Posts Tagged ‘CNP fraud’

“It” refers to data. Data Privacy Day, scheduled for January 28, is about keeping data to yourself and out of the hands of cybercriminals.  This annual international celebration is designed to promote awareness about privacy and education about privacy best practices. Official sponsors for Data Privacy Day are EBay and Intel, who are joined by a host of partners including Microsoft, Intuit, Comcast, MasterCard, AT&T, Facebook, Google, the International Association of Privacy Professionals, the State of West Virginia and….

Did we leave anybody out? Probably. But it’s a long list because Data Privacy Day is an excellent cause. Without it, literally the financial, social and political structure of society is at risk. HOLD ON. Just remembered somebody we left out —ThreatMetrix™.  ThreatMetrix strongly supports Data Privacy Day.

“We have entered a world of unprecedented identity theft and surveillance for monetary gain,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “Every site we visit, everything we search for, to everything we now do, buy and share online is tracked by a growing number of powerful players. Unfortunately the evidence suggests that no data is unreachable or un-exploitable by adversaries or advertisers. Whether it be due to data breaches, phishing attacks or over-sharing, the implication is that identity can no longer be relied-on to authenticate a customer online. The distribution of our identities across the net not only threatens our privacy but also makes us all preposterously easy to impersonate.”

We  should all be concerned about data security being at risk in today’s cybercrime infested environment. And the list of companies and institutions that have had data compromised continues to grow at an alarming rate. From the criminals’ perspective, it just makes good sense. Why try knocking over a bank with a gun and a good chance of getting caught or killed when you can sit back on a beach six time zones away and with your trusty laptop steal more money in one day than bank robbers Willie Sutton, John Dillinger and Baby Face Nelson and Bonnie and Clyde did in their whole lives?
Just a cursory glance at the number and types of recent breaches that compromised personal data from finance to health records and employment histories underscores the importance of calling attention to this Pandora’s Box.

• Facebook (Social Networks): A computer worm stole 45,000 login credentials from Facebook accounts in the UK and France.

• Yale University (Academic Institutions): 43,000 Yale University faculty, staff, students and alumni names and Social Security numbers were made public via Google because a File Transfer Protocol (FTP) where data was stored became searchable.

• Cyworld (Online Gaming): 35-million records including phone numbers, email addresses, names and encrypted information about the sites’ members were taken from South Korea’s largest social networking site, Cyworld.

• PBS (Communities): Thousands of user names and passwords were compromised when a PBS Website was hacked.

• Patco Construction (Online Banking): $300,000 was stolen from Patco Construction Company’s online bank account when hackers gained access to the company’s account credentials by sending employees email with Zeus, a password stealing trojan, that infected the company’s computers.

• Citbank (Financial Services): 360,000 Citibank customers (originally Citibank said it was 210,000 customers) had their account numbers and contact information stolen by hackers.

• Pittsford, N.Y. (Government): $139,000 was stolen from the hamlet of Pittsford, a town of 25,000 near Rochester, N.Y. when cyberthieves logged onto the town’s online commercial bank account. Initiating a small batch of automated clearing house (ACH) transfers, the thieves covering their tracks by sending the transfers to “money mules” around the country.

• Comerica Bank (Banking): $560,000 of Experi-Metal Inc. (EMI) hard-earned cash slipped away when Comerica Bank let fraudsters waltz away with it.

• Sony PlayStation (Online Gaming): 70-million Sony customers were put at risk when hackers broke into Sony’s PlayStation Network (PSN) and stole credit card details. The security breech caused Sony to take down the network for “maintenance.” Subsequently, 93,000 Sony customer accounts were hacked in a separate incident. Sony believed those customers used the same Sony login credentials to logon to other sites and that the other sites were hacked, providing access to the customers’ PII (personally identifiable information).

• Sega (Online Gaming): 1.3 million users had personal information put at risk by a Sega online network breach causing the company to temporarily shut down its online network.

• Washington Post (Media): Either 1.27 million, 1.3 million or 1.6 million user IDs and email addresses were ripped off from the Washington Post’s job section.

• Pentagon (Government): 24,000 military files were stolen from a defense contractor doing business with the Pentagon in a cyberattack. On a side note, the Pentagon is now consider cyberattacks as an act of war.

• Zappos (E-Commerce): 24 million customers’ personal information was put at risk when Zappos, the online shoe outlet owned by Amazon, was hacked.

• Toshiba (Computer Manufacturing): 7,520 Toshiba customers’ email addresses, telephone numbers and passwords were stolen by cybercriminals.

• NATO (Government/Military): A Gigabyte of NATO data was stolen by Anonymous which had accessed NATO servers.

• FTC (Government): More than 18,000 cases of child identity theft were reported to the Federal Trade Commission. Children’s identities provide the kind of clean backgrounds that make it possible for thieves to create entire fictional credit histories. Often the theft is not found until the person turns 18 and starts college or looks for a job.

• Credit Card Fraud: Restaurant workers, bank tellers and other service employees skimmed, swiped and scammed millions of dollars worth of personal credit information from thousands of American and European consumers. The cost to victims, financial institutions and retail business?  More than $13 million over a 16-month period.

• RSA (Security): After a junior employee at security firm RSA fell prey to a run-of-the-mill phishing attack, hackers were able to make their way into the company’s network and hack into its SecurID servers. The attack compromised RSA tokens requiring users to enter a unique number generated by the token each time they connected to their networks. Facebook, Amazon, Abbot Laboratories, Charles Schwab, Microsoft — In all 20% of the Fortune 100 had been compromised.

• Online Advertising: An East European cybergang hijacked at least four million computers in over 100 countries. Included in the half-million hijacked computers in the United States were some at NASA.  Using these computers, the gang stole $14 million in four years with a PPC and ad scheme based on redirecting traffic and replacing genuine ads with their own.

• Steam (Online Video Game Distribution): In a major hack, 35 million user accounts at Steam, one of the world’s largest distribution networks for online video games, may have been compromised exposing credit card details and billing addresses.

• Stratfor Global Intelligence Service (Security): Stratfor Global Intelligence Service, a company which helps clients with security and is famous for its secrecy and its top-secret client list was hacked resulting in names, emails, credit card details, passwords and home addresses for some 4,000 people being compromised. Additionally, this information was used to have clients involuntarily donate to charity to the tune of a million bucks.  The hackers also said they had details for more than 90,000 credit card accounts.

• San Francisco City College (Education): For more than a decade San Francisco City College servers have been stealing personal banking information and other data from thousands, or even tens of thousands, of students, faculty and administrators in what the San Francisco Chronicle refers to as “an infestation” of computer viruses with origins in criminal networks in Russia, China et al.

• South Africa’s Postbank (Government): $6.7 million was stolen from South Africa’s Postbank when cyberthieves accessed a computer from a remote location and hacked into Postbank’s server system using stolen login details for a Postbank teller and a call-center agent.

• Epsilon (Email Marketing Services): Epsilon, a large email marketing services company, reported a data breach that could affect the email addresses of thousands of customers of major banks, retail and hotel chains. This impacted financial services institutions such as Capital One, US Bank, JPMorgan Chase, Citi and Barclays Bank of Delaware. However, the only Barclays Bank of Delaware customers affected were the ones who have an LL Bean VISA card. In addition to the banks, other impacted companies included hotel brands Ritz-Carlton Rewards and Marriott Rewards, and retail heavyweights Home Shopping Network, Walgreens, Brookstone, New York & Company and Kroger. TiVo is also included in this list.

• WordPress.com (Blogs): WordPress.com, which hosts more than 19 million blogs, had its servers compromised and sensitive data taken.

• The State of Texas (Government): 3.5 million Texans had their names and Social Security numbers (and in some cases their dates of birth and driver’s license numbers publicly posted in a data breach at the Texas state comptroller’s office.

• International Monetary Fund (Banking/Government): Damage still not assessed or admitted to by the International Monetary Fund which fell victim to a large and sophisticated cyberattack that led the IMF to cut the link that allowed it and the World Bank to share confidential information.

Keep it to yourself. Protect your data with ThreatMetrix solutions. Without relying on passwords, user names and cookies to protect its clients, the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

To meet the ever mounting threat posed by malware, ThreatMetrix™, the fastest-growing provider of integrated cybercrime prevention solutions, announced today that it has acquired the Australian-based company TrustDefender™, a recognized leader of secure browsing technology to stop man-in-the-browser (MitB) attacks and provide malware protection.

The ThreatMetrix™ Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform.

This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

The combined companies will operate under the ThreatMetrix name with global operations in the United States, Australia and Europe. The corporate headquarters will be located in San Jose, California.

“The natural synergies between device identification and secure browsing are very obvious,” said Reed Taussig, president and CEO, ThreatMetrix. “Successful transaction profiling requires sophisticated malware detection and intelligent device identification to determine if the device is compromised or if the transaction is at risk of being fraudulent. While our customers have recognized this for a long time, the only available solution – until now – was to implement multiple products across different vendors. By integrating advanced device identification and secure browsing into a single, competitively priced, easy-to-install and easy-to-use product, ThreatMetrix is delivering the most complete online fraud management solution available in the market today.”

