ThreatMetrix™ Cybercrime Defender Platform now consists of the following product solutions and associated benefits:

• TrustDefender™ ID — TrustDefender ID is a cloud-based, real-time device identification solution that protects companies against cybercriminals and helps validate valuable returning customers. TrustDefender ID provides businesses with a crucial first perimeter of defense to protect online transactions, including account creation, login authentication and payment authorization.
• TrustDefender™ Cloud – TrustDefender Cloud is a cloud-based, real-time solution that helps companies protect customer data and defend against fraud, malware, MitB and Trojan attacks, and data breaches. It mitigates the risk of hidden malware compromising authenticated sessions to steal data, identities or money.
  
• TrustDefender™ Client — TrustDefender Client is a client-based, real-time solution that mitigates the risk of hidden malware compromising authenticated sessions to steal data, identities or money. A small client component installed on end-user computers identifies and isolates malware, verifies legitimate websites, protects the online session with the business, and communicates with the business to identify potential fraud.

“Combining endpoint centric fraud prevention products is cost effective,” said Avivah Litan, vice president and distinguished analyst, Gartner. “Device identification and malware detection in particular, are two of the most prevalent and required endpoint protection products in the market today. Device identification provides a strong foundation against fraud while malware protection closes a loophole in fraud prevention caused by man-in-the-browser attacks. Combining these solutions will streamline the fraud prevention, management and administrative processes for organizations combating today’s cyberthreats.”

Additional Resources

• ThreatMetrix™ Cybercrime Defender Platform
• TrustDefender™ Client Datasheet
  
• TrustDefender™ Cloud Datasheet
  
• TrustDefender ™ID Datasheet 

PrECISE (Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness) is the cybersecurity bill introduced by members of the House Homeland Security Committee.  PrECISE establishes a quasi-governmental entity to oversee information-sharing with the private sector.

Wouldn’t you like to have sat in on the meeting where they decided on the acronym, PrECISE?  (Probably more like multiple meetings with emails flying back and forth for months):

Staffers: “How about Cybersecurity Information Sharing (CIS)?”

Committee: “CIS?  Too close to CIA, which is supposed to gather information, not spread it. Leaves the wrong impression.”

Staffers: “How about Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness (PECISE)?”

Committee:  “That’d be pronounced Pea-size. Does Pea-size sound like the taxpayers are getting any bang for their buck?”

Staffers:  “How about we put in an “R” for Research? “Promoting Research and Enhancing Cybersecurity and Information Sharing Effectiveness.” Then we’ve got PRECISE. “

Committee: “PRECISE.  Like it.  But we’re not doing Research. That makes PRECISE imprecise.”

Staffers:  “Okay, we can take the “R” from “Promoting” to make it “PRECISE.” And to differentiate it from the rest of the acronym, we can make the “R” an “r”.

Committee:  “But what do we do about the “a”s in the “ands” in “Promoting Research and Enhancing Cybersecurity and Information Sharing Effectiveness?”

Staffers:  “Lower case ands are always silent.” 

Committee:  “Precisely.”

However the PrECISE Act got its name, The Hill’s “Hillicon Valley Technology Blog” reports that it’s designed to encourage “private firms to share information on cyber threats [stopping] short of mandating new security standards for sectors deemed critical to national security” following other cybersecurity bills offered by House Republicans.

The bill lays out the Department of Homeland Security’s cybersecurity functions which would require DHS to evaluate cybersecurity risks for critical infrastructure firms and determine the best way to mitigate the risks.

“Cybersecurity is truly a team sport, and this bill gives DHS needed authorities to play its part in the federal government’s cybersecurity mission and enables the private sector to play its part by giving them the information and access to technical support they need to protect critical infrastructure,” said House Cybersecurity subcommittee Chairman Dan Lungren (R-Calif.).

Hillicon Valley Technology Blog observes, “By authorizing DHS to oversee civilian cybersecurity, the legislation aligns with proposals from both the Senate and the White House, but it is unclear how much authority DHS would have to enforce its security standards. Democrats have argued DHS needs some enforcement authority to ensure firms beef up their network protections.”

While there hasn’t been a whole lot of bi-partisan support for any measure recently, this bill appears to come close. Bennie Thompson (D-Miss.) said, “Introduction of this legislation represents a solid and significant step forward in the effort to secure our nation’s cyber infrastructure. While I am not prepared to give my full support to the bill at this time, there’s a lot to like in this bill. I am pleased that it gives DHS the authority and resources it needs to fulfill its cybersecurity mission instead of creating a whole new bureaucracy or complicated regulatory framework.”

Offers Cybersecurity sub-panel ranking member Yvette Clarke (D-N.Y.), “While we continue to review this legislation, I look forward to working with my colleagues in a more collaborative way to strengthen this bill.”

You may have to wait for Congress to work out the precise language of PrECISE before it’s enacted.  But, you don’t have to wait to achieve the most effective protection for your online assets.  That protection is available today from ThreatMetrix™.

The first perimeter and the most effective element in a multi-layered defense against cybercriminals is device identification.  Offering transaction security from hidden proxies, scripted attacks and cookie and browser manipulation, the ThreatMetrix™ Cloud-Based Fraud Prevention Platform  lets companies authenticate payments, new accounts and returning customers in real time. And it doesn’t matter what device is being used from smartphones to PCs to tablets. Combined with aggregated fraud intelligence in the cloud, ThreatMetrix device identification offers companies maximum protection without the need to collect Social Security numbers, email addresses or bank account information.

1917:  The Foreign Secretary of the German Empire, Arthur Zimmermann sent a diplomatic proposal from the German Empire to Mexico to make war against the United States. Intercepted by British intelligence and forwarded on to the United States, the Zimmermann Note angered Americans, adding another reason for the U.S. declaration of war against Germany in World War I.

2011: U.S. officials investigate reports that Iranian and Venezuelan diplomats in Mexico are involved in planned cyberattacks against U.S. targets, including nuclear power plants.

According to the Washington Times, a documentary that aired on the Spanish-language TV network, Univision, included secretly recorded footage of Iranian and Venezuelan diplomats being briefed on planned attacks and promising to pass information to their respective governments.

A former computer instructor at the National Autonomous University of Mexico told Univision that he was recruited by a professor there in 2006 to organize a group of student hackers to carry out cyberattacks against the United States, initially at the behest of the Cuban Embassy.

In an undercover sting, an instructor and several students infiltrated the hackers, secretly videotaping Iranian and Venezuelan diplomats.

State Department spokesperson William Ostick called the reports “disturbing,” but added that U.S. officials “don’t have any information at this point to corroborate them.”  However, earlier this year, U.S. prosecutors charged an Iranian official based in Tehran with trying to recruit a Mexican drug cartel to kill the Saudi ambassador to the United States by bombing a Washington restaurant. Ostick noted, “We constantly monitor for possible connections between terrorists and transnational criminals.”

An aide to New Jersey Senator Robert Menendez, chairman of the Senate Foreign Relations subcommittee on the Western Hemisphere told the Washington Times that the Univision report, which also said that Iranian extremists were recruiting young Latin American Muslims, is “one of a variety of concerns we have about Iran’s efforts to engage with countries and other actors in the region.”

Stating the obvious: technology has changed dramatically since 1917. People haven’t.  To ensure your company is protected against attack from people, who are out to cause harm or perpetrate fraud, the best solutions come from ThreatMetrix. Without requiring personal identifiable information, such as Social Security Numbers, that can be compromised, ThreatMetrix solutions nab criminals in real-time before they can do real damage. The ThreatMetrix™ Cloud-Based Fraud Prevention Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to stop criminals whether in Toledo or Tehran.