The Growing Global Malware Threat 

According to an Aite Group report (“Know Your Enemy: Successful Online Fraud Mitigation Strategies”), 25 million new, unique strains of malware were released in 2011. That number is projected to grow to 87 million strains by the end of 2015.

A Gartner Group report (“The Five Layers of Fraud Prevention and Using Them to Beat Malware”) containing a survey of 76 U.S. banks found malware was the number one cyberthreat.  Gartner’s recommendation:  banks and financial institutions implement a layered approach to fraud prevention to prevent and contain against cybercriminal attacks.

According to Andreas Baumhof, co-founder and CEO of TrustDefender, who now joins ThreatMetrix as CTO, the acquisition addresses the growing global malware threat.

“In 2011 we saw a huge increase in sophisticated MitB Trojan activities supporting fraudulent transactions with stolen identities,” said Baumhof. “Malware protection and fraud prevention are closely related, yet no truly integrated solutions were available in the market. The merger allows ThreatMetrix to address fraud prevention and malware protection as a single problem and deliver real benefits to customers at a lower cost.”

ThreatMetrix Cybercrime Defender Platform

With the acquisition, the ThreatMetrix™ Cybercrime Defender Platform now consists of the following product solutions and associated benefits:

• TrustDefender™ ID — TrustDefender ID is a cloud-based, real-time device identification solution that protects companies against cybercriminals and helps validate valuable returning customers. TrustDefender ID provides businesses with a crucial first perimeter of defense to protect online transactions, including account creation, login authentication and payment authorization.
• TrustDefender™ Cloud – TrustDefender Cloud is a cloud-based, real-time solution that helps companies protect customer data and defend against fraud, malware, MitB and Trojan attacks, and data breaches. It mitigates the risk of hidden malware compromising authenticated sessions to steal data, identities or money.
  
• TrustDefender™ Client — TrustDefender Client is a client-based, real-time solution that mitigates the risk of hidden malware compromising authenticated sessions to steal data, identities or money. A small client component installed on end-user computers identifies and isolates malware, verifies legitimate websites, protects the online session with the business, and communicates with the business to identify potential fraud.

“Combining endpoint centric fraud prevention products is cost effective,” said Avivah Litan, vice president and distinguished analyst, Gartner. “Device identification and malware detection in particular, are two of the most prevalent and required endpoint protection products in the market today. Device identification provides a strong foundation against fraud while malware protection closes a loophole in fraud prevention caused by man-in-the-browser attacks. Combining these solutions will streamline the fraud prevention, management and administrative processes for organizations combating today’s cyberthreats.”

Additional Resources

• ThreatMetrix™ Cybercrime Defender Platform
• TrustDefender™ Client Datasheet
  
• TrustDefender™ Cloud Datasheet
  
• TrustDefender ™ID Datasheet 

The world is a big place with close to seven billion people. And, according to professional researcher Moya K. Mason, something like 50-million new firms are started each year. So when you think about ThreatMetrix making Red Herring’s top 100 leading private companies in all of North America, Europe, and Asia, it’s quite an honor – especially when put in the context of other companies that have made the Top 100 in past years: Google, Skype, Baidu, Salesforce.com, YouTube and eBay. (The full list of winners in 2011 can be found here: http://www.herring100.com/RHG/2011/top100.html)

Red Herring’s editorial staff evaluated the companies on both quantitative and qualitative criteria, such as financial performance, technology innovation, management quality, strategy, and market penetration. This assessment of potential was complemented by a review of the track record and standing of start-ups relative to their sector peers.

Alex Vieux, Chairman of Red Herring, observed, “Choosing the best [companies from] the previous two years was by no means a small feat. After rigorous contemplation and discussion, we narrowed down our list from 1,100 potential companies to 100 winners.  It was an extremely difficult process [and the] competition for the Top 100 was fierce.  [The] Top 100 Global are truly the best of the best.”

“We’re extremely proud to be recognized by Red Herring as among the best technology companies globally,” said Reed Taussig, president and CEO, ThreatMetrix. “Winning the Red Herring Global award further validates ThreatMetrix’s value proposition in the marketplace as a leading provider of online fraud prevention and cybersecurity solutions.”

Many companies have already come to the conclusion that ThreatMetrix is the “right decision” when it comes to protecting their online assets. Offering transaction security from hidden proxies, scripted attacks and cookie and browser manipulation, the ThreatMetrix™ Cloud-Based Fraud Prevention Platform lets companies authenticate payments, new accounts and returning customers in real time. And it doesn’t matter what device is being used from smartphones to PCs to tablets. Combined with aggregated fraud intelligence in the cloud, ThreatMetrix device identification offers companies maximum protection without the need to collect Social Security numbers, email addresses or bank account information.

Legitimate app or a real killer designed to upload malware and snag users’ personal information and money? Perhaps the only thing growing as fast as the mobile market is malware to steal from that market.

Gerry Smith in a Huffington Post post reported that “malware jumped 22 percent in the first half of this year compared with the same period last year. Google’s Android operating system was the most popular target for mobile malware developers during the second quarter….

“Hackers are setting their sights on Android…by disguising malware as legitimate apps. For example, a fake update of the popular game Angry Birds sends sensitive information about the user to the hacker who gains access to the user’s phone and downloads more malicious software….”

According to the Smith’s post, “after several malicious apps were published to the Android Market, Google said it was taking measures to help prevent additional malicious applications from being distributed and working to fix the underlying security issues. It said the malware did not affect Android versions 2.2.2 or higher.”

But, Smith said that a Symantec white paper claims “Google allows attackers to anonymously create and distribute malware in the Android market and relies on Android users to make important security decisions they are often not capable of making….”  Super news with more Americans opting for Google Android operating systems over Apple’s iOS.

A McAfee report found “an increase in fake anti-virus software for Mac operating systems, suggesting that such malware could start appearing on other Apple products, including iPhones and iPads.”

So if both Apple iOS and Google Android OS are becoming at risk of being compromised, where does an online business turn for protection? ThreatMetrix.

Offering transaction security from hidden proxies, scripted attacks and cookie and browser manipulation, the ThreatMetrix™ Cloud-Based Fraud Prevention Platform lets companies authenticate payments, new accounts and returning customers in real-time. And it doesn’t matter what device is being used from smartphones to PCs to tablets. Combined with aggregated fraud intelligence in the cloud, ThreatMetrix device identification offers companies maximum protection without the need to collect social security numbers, email addresses or bank account information.

Either by turning away real customers or letting cybercrooks get their hands on goods without paying for them, online retailers could find themselves “on the hook” for a big chunk of money on Cyber Monday.

Officially nicknamed (as opposed to unofficially nicknamed) “Cyber Monday” in 2005, Cyber Monday is the Monday after Black Friday, which is the Friday after Thanksgiving, which is the last Thursday in November. Or, put another way, Cyber Monday is the first Monday after Thanksgiving.

Anyway, in 2010, comScore, which claims to be ” the global leader in measuring the digital world” reported that last year consumers spent $1.028 billion online on Cyber Monday, the highest spending day of 2010. And while other countries don’t celebrate America’s Thanksgiving, they do, indeed, celebrate Cyber Monday everywhere from Canada to New Zealand.

Security expert, Jorge Steinfeld, in a Forbes Magazine piece notes that hackers will be gearing up for Cyber Monday this year by taking advantage of social media. “[Hackers] are busy creating fake profiles on social networking and e-commerce sites. These profiles and Web sites are meant to mimic well-known corporate brands, and coax users into clicking on their content. As a result, malicious content can now lay hidden within Twitter posts and Facebook links…” Social media is one more way cybercriminals can “gather personal and professional information, creating specific profiles on individuals and tricking them into divulging sensitive or personal information [from] credit card numbers to information about their employer’s organization.”

Social media and the continuing dramatic 50% growth in mobile transactions year-over-year since 2005 could make 2011 Cyber Monday a record-breaker. One aspect of Cyber Monday that a lot of people in the technology and retail sectors will be paying particular attention to is who will be the big winner of “Mobile Monday”?  Android or iOS?

Following is a breakdown of transactions by mobile device as compiled from the ThreatMetrix Global Network of more than 15-milllion daily transactions. From November 2010 to November 2011, ThreatMetrix found that mobile as a percentage of total transaction volume decreased for the iPhone by 35%, the BlackBerry by 51%, and the Palm by 96%. Conversely, Android mobile volume showed a massive uptick in 2011, with a 661% increase in overall transactions coming from a mobile device. Windows devices showed a more moderate increase, at 19% year-over-year.

“Based on our findings, the iPhone is still the dominant device where mobile transactions are taking place, but we’ve seen Android gain a lot of traction in 2011,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “It’s now become a two-horse race with mobile. The question does not center around whether or not consumers will make mobile purchases this season, but which device will come out ahead on what’s now deemed ‘Mobile Monday’.”

According to ThreatMetrix Fraud Facts, on average, 3% of transactions worldwide now come from a mobile device. That’s up from 2% in 2010.

“Mobile transactions have higher conversion rates because they are intention-driven,” added Faulkner. “This makes it even more critical for retailers to ensure they are not only delivering an excellent mobile experience, but have a solid mobile fraud prevention strategy in place.”

Faulkner noted that while many retailers will likely experience a record number of purchases coming from mobile this year, many still maintain insufficient or incorrect fraud tools in this channel. The consequence will be lost revenue based on both fraudulent transactions taking place, as well as valid customers being turned away because of incorrect fraud classifications. Faulkner predicts as many as one in four mobile transactions may be incorrectly classified this year.

Top Fraud Threats During Peak Season

With an increased volume of online transactions during the holidays, retailers have less time for manual screening and review of transactions – whether they are coming from a laptop, desktop computer, tablet or mobile device. It makes automated fraud screening vital during this high-volume period.

So what are the top five fraud threats during this time of year?

1. Mobile device spoofing – Merchants are put at increased risk with mobile transactions simply because it’s more user-friendly for fraudsters. Today, most fraud coming from the mobile channel actually originates elsewhere; the device acts like a mobile device.

2. Use of botnets and malware – This is a prominent concern on both traditional desktop and laptop computers, as well as mobile devices, as malware can steal passwords and payment account information. On top of that, many of today’s consumers fail to install appropriate fraud prevention software on their mobile devices, according to Faulkner. Analyzing anomalous behavior and checking third-party IP reputation can help detect malware.

3. Cookie-wiping – Merchants could previously track repeat visitors through cookies, yet many of today’s consumers and fraudsters remove cookies by using add-ons and private browsing modes. This makes it difficult to recognize suspicious repeat visitors and identify returning good customers; cookieless device identification is more important than ever.

4. IP address cloaking – It has also become easier for criminals to spoof or mask IP addresses. This makes it harder for merchants to know the “true” IP of the visitor and distinguish the good transactions from the bad. Identifying proxied visitors is crucial; this can be done by inspecting HTTP headers, maintaining a blacklist of known proxy sites, dynamically detecting proxied requests and piercing the proxy with a callback request.

5. Use of Virtual Private Networks (VPNs) – VPNs use separate software on the originating device to place it on a different network, showing traffic is originating from a different address than its true network. To identify fraudsters who are using VPNs, it’s important to monitor time zone and language settings, as well as global anomalies.

For more information about these Cyber Monday threats, and tactics for defeating cybercriminals during this peak transaction period, check out ThreatMetrix videos, “The Mobile Fraud Threat,” “Malware and Mobile: How Big of a Threat Is It?” and “Top Three Tactics to Consider for Mobile Fraud Detection.”

Ericka Chickowski, a contributing editor at Darkreading.com, did a piece titled “Tales of De-Crypt 2011.” Considering it was scheduled to run sometime around Halloween, the title was “scary clever” while the subject matter was just plain scary. Chickowski observes that 2011 has been “a banner year for authentication and Identity and Access Management (IAM) failures, with embarrassments of epic proportions hitting the headlines nearly every month…. [There have been] targeted authentication tokens, sophisticated password-stealing Trojans, rogue certificates, stolen passwords and misappropriated accounts.”

Compiled by Ms. Chickowski is a list of the top ten worst “hacks, vulnerabilities and screw-ups to hit the headlines in 2011.” The upside is that the top-ten list only has seven entries.  It also has some lessons to be learned.

1. The RSA Tokens That Took a Lot of People for a Ride. “After a junior employee at security heavyweight RSA fell prey to a run-of-the-mill phishing attack, hackers were able to make their way into the company’s network and hack into its SecurID servers. RSA confirmed that some ‘information related to the RSA SecurID product had been extracted.’” Extracted is another way of saying ripped off.

So what was learned? Don’t put all your eggs in one basket and leave the basket where anybody can trip over it. Or as Darkreading.com put it, “Security experts were aghast that the token seeds were resident in a place on the network where a hacker could even find them. The incident illustrates that network segmentation is a key best practice to mitigate the risk of a company’s most critical assets.”

2. The Death of DigiNotar.  A hacker with the moniker, ComodoHacker created fraudulent Comodo SSL certificates in March, then, later, hacked CA DigiNotar to issue 500 more certificates. The actions of ComodoHacker, who claimed to have hacked other certificate authorities, ultimately led to the demise of the company.

So what was learned? A stitch in time saves nine?  A penny saved is a penny earned? A wet bird never flies at night?  No, what was learned was, “DigiNotar knew about the fake certs long before the news went public and did nothing to get the word out. The situation is a good reminder at how important communication is in high-impact breach situations. It also illustrates that the fundamental basis of trust for Internet authentication still needs work.”

3. HBGary Federal’s “federal case” Over Anonymous Backfires.  After the company’s CEO said he was about to release information about Anonymous, the group infiltrated HGGary’s network through SQL injection, stole stored passwords and got control of the company’s email, internal accounts and its executives’ social media accounts.

So what was learned? As they used to say in the U.S. Infantry (and probably still do) in not such genteel terms, “Don’t let your alligator mouth overload your hummingbird ass.” Darkreading.com put it this way, “Hubris is not becoming of security executives who run companies that store passwords on insecure servers. Even the humble should learn to keep passwords better protected from multi-stage attacks that start with SQL injection. Anonymous was able to use Rainbow tables to crack the passwords’ encryption because the firm used weak MD5 hashes to protect them.”

4. Beware the LulzSec. After breaking into networks, LulzSec members distributed unencrypted passwords and other sensitive information, such as emails that impacted everyone from Sony to the U.S. Senate and compromised millions of accounts.

So what was learned? The bigger they come, the harder they fall. That could be one of the things learned.  But, Darkreading.com pulled out some other lessons like, “a lack of input validation or database monitoring [allow LulzSec] to commit SQL injection attacks at will. And …organizations [have a tendency] to store login information unencrypted and unprotected within network systems.”

5. Don’t Count on Citi Account Numbers. Darkreading.com says, “Hackers were able to game Citgroup’s online account site by manipulating the account number that appeared in the Web address browser bar to randomly guess other account numbers and gain access to random customers’ accounts. The trick gave them access to customer names, account numbers, and transaction information.”

So what was learned? Money is the root of all evil?  Or rather lack of money is the root of all evil?  No.  Actually it’s that, “web applications providing access into sensitive information, financial or otherwise, must be tested not only for vulnerabilities but also for business logic flaws such as the one that allowed hackers to circumvent Citi’s online banking authentication engine.”

6. Bank of America Rogue Employee Was a Rogue. A Bank of America employee leaked information to an identity-theft ring.  Fake accounts were created under victims’ names and $10-million was stolen before the thieves were nailed.

So what was learned? One rotten apple can spoil the whole barrel. He/she can also steal $10-million. The other thing that was learned is frequent reviews of access controls might have prevented this type of theft.

7.Duqu Worms Its Way Into the World. “A refinement on the code foundation laid down originally by Stuxnet… this password- and data-stealing Trojan features a rogue certificate [now revoked. However,] it’s able to fly under the detection radar by injecting itself into running processes.”

So what was learned? “[This was] another instance of hackers manipulating the certificate authority ecosystem…”

Perhaps the most important lesson to be taken from the seven disasters described above is many could have been averted by using ThreatMetrix solutions. The first perimeter and the most effective element in a multi-layered defense against cyber criminals is device identification. Offering transaction security from hidden proxies, scripted attacks and cookie and browser manipulation, the ThreatMetrix™ Cloud-Based Fraud Prevention Platform lets companies authenticate payments, new accounts and returning customers in real time. And it doesn’t matter what device is being used from smartphones to PCs to tablets. Combined with aggregated fraud intelligence in the cloud, ThreatMetrix device identification offers companies maximum protection without the need to collect Social Security numbers, email addresses or bank account information.

Last spring it was revealed hackers had attacked RSA. The attack showed that RSA tokens requiring users to enter a unique number generated by the token each time they connected to their networks, had been compromised. Well, not so much compromised as they left a security hole you could drive a tank through and still have room for a fleet of BMWs, two ox carts and a Yugo.

Now, it’s been learned that a raft of companies that had relied on RSA tokens for protection had also been compromised. These included Google, Facebook, Amazon, Abbot Laboratories, Charles Schwab, Microsoft (see below for a full listing) — In all 20% or one fifth (whichever is smaller) of the Fortune 100 had been hacked.

The names of the companies whose security was breached were discovered after researchers traced back the corporate networks that were communicating with the server that attacked RSA. Security expert Brian Krebs said the first victims started “phoning home” as early as November 2010.

Often the victims of attacks don’t even know they’ve been attacked until years later. Dave Jevans, chairman of Ironkey, maker of a security-focused Web browser notes, “I’m sure 90% of these companies are just finding out they’ve been hacked.”

Krebs said 300 command and control networks were used in the attacks. Two-hundred-ninety-nine were located in or around Beijing, China. Following is a full list of the companies Krebs reported were hit:

302-DIRECT-MEDIA-ASN
8e6 Technologies, Inc.
AAPT AAPT Limited
ABBOTT Abbot Labs
ABOVENET-CUSTOMER – Abovenet Communications, Inc
ACCNETWORKS – Advanced Computer Connections
ACEDATACENTERS-AS-1 – Ace Data Centers, Inc.
ACSEAST – ACS Inc.
ACS-INTERNET – Affiliated Computer Services
ACS-INTERNET – Armstrong Cable Services
ADELPHIA-AS – Road Runner HoldCo LLC
Administracion Nacional de Telecomunicaciones
AERO-NET – The Aerospace Corporation
AHP – WYETH-AYERST/AMERICAN HOME PRODUCTS
AIRLOGIC – Digital Magicians, Inc.
AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services
AIS-WEST – American Internet Services, LLC.
AKADO-STOLITSA-AS _AKADO-Stolitsa_ JSC
ALCANET Corporate ALCANET Access
ALCANET-DE-AS Alcanet International Deutschland GmbH
ALCATEL-NA – Alcanet International NA
ALCHEMYNET – Alchemy Communications, Inc.
Alestra, S. de R.L. de C.V.
ALLIANCE-GATEWAY-AS-AP Alliance Broadband Services Pvt. Ltd.,Alliance Gateway AS,Broadband Services Provider,Kolkata,India
ALMAZAYA Almazaya gateway L.L.C
AMAZON-AES – Amazon.com, Inc.
AMERITECH-AS – AT&T Services, Inc.
AMNET-AU-AP Amnet IT Services Pty Ltd
ANITEX-AS Anitex Autonomus System
AOL-ATDN – AOL Transit Data Network
API-DIGITAL – API Digital Communications Group, LLC
APOLLO-AS LATTELEKOM-APOLLO
APOLLO-GROUP-INC – University of Phoenix
APT-AP AS
ARLINGTONVA – Arlington County Government
ARMENTEL Armenia Telephone Company
AS INFONET
AS3215 France Telecom – Orange
AS3602-RTI – Rogers Cable Communications Inc.
AS4196 – Wells Fargo & Company
AS702 Verizon Business EMEA – Commercial IP service provider in Europe
ASATTCA AT&T Global Network Services – AP
ASC-NET – Alabama Supercomputer Network
ASDANIS DANIS SRL
ASGARR GARR Italian academic and research network
ASIAINFO-AS-AP ASIA INFONET Co.,Ltd./ TRUE INTERNET Co.,Ltd.
ASIANDEVBANK – Asian Development Bank
ASN852 – Telus Advanced Communications
AS-NLAYER – nLayer Communications, Inc.
ASTOUND-CABLE – Wave Broadband, LLC
AT&T Global Network Services – EMEA
AT&T US
ATMAN ATMAN Autonomous System
ATOMNET ATOM SA
ATOS-AS ATOS Origin Infogerance Autonomous System
ATT-INTERNET4 – AT&T Services, Inc.
AUGERE-AS-AP Augere Wireless Broadband Bangladesh Limited
AVAYA AVAYA
AVENUE-AS Physical person-businessman Kuprienko Victor Victorovich
AXAUTSYS ARAX I.S.P.
BACOM – Bell Canada
BAHNHOF Bahnhof AB
BALTKOM-AS SIA _Baltkom TV SIA_
BANGLALINK-AS an Orascom Telecom Company, providing GSM service in Bangladesh
BANGLALION-WIMAX-BD Silver Tower (16 & 18th Floor)
BANKINFORM-AS Ukraine
BASEFARM-ASN Basefarm AS. Oslo – Norway
BBIL-AP BHARTI Airtel Ltd.
BBN Bredbaand Nord I/S
BC-CLOUD-SERVICES
BEAMTELE-AS-AP Beam Telecom Pvt Ltd
BEE-AS JSC _VimpelCom_
BELINFONET Belinfonet Autonomus System, Minsk, Belarus
BELLSOUTH-NET-BLK – BellSouth.net Inc.
BELPAK-AS BELPAK
BELWUE Landeshochschulnetz Baden-Wuerttemberg (BelWue)
BENCHMARK-ELECTRONICS – Benchmark Electronics Inc.
BEND-BROADBAND – Bend Cable Communications, LLC
BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone
BIGNET-AS-ID Elka Prakarsa Utama, PT
BLUEWIN-AS Swisscom (Schweiz) AG
BM-AS-ID PT. Broadband Multimedia, Tbk
BN-AS Business network j.v.
BNSF-AS – Burlington Northern Sante Fe Railway Corp
BNT-NETWORK-ACCESS – Biz Net Technologies
BORNET Boras Energi Nat AB
BREEZE-NETWORK TOV TRK _Briz_
BSC-CORP – Boston Scientific Corporation
BSKYB-BROADBAND-AS BSkyB Broadband
BSNL-NIB National Internet Backbone
BT BT European Backbone
BT-ITALIA BT Italia S.p.A.
BTN-ASN – Beyond The Network America, Inc.
BTTB-AS-AP Telecom Operator & Internet Service Provider as well
BT-UK-AS BTnet UK Regional network
CABLECOM Cablecom GmbH
CABLE-NET-1 – Cablevision Systems Corp.
CABLEONE – CABLE ONE, INC.
CABLEVISION S.A.
CACHEFLOW-AS – Bluecoat Systems, Inc.
CANET-ASN-4 – Bell Aliant Regional Communications, Inc.
CANTV Servicios, Venezuela
CAPEQUILOG – CapEquiLog
CARAVAN CJSC Caravan-Telecom
CARRIER-NET – Carrier Net
CATCHCOM Ventelo
CCCH-3 – Comcast Cable Communications Holdings, Inc
CDAGOVN – Government Telecommunications and Informatics Services
CDS-AS Cifrovye Dispetcherskie Sistemy
CDT-AS CD-Telematika a.s.
CE-BGPAC – Covenant Eyes, Inc.
CELLCO-PART – Cellco Partnership DBA Verizon Wireless
CENSUSBUREAU – U. S. Bureau of the Census
CERNET-ASN-BLOCK – California Education and Research Federation Network
CERT – Computer Emergency Response Team (CERT) – Coordination Center
CGINET-01 – CGI Inc
CHARLES-SCHWAB – Charles Schwab & Co., Inc.
CHARTER-NET-HKY-NC – Charter Communications
CHINA169-BACKBONE CNCGROUP China169 Backbone
CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
CHINA169-GZ China Unicom IP network China169 Guangdong province
CHINANET-BACKBONE No.31,Jin-rong Street
CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation
CHINANET-SH-AP China Telecom (Group)
CIPHERKEY – Cipherkey Exchange Corp.
CISCO-EU-109 Cisco Systems Global ASN – ARIN Assigned
CITEC-AU-AP QLD Government Business (IT)
CITelecom-AS
CITYNET – CityNet
CLARANET-AS ClaraNET
CLIX-NZ TelstraClear Ltd
CMCS – Comcast Cable Communications, Inc.
CMNET-BEIJING-AP China Mobile Communicaitons Corporation
CMNET-GD Guangdong Mobile Communication Co.Ltd.
CMNET-V4SHANDONG-AS-AP Shandong Mobile Communication Company Limited
CNCGROUP-GZ CNCGROUP IP network of GuangZhou region MAN network
CNCGROUP-SH China Unicom Shanghai network
CNIX-AP China Networks Inter-Exchange
CNNIC-DSNET-AP Shanghai Data Solution Co., Ltd.
CNNIC-WASU-AP WASU TV & Communication Holding Co.,Ltd.
CO-2COM-AS 2COM Co ltd.
COGECOWAVE – Cogeco Cable
COGENT Cogent/PSI
COLO4 – Colo4Dallas LP
COLOMBIA TELECOMUNICACIONES S.A. ESP
COLT COLT Technology Services Group Limited
COLUMBUS-NETWORKS – Columbus Networks USA, Inc.
COMCAST-33490 – Comcast Cable Communications, Inc.
COMCAST-33491 – Comcast Cable Communications, Inc.
COMCAST-36732 – Comcast Cable Communications, Inc.
COMCAST-7015 – Comcast Cable Communications Holdings, Inc
COMCAST-7725 – Comcast Cable Communications Holdings, Inc
COMCAST-HOUSTON – Comcast – Houston
COMHEM-SWEDEN Com Hem Sweden
COMNET-TH KSC Commercial Internet Co. Ltd.
Completel Autonomous System in France
COMSAT COLOMBIA
COMSTAR COMSTAR-Direct global network
CORBINA-AS Corbina Telecom
COVAD – Covad Communications Co.
CPMBLUE-AS-BD CPM BLUE ONLINE LTD.Transit AS Internet Service Provider, Dhaka
CRRSTV – CRRS-TV
CSC Computer Management and CSC Denmark
CSC-IGN-AUNZ-AP Computer Sciences Corporation
CSC-IGN-EMEA – Computer Sciences Corporation
CSC-IGN-FTW – Computer Sciences Corporation
CSLOXINFO-AS-AP CS LOXINFO PUBLIC COMPANY LIMITED
CSP-AS CSP
CSUNET-NW – California State University Network
CSXT-AS-1 – CSX Technology
CTIHK-AS-AP City Telecom (H.K.) Ltd.
CTS-MD I.S. Centrul de Telecomunicatii Speciale
CXA-ALL-CCI-22773-RDC – Cox Communications Inc.
CYBERVERSE – Cyberverse, Inc.
CYPRESS-SEMICONDUCTOR – Cypress Semiconductor
CYTA-NETWORK Cyprus Telecommunications Authority
DARLICS-AS Darlics ltd. provides IP transport and Internet
DATAGRUPA SIA _Datagrupa.lv_ Marijas 7 – 412a Riga, LV-1050, LATVIA
DCI-AS DCI Autonomous System
DECHO – Decho Corporation
DFINET DFi Service SA
DHL-AS DHL Systems Inc.
DHSINETNOC – DEPARTMENT OF HOMELAND SECURITY
DIGCOMM Digital communications, LTD
DIGITAL-TELEPORT – Digital Teleport Inc.
DIL-AP DIRECT INTERNET LTD.
DIN-AS TOMSKTELECOM AS
DINAS-AS PE Kuznetsova Viktoria Viktorovna
DINET-AS Digital Network JSC
Diveo do Brasil Telecomunicacoes Ltda
DK-ESS-AS Syd Energi Bredbaand A/S
DMSLABNET – DoD Network Information Center
DNC-AS IM Data Network Communication SRL
DNEO-OSP7 – Comcast Cable Communications, Inc.
DNIC-ASBLK-00721-00726 – DoD Network Information Center
DNIC-ASBLK-27032-27159 – DoD Network Information Center
DOGAN-ONLINE Dogan Iletisim Elektronik Servis Hizmetleri
DOMAINFACTORY domainfactory GmbH
DOMAINTOOLS – DomainTools, LLC
DONTELE-AS Telenet LLC
DOPC-AS
DOPC-AS-NGN
DOPC-AS-US
DREAMHOST-AS – New Dream Network, LLC
DREAMX-AS DREAMLINE CO.
DRWEB-AS Doctor Web Ltd
DSE-VIC-GOV-AS Department of Sustainability & Environment,
DSIJSC-AS DSI Autonomous system
DSLEXTREME – DSL Extreme
DTAG Deutsche Telekom AG
DWL-AS-IN Dishnet Wireless Limited. Broadband Wireless
DYNDNS – Dynamic Network Services, Inc.
EASYDNS EasyDNS Technologies, Inc.
EASYNET Easynet Global Services
EBAY – eBay, Inc
ECI-TELECOM-LTD ECI Telecom-Ltd.
EDGECAST – EdgeCast Networks, Inc.
EIRCOM Eircom
ELISA-AS Elisa Oyj
EMBARQ-WNPK – Embarq Corporation
EMBIT-AS BURTILA & Co. ELECTRON M.BIT SRL
EMC-AS12257 – EMC Corporation
EMCATEL
EMIRATES-INTERNET Emirates Internet
EMOBILE eMobile Ltd.
ENTEL CHILE S.A.
EPM Telecomunicaciones S.A. E.S.P.
EQUANT-ASIA Equant AS for Asian Region covering Japan
EQUINIX-EDMA-ASH-ASN – Equinix, Inc.
ERICSSON-APAC-MY-AS Ericsson Global Services. BUGS N&V APAC
ERX-SINGNET SingNet
ESRI – Environmental Systems Research Institute
ESS-PR-WEBMASTERS – ESS/PR WebMasters
EthioNet-AS
ETISALAT-MISR
ETPI-IDS-AS-AP Eastern Telecoms Phils., Inc.
ETSI Autonomous System
EURONET Online Breedband B.V. Global AS
European Space Agency
EUSKALTEL Euskaltel S.A.
EXCELL-AS Excellmedia
EXIM – Export Import Bank of the U.S
FACEBOOK – Facebook, Inc.
FANNIEMAE – Fannie Mae
FasoNet-AS
FASTMETRICS – Fastmetrics, LLC
FAST-TELCO Fast Telecommunications Company W.L.L.
FASTWEB Fastweb SpA
FAWRI-AS
FDA – Parklawn Computer Center / DIMES HQ
FIBREONE-AS fibre one networks GmbH, Duesseldorf
FITC-AS – FITC – FedEx International Transmission Corporation
FMAC-I-BILLING – Freddie Mac
FMI-NET-AS – Freeport-McMoran Inc.
FORATEC-AS Foratec Communication AS at Sverdlovsk, Tyumen, Perm regions
FORTINET-CANADA – Fortinet Inc.
FPT-AS-AP The Corporation for Financing & Promoting Technology
FRONTIER-AND-CITIZENS – Frontier Communications of America, Inc.
FRONTIER-FRTR – Frontier Communications of America, Inc.
FR-RENATER Reseau National de telecommunications pour la Technologie
FULLRATE Fullrate A/S
FX-PRIMARY-AS FX Networks Limited
GBLX Global Crossing Ltd.
GET-NO GET Norway
GHANATEL-AS
GIGAINFRA Softbank BB Corp.
GLOBAL-SPLK – Sprint International
GLOBE-TELECOM-AS Globe Telecoms
GOLDENLINES-ASN 012 Smile Communications Main Autonomous System
GOLDENTELECOM-UKRAINE Golden Telecom
GOOGLE – Google Inc.
GRAMEENPHONE-AS-AP GrameenPhone Ltd.
GSA-GOV – General Services Administration
GT-BELL – Bell Canada
Gtd Internet S.A.
GYRON ====
H3G-AS H3G S.p.A.
H3GUKNIE Hutchison 3G UK and Ireland Core AS
HANARO-AS Hanaro Telecom Inc.
HATHWAY-NET-AP Hathway IP Over Cable Internet
HETZNER-AS Hetzner Online AG RZ
HHES – HAMILTON HYDRO ELECTRIC SYSTEM
HINET Data Communication Business Group
HKNET-AP HKNet Co. Ltd
HKTIMS-AP PCCW Limited
HNS-DIRECPC – Hughes Network Systems
HOPONE-GLOBAL – HopOne Internet Corporation
HOSTEUROPE-AS AS of Hosteurope Germany / Cologne
HP-INTERNET-AS Hewlett-Packard Company
HTCL-IAS-HK-AP Hutchison Telephone Company Limited
HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd
HURRICANE – Hurricane Electric, Inc.
HUTCHISON-AS-AP Hutchison Global Communications
HUTCHVAS-AS Vodafone Essar Ltd., Telecommunication – Value Added Services,
IADB-NETWORKS – The Inter-American Development Bank
IAM-AS
IBM E-business Hosting Delivery
IBMCCH-RTP – IBM
IBMCCH-SBY – IBM
IBMDES-AS – IBM Dallas Engineering & Scientific
IBSNAZ Telecom Italia S.p.a.
IBURST-GH
ICONNECT-BD Planners Tower
IDK-NETWORK CJSC Interdnestrcom AS
IEUNET BT Ireland Backbone
IFX-NW – IFX Communication Ventures, Inc.
IHNET – IHNetworks, LLC
IINET iiNet Limited
IJ-NET – Internet Junction Corp.
ILX-ASN – THOMSON FINANCIAL
IN2CABLE-AP AS Number of In2cable.com (India) Ltd.
INDONET-AS-AP INDO Internet, PT
INDOSATM2-ID INDOSATM2 ASN
INEA-AS INEA S.A.
INET-AS-ID PT. Inet Global Indo
INETCOMM-AS INET LTD
I-NETPARTNER-AS I-NetPartner GmbH ASN
INETTEHNO Inet Tehno
INFINEON-AS Infineon AG
INFINEON-SG 8 Kallang Sector
INFLOW19294 – Inflow Inc.
INFOSPHERE NTT PC Communications, Inc.
INFOSTRADA Infostrada S.p.A.
INIT7 Init7 Global Backbone
INS-AS – AT&T Data Communications Services
Instituto Costarricense de Electricidad y Telecom.
Instituto Tecnol??gico y de Estudios Superiores de Monterrey
INTEGRATELECOM – Integra Telecom, Inc.
INTELSAT Intelsat Global BGP Routing Policy
INTEL-SC-AS – Intel Corporation
INTERNAP-2BLK – Internap Network Services Corporation
INTERNAP-BLK – Internap Network Services Corporation
INTERNAP-BLK – Internap Network Services Corporation
INTERNAP-BLK3 – Internap Network Services Corporation
INTERNAP-BLOCK-4 – Internap Network Services Corporation
INTERNETIA-AS Netia SA
INTERNET-PATH – Internet Path, Inc.
INTERNET-PRO-AS Internet-Pro Ltd
INTEROUTE Interoute Communications Ltd
INTERPHONE-AS Interphone Ltd.
INTERTELECOM Intertelecom
IPASAULE-AS _Interneta Pasaule_ SIA
IPG-AS-AP Philippine Long Distance Telephone Company
IPGOMA – THE INTERPUBLIC GROUP OF COMPANIES, INC.
IPNXng
IPO-EU IP-Only Telecommunication Networks AB
IQUEST-AS – IQuest Internet
IRONPORT-SYSTEMS-INC – Cisco Systems Ironport Division
IRS – Internal Revenue Service
IS
ISC-AS1280 Internet Systems Consortium, Inc.
ISKON ISKON INTERNET d.d. za informatiku i telekomunikacije
ISKRATELECOM-AS ISKRATELECOM ZAO
ISP-KIM-NET Kalush Information Network LTD
ISSC-AS – ISSC
ISW – Internet Specialties West Inc.
ITNS ITNS. NET SRL
ITSCOM its communications Inc.
JAWWAL Jawwal will be multihoming with us AS15975 and AS12975
JAZZNET Jazz Telecom S.A.
Jordan Data Communications Company LLC
JUNIPER-NETWORKS – Juniper Networks, Inc.
KABELBW-ASN Kabel Baden-Wuerttemberg GmbH & Co. KG
KAISER-NCAL – Kaiser Foundation Health Plan
KAMOPOWER – KAMO Electric Cooperative, Inc.
KAZTELECOM-AS JSC Kazakhtelecom
KHERSON-TS Kherson Telecommunication Systems Ltd.
KIXS-AS-KR Korea Telecom
K-OPTICOM K-Opticom Corporation
KSNET KSNet
KSNET-AS Kyivstar GSM
KVH KVH Co.,Ltd
LANTELECOM-AS Lan-Telecom AS Number
LATISYS-ASHBURN – Latisys-Ashburn, LLC
LATNETSERVISS-AS LATNET ISP
LDCOMNET NEUF CEGETEL (formerly LDCOM NETWORKS)
LEASEWEB LEASEWEB AS
LEVEL3 Level 3 Communications
LGCNS-AS – LG CNS America Inc.
LGDACOM LG DACOM Corporation
LGH-AS-KR LGHitachi
LGNET-AS-KR LG CNS
LINKdotNET-AS
LINKLINE – LinkLINE Communications, Inc.
LINKNET-ID-AP Linknet ASN
LOQAL-AS Loqal AS
LUCENT-CIO – Lucent Technologies Inc.
LUGANET-AS ARTA Ltd
LVBALTICOM-AS _Balticom_ JSC
LVLT594-598 – Level 3 Communications, Inc.
LYSE-AS Altibox AS
MAGNUS-AS TOV _Magnus Limited_
MANGOTELESERVICE-AS-BD Only private Owned IIG in Bangladesh
MAP Moscow Network Access Point
MASERGY-US Masergy US Autonomous System
MASSCOM – Massillon Cable Communications
MAXIS-AS1-AP Binariang Berhad
MBL-AS-AP Micronet Broadband (Pvt) Ltd.
MCAFEE – McAfee, Inc.
MCAFEE-COM – McAfee, Inc.
MCC OJSC _Moscow Cellular Communications_,
MCI-ASN – MCI
MCT-SYDNEY Macquarie Telecom
MDITNET-AS ITNET (ITPAY SRL)
MEDIASERV-AS Mediaserv
Mega Cable, S.A. de C.V.
MEGAPATH2-US – MegaPath Networks Inc.
METROTEL REDES S.A.
MF-KAVKAZ-AS Caucasus Branch of OJSC MegaFon AS
MF-NWGSM-AS North-West Branch of OJSC MegaFon Network
MFNX MFN – Metromedia Fiber Network
MICRON21-AS-AU-AP Micron21 Melbourne Australia Datacentre. Co-Location Dedicated Servers Web Hosting
MICROSOFT-CORP-AS – Microsoft Corp
MICROSOFT-CORP—MSN-AS-BLOCK – Microsoft Corp
MISD-NET – Macomb Intermediate School District
MIT-GATEWAYS – Massachusetts Institute of Technology
MOLDCELL_AS Moldcell SA Autonomous System
MOLDDATA-AS Administrator of the top level domain .MD,
MOLDTELECOM-AS Moldtelecom Autonomous System
MORENET – University of Missouri – dba the Missouri Research and Education Network (MOREnet)
MOTOROLA – Motorola, Inc.
MOTOROLA-PHX – Motorola, Inc.
MP-ELEKTRONIKA-AS MP ELEKTRONIKA Autonomous System
MPX-AS Microplex PTY LTD
MTNL-AP Mahanagar Telephone Nigam Ltd.
MTS-INDIA-IN 334,Udyog Vihar
MTSNET OJSC _Mobile TeleSystems_ Autonomous System
N9E7X5E3N1I2N4C – Nexen Inc.
NAWALA-AS-ID Asosiasi Warung Internet Indonesia (AWARI)
NAWRAS-AS Omani Qatari Telecommunications Company SAOC
NBLNETWORKS-AS Nebula Oy Autonomous System
NC-FUNB-AS – WACHOVIA CORP
NCNET-AS National Cable Networks
NEOLINK CJSC _ER-Telecom Holding_ Izhevsk branch
NERIM Nerim SAS
NET-ACCESS-CORP – Net Access Corporation
NET-AIG – American International Group (AIG) Data Center, Inc.
NETCOM-AS NetCom as Autonomous system
NETELLIGENT – Netelligent Hosting Services Inc.
NEWCOM-AS NEWCOM mirror object from ARIN
NEWCOM-ASN New Com Telecomunicatii SA
NEWEDGENETS – New Edge Networks
NEWSKIES-NETWORKS SES WORLD SKIES ARIN AS, for routing RIPE space.
NEWTT-IP-AP Wharf T&T Ltd.
NEXTGENTEL NEXTGENTEL Autonomous System
NEXTTELL-VRN-AS LLC NextTell-Voronezh AS Number
NG-AS NextGen Communications SRL
NIANET-AS nianet is a Danish carrier and Internet Service Provider
NO_NAME
NOC – Network Operations Center Inc.
NOKIA Nokia Internet
NOKIA-AS NOKIANET APAC Data Centre network
NOKIANET_DALLAS NOKIANET Dallas office
Nominum Global NameServer network
NOMINUM-SKYE1 – SKYE
NORDLINKS-AS S.C. _NordLinks_ S.R.L.
NORMA-PLUS-AS TOV Norma Plus
NORTHROP-GRUMMAN – Northrop Grumman
NOVELL – Novell, Inc.
NTL Virgin Media Limited
NTT do Brasil Telecomunicaoes Ltda
NTT-COMMUNICATIONS-2914 – NTT America, Inc.
NUMERICABLE NUMERICABLE is a cable network operator in France, offering TV,VOICE and Internet services
NUVOX – NuVox Communications, Inc.
NV-ASN 013 NetVision Ltd.
NYFX-RTR – NYFIX, INC
O1COMM – O1 COMMUNICATIONS
OCN NTT Communications Corporation
OFIDEN – OppenheimerFunds, Inc.
OMD-FNO Orange Moldova Fix Network Autonomous System
OMNITURE ====
OPENDNS – OpenDNS, LLC
ORANGE-BUSINESS-SERVICES-SOUTHEUR Equant Inc.
ORANGE-BUSINESS-SERVICES-UK Orange Business Services (formerly Equant) AS for UK
OSIS-PACOM – Joint Intelligence Center Pacific
OVH OVH
P4NET P4 Sp. z o.o.
PACIFIC-INTERNET-INDIA-ASN Pacific Internet India Pvt. Ltd.
PACIFIC-INTERNET-IX Pacific Internet Ltd
PACNET Pacnet Global Ltd
PAH-INC – GoDaddy.com, Inc.
PAIR-NETWORKS – pair Networks
PALTEL-AS PALTEL Autonomous System
PARTNER-AS Partner Communications Ltd.
PBTL-BD-AS-AP Pacific Bangladesh Telecom Limited.
PDX – PORTLAND INTERNETWORKS
PEER1 – Peer 1 Network Inc.
Pegaso PCS, S.A. de C.V.
PERSNET Korea Telecom Freetel
PI-AU Pacific Internet (Australia) Pty Ltd
PI-HK Pacnet Internet (Hong Kong) Limited
PIXNET-AS – Providers Internet Exchange
PKTELECOM-AS-PK Pakistan Telecom Company Limited
PLUSSERVER-AS PlusServer AG, Germany
POLYCOM – Polycom, Inc.
POWEREDCOM KDDI CORPORATION
Prima S.A.
PRIMORYE-AS Open Joint Stock Company _Far East Telecommunications Company_
PRINCETON-AS – Princeton University
PROBENETWORKS-AS Probe Networks
PRONET_LV SIA _PRONETS_
PROXAD Free SAS
PS-NETPLEX-AS – Perot Systems
PT KPN Internet Solutions
PTK-CENTERTEL-DSL-AS PTK Centertel Sp. z o.o.
PTLP-CORE – People_s Tel Limited Partnership
PTPRIMENET PT PRIME – Solucoes Empresariais de Telecomunicacoes e Sistemas S.A.
PUBNET1-AS KT
PUSAN-AS-KR Pusan National University
PWC-AS – PriceWaterhouseCoopers, LLP
Q9-AS – Q9 Networks Inc.
Q9-AS-BRAM – Q9 Networks Inc.
QNETCZ QNET CZ s.r.o.
QSC-1 QSC AG
QUALCOMM – Qualcomm, Inc.
QUALCOMM-BLR-AS-AP Qualcomm Inc. Bangalore AS, Developer of CDMA Technology India
QWEST – Qwest Communications Company, LLC
RACKSPACE – Rackspace Hosting
RADIOGRAFICA COSTARRICENSE
RAPID-LINK-AS RAPID LINK SRL
RAYA-AS
RCN-AS – RCN Corporation
RDSNET RCS & RDS S.A.
Rede Nacional de Ensino e Pesquisa
REEDLAN-AS ISP REEDLAN
RELARN RELARN-MSK
RELIANCE-COMMUNICATIONS-IN Reliance Communications Ltd.DAKC MUMBAI
RELIANCEGLOBALCOM – Reliance Globalcom Services, Inc
RENAM RENAM Association
RIML-CORP-AS-3 – Research In Motion Limited
RIPE-NCC-AS RIPE Network Coordination Centre
RISC-SYSTEM – Rockwell Scientific Company
RMH-14 – Rackspace Hosting
RMIFL RM Education PLC – Internet for Learning
ROGERS-CABLE – Rogers Cable Communications Inc.
ROSTELECOM-AS JSC Rostelecom
ROSTOV-TELEGRAF-AS Rostovelectrosviaz_ of Public Joint Stock Company
RTCOMM-AS OJSC RTComm.RU
RTD ROMTELECOM S.A
RUSTAVI2ONLINEAS Caucasus Online LLC
RU-SURNET Uralsvyazinform, Chelyabinsk branch
RWT – RagingWire Telecommunications
SAFELINES The network of ISP Safelines,includes POPs in various cities
SAFENZ-TRANSIT-AS-NZ SafeNZ Networks LTD
SAITIS-NETWORK Saitis Network, N.Desir
SAMSUNGNETWORKS-AS-KR Samsung Networks Inc.
SAN-JUAN-CABLE – San Juan Cable, LLC
SASUSA SunGard Availability Services USA
SAVVIS – Savvis
SBIS-AS – AT&T Internet Services
SCARTEL-AS Scartel Ltd.
SCOTTS-AS – CITY OF SCOTTSBURG
SCRR-10796 – Road Runner HoldCo LLC
SCRR-11426 – Road Runner HoldCo LLC
SCRR-12271 – Road Runner HoldCo LLC
SCV-AS-AP SCV Broadband Access Provider
SDL-20-AS – Smithville Digital, LLC
SEAGATE-USA-MN-1 – Seagate Technology
SEEDNET Digital United Inc.
SELECTNET-AS – SelectNet Internet Services
SERBIA-BROADBAND-AS Serbia BroadBand-Srpske Kablovske mreze d.o.o.
SERVICENET-AP Internet service provision to Western
SGNET-AS-AP Singapore Government Network AS
SHAW – Shaw Communications Inc.
SIBNETWORKS-AS Siberian Networks
SIFY-AS-IN Sify Limited
SIGMANET-NIC LU MII AS
SIKA-AS Sika Informationssysteme AG
SITA SITA
sixtelecoms-as
SKTELECOM-NET-AS SK Telecom., Ltd.
SKYNET-SPB-AS SkyNet Ltd.
SKYVISION SkyVision Network Services
SLTINT-AS-AP Sri Lanka Telecom Internet
SOFTLAYER – SoftLayer Technologies Inc.
SOFTNET-AS-AP Software Technology Parks of India – Bangalore
SOLNET BSE Software GmbH
SONICDUO-AS AS for MegaFon-Moscow
SONOMA – Sonoma Interconnect
SONY-APAC-AP Sony – ASN for Asia Pacific
SOVAM-AS OJSC _Vimpelcom_
SPBMTS-AS Mobile TeleSystems, OJSC, MR North-West
SPCS – Sprint Personal Communications Systems
SPEAKEASY – Speakeasy, Inc.
SPECTRANET FIRST FIBRE BROADBAND NETWORK IN NEW DELHI, INDIA
Sprint US
SPRINTLINK – Sprint
SPRINTLINK-HOSTING – SPRINT, Business Serices Group
SS-NOC-AS – Straitshot Communications, Inc.
STARHUBINTERNET-AS StarHub Internet Exchange
STARNET-AS StarNet Moldova
STATEL-AS Stavropol branch of Southern Telecommunications Company
STEADFAST – Steadfast Networks
STOMI – State of Michigan, DMB-CNOC
STSN-SLC-UT-US – STSN GENERAL HOLDINGS, INC.
SUDDENLINK-COMMUNICATIONS – Suddenlink Communications
SUMTEL-AS-RIPE Summa Telecom
SUNCOMMUNICATIONS-AS JV _Sun Communications_ Autonomous System
SUNRISE Sunrise Communications AG
SUPERNET-PAKISTAN-AS-AP Supernet Limited Transit Autonomous System Number
SURFCONTROL-US-ASN Websense Hosted Security Network
SURFNET-NL SURFnet, The Netherlands
SWEETNET-AS Private entrepreneur Bliznichenko Vitalij Volodumirovich
SWISSCOM Swisscom (Switzerland) Ltd
SWITCH SWITCH, Swiss Education and Research Network
SWKO – SOUTHWEST KANSAS ONLINE
TACHYON-AS-ID PT Remala Abadi
TATA-AS TATA ISP
TATACOMM-AS TATA Communications formerly VSNL is Leading ISP
TATTELECOM-AS Tattelecom.ru/Tattelecom Autonomous System
TC Radio Systems Autonomous System
TCH – TCH Network Services
TDC TDC Data Networks
TDDE-ASN1 Telefonica o2 Germany Autonomous System
TDN Tikona Digital Networks Pvt Ltd.
TEAM-CYMRU – Team Cymru Inc.
TE-AS TE-AS
TELCOMNET TelCom Ltd.
TELCOM-UA-AS _Telecomunikatsiina Companiya_ Ltd
TELE2
Telecom Argentina S.A.
TELECOMMD-AS ICS Networks Solutions SRL
Telecomunicacoes da Bahia S.A.
TELEFONICA CHILE S.A.
Telefonica de Argentina
Telefonica Empresas SA
TELEFONICA-DATA-ESPANA Internet Access Network of TDE
TELEKOM-AS TELEKOM SRBIJA a.d.
TELENERGO EXATEL S.A. Autonomous System
TELENET-AS Autonomous System of Teleset-Servis Ltd.
TELENET-AS Telenet N.V.
TELENOR-NEXTEL Telenor Norge AS
TELESC – Telecomunicacoes de Santa Catarina SA
TELESWEET-AS Telesweet ISP Autonomous System
TELETECH – TeleTech Holdings, Inc
Television Internacional, S.A. de C.V.
TELEZUG WWZ Telekom AG
TELIANET-DENMARK TeliaNet Denmark
TELIANET-SWEDEN TeliaNet Sweden
TELKOMNET-AS2-AP PT Telekomunikasi Indonesia
TELKOMSEL-ASN-ID PT. Telekomunikasi Selular
TELLCOM-AS Tellcom Iletisim Hizmetleri
Telmex Chile Internet S.A.
Telmex Colombia S.A.
TELSTRA Telstra Pty Ltd
TEOLTAB TEO LT AB Autonomous System
TERREMARK Terremark
TFN-TW Taiwan Fixed Network, Telco and Network Service Provider.
TFO-BOSTON – THOMSON FINANCIAL
THEPLANET-AS – ThePlanet.com Internet Services, Inc.
T-HT T-Com Croatia Internet network
TINET-BACKBONE Tinet SpA
TISCALI-UK Tiscali UK
TISNL-BACKBONE Telfort B.V.
TKPSA-AS TKP S.A. is 3S.pl network operator.
TKT-AS JSC TKT
TMIB-BD-AS-AP TM International Bangladesh Ltd. ISP, Gulshan-1,Dhaka-1212
TMN-AS TMN Autonomous System
TMNET-AS-AP TM Net, Internet Service Provider
TM-NETSYS-ASH – TicketMaster
TOMLINE Tomsk telecommunication company Ltd
TOTNET-TH-AS-AP TOT Public Company Limited
TPG-INTERNET-AP TPG Internet Pty Ltd
TPNET Telekomunikacja Polska S.A.
TRANSTEL S.A.
TRAVELERS – Travelers Property Casualty Corp.
TRENDMICRO Global IDC and Backbone of Trend Micro Inc.
TRENDMICRO Trend Micro Inc.
TRUENORTHCOMM – True North Communications
TSF-IP-CORE TeliaSonera Finland IP Network
TSU-SM – Texas State University – San Marcos
TTCLDATA
TTNET Turk Telekomunikasyon Anonim Sirketi
TTSL-MEISISP Tata Teleservices ISP AS
TULIP Tulip Telecom Ltd.
TURKCELL-AS TURKCELL ILETISIM HIZMETLERI A.S.
TVCABO-AS TVCABO Autonomous System
TWTC – tw telecom holdings, inc.
UAEXPRESS EXPRESS Radio Network
UARNET-AS Ukrainian Academic and Research Network
UA-SEECH Seech-Infocom NCC
UA-SMART-AS Broadcasting company _Smart_ Ltd
UCOM UCOM Corp.
UCSB-NET-AS – University of California, Santa Barbara
UCSC – University of California, Santa Cruz
UDMVT-AS OJSC VolgaTelecom branch in Udmurtia Republic AS Number
UECOMM-AU Uecomm Ltd
UKRBIT-NET-AS SPD Bilopol Roman Leonidovich
UKRTELNET JSC UKRTELECOM,
ULTRADNS – Centergate Research, LLC.
UMANITOBA – University of Manitoba
UMC-AS UMC Autonomous System
UMICH-AS-5 – University of Michigan
UMN Ural-TransTeleCom Autonomous System
UNI2-AS France Telecom Espana SA
Uninet S.A. de C.V.
UNINETT UNINETT, The Norwegian University & Research Network
UNISYS-6072 For routing issues, email hostmaster@unisys.com
UNISYS-AP-UI-AS-AP Unisys AsiaPac Intranet Access to Internet
UNISYS-AS-E – Unisys Corporation
Universidad Nacional de Colombia
University de Los Andes
UNL-AS – University of Nebraska-Lincoln
UNSPECIFIED
UPC UPC Broadband
UPITT-AS – University of Pittsburgh
URAN URAN Autonomous system
USAA – USAA
USI Uralsviazinform
UUNET – MCI Communications Services, Inc. d/b/a Verizon Business
UUNET-INT – MCI Communications Services, Inc. d/b/a Verizon Business
VEGA-OD-UA DCS Ltd.
VERISIGN-CORP – VeriSign Infrastructure & Operations
VERSATEL AS for the Trans-European Tele2 IP Transport backbone
VIA-NET-WORKS-AS PSINet Europe / VIA NET.WORKS international AS
VIAPASS-FR VIAPASS SAS
VIDEOTRON – Videotron Telecom Ltee
VIETEL-AS-AP Vietel Corporation
VINAKOM – VINAKOM COMMUNICATIONS
VINS – ViaWest
VIRGINIA-AS – University of Virginia
VITSSEN-SUWON-AS-KR Tbroad Suwon Broadcating Corporati
VMWARENET-1 – VMWare, Inc.
VNET-AS VNET ISP Bratislava, Slovakia, SK
VNPT-AS-VN Vietnam Posts and Telecommunications (VNPT)
VODAFONE_ICELAND Backbone Autonomous System
VODAFONE-IT-ASN Vodafone N.V.
VODANET International IP-Backbone of Vodafone
VOLIA-AS Kyivski Telekomunikatsiyni Merezhi LLC
VOLKSWAGEN Volkswagen AG, Wolfsburg 1
VRIS-AS-BLOCK – Verizon Online LLC
VSI-AS VSI AS
VTX-NETWORK VTX Services SA
VZB-AU-AS Verizon Australia PTY Limited
VZGNI-TRANSIT – Verizon Online LLC
WATEEN-IMS-PK-AS-AP National WiMAX/IMS environment
WAYPORT – AT&T Wi-Fi Services
Webex Communications, Inc.
WEBSENSE Websense, Inc.
WELLSFARGO – Wells Fargo & Company
WESTHOST – WestHost, Inc.
WESTNET-AS-AP Westnet Internet Services
WESTPUB-A – West Publishing Corporation
WICAM-AS WiCAM ISP Cambodia Peering AS
WIDEXS ion-ip B.V.
WINDSTREAM – Windstream Communications Inc
WIRELESSNET-ID-AP WIRELESSNET AS
WITCOM- Wiesbadener Informations – und Telekommunikations GmbH
WN-AS Private enterprise Gorbunov A.A.
WORLDBANK-AS – WORLD BANK
WORLDCALL-AS-LHR Worldcall Broadband Limited
WORLDNET-AS World Net & Services Co., Ltd.
WOW-INTERNET – WideOpenWest Finance LLC
WXC-AS-NZ WorldxChange Communications LTD
WYOMING – wyoming.com
XO-AS15 – XO Communications
XS4ALL-NL XS4ALL
XTRA-AS Telecom XTRA, Auckland, NZ
YAHOO-BANGALORE-AS-AP Yahoo Bangalore Network Monitoring Center
YAHOO-US – Yahoo
ZIGGO Ziggo – tv, internet, telefoon
ZIPNETBD-DKB-AS-AP Zipnet Limited DKB AS number

Krebs got the list of affected companies from a breached “command and control” server, the name for a machine that hackers use to direct the fleets of compromised PCs that they have gained control over.

He also offered clarification about who were on the list. “First, many of the network owners listed are Internet service providers, and are likely included because some of their subscribers were hit. Second, it is not clear how many systems in each of these companies or networks were compromised, for how long those intrusions persisted, or whether the attackers successfully stole sensitive information from all of the victims. Finally, some of these organizations (there are several antivirus firms mentioned…) may be represented because they  intentionally compromised internal systems in an effort to reverse engineer malware used in these attacks.”

Two lessons come out of these attacks. One lesson is when you build a better mousetrap, somebody out there is already working on building a better mouse. The other is that you can count on ThreatMetrix to protect your customers, so that even in the event of a breach, their personal information is always secure.

That’s because the ThreatMetrix™ Cloud-Based Fraud Prevention Platform device identification solutions recognize returning visitors without cookies and also recognizes them even when their device fingerprints change. Protecting against bad scripts and fraudulent account logons, payments and transactions, ThreatMetrix solutions are designed to interdict attacks of fraud in real time, while passively and transparently profiling users — without collecting extraneous personal identity information, such as Social Security numbers, and mother’s maiden names.

Misha Glenny’s book, DarkMarket, relates the brief history (2005 – 2008) of DarkMarket.ws, an Internet cybercrime forum (in English) that was kind of a cross between a chat room and Amazon.com.

If you haven’t heard about the site, it probably says something about your honesty. You see DarkMarket.ws was “by-invitation-only.”  If you weren’t a cybercrook who knew a cybercrook, you were not about to get access to the URL.  Very exclusive.

You know the expression “honor among thieves?”  Well, you could call getting an invitation to join, “a high honor among thieves.” The Website provided criminal entrepreneurs — stolen identity and credit-card data buyers and sellers — a venue to meet and exchange information and ideas with their peers and learn from experts about the latest technologies and scams in a professional, friendly atmosphere. Created in London by Renukanth Subramaniam, who went by the user name JiLsi, the site had 2,500 users at its peak and was a place where an online thief could buy “skimming machines” (devices installed in ATMs to record users’ credit-card details), find reviews of hardware advertised on the site, and generally catch up on the latest and greatest in crime.

You’ve probably heard this other old saying one time or another.  “You can’t bulls_ _t a bulls_ _ _ ter.”  While you may have heard it, the FBI evidently didn’t because they ended up scamming the scammers.

FBI agent J. Keith Mularski infiltrated the DarkMarket site using the name of an infamous Polish spammer, Master Splyntr. In fact, he not only infiltrated it, he became the site’s administrator!

Misha Glenny’s DarkMarket is the story of how DarkMarket.ws was taken down. Says Evgeny Morozov in his review in the Wall Street Journal, “Mr. Glenny, a gifted investigative reporter, has sought out investigators and cyber criminals alike (he visited many convicted offenders in prison and got them to talk about their trade). He dissects DarkMarket’s transient but maddeningly convoluted history in a highly meticulous, almost forensic manner….Before the story is over, Turkish military intelligence agents, the Tamil Tigers, members of the Saudi royal family and the brother of Supreme Court Justice Stephen Breyer all make appearances.”

Pointing out that it’s impossible to end cybercrime without understanding the psychology of cybercriminals, Morozov says Glenny’s book offers valuable insight. “Even though many cyber criminals have day jobs, they spend inordinate amounts of time online, mostly in a futile attempt to impress their peers and join the ranks of the digital übermenschen. Many choose cybercrime for the same reasons that disaffected youngsters choose more pedestrian forms of crime; tales of desperation, rejection and poverty loom large in this book. Faced with an unpalatable choice between a life of violent crime or seemingly victimless cybercrime, 13-year-olds in Ukraine choose the latter.”

However, no matter how they found their way into cybercrime, once in it, these criminals often act like mainstream business. “Obsessed with profit-maximization, they vie to annihilate competition, establish absolute monopoly and ratchet up the prices.”

While European and American police agencies seemed to work well together, the same couldn’t be said of American internal police agencies.  Offers Morozov, “Mr. Glenny recounts a grotesque story of how the FBI and the Secret Service had been investigating each other’s undercover agents, in both cases believing them to be actual criminals. Only the intervention of their British colleagues, who were privy to the secrets of both groups, prevented a major crisis.”

So, lacking guns, explosions and car chases, what kind of read is DarkMarket? Wall Street Journal reviewer calls it, “an eminently readable, witty narrative that sustains suspense until the very last pages.”

As a result of the FBI sting, there were more than sixty arrests worldwide with the man who started it getting sentenced to nearly five years in prison. So, what’s the best way to fight cybercrime if you’re not an FBI agent with unlimited time and funds?

ThreatMetrix™.

The ThreatMetrix™ Cloud-Based Fraud Prevention Platform offers a global perspective of risk from a worldwide network of shared intelligence across tens of millions of transactions across all of ThreatMetrix’s customers. The information is always up-to-date and always available. Incorporating ThreatMetrix SmartID™ cookieless device identification, the Platform lets companies authenticate user logins in real-time — without relying on personally identifiable information (PII). So, even in a worst case scenario where a breach has occurred, cybercriminals never have access to personal information such as birth dates, maiden names and Social Security numbers.

Integrated into the latest release of the ThreatMetrix™ Cloud-Based Fraud Prevention Platform is a new multi-layered data encryption architecture feature that takes data encryption to a whole new level.  Addressing strict security requirements, the new feature provides multi-layered encryption of customer-siloed data and global customer data with minimum impact on customer response times.

Should any one customer account be compromised, data loss is limited to that one customer.  Even if the data center hosting ThreatMetrix services were compromised, the encrypted data would remain confidential. Customer data shared with ThreatMetrix™ for fraud protection purposes remains secure. And, there’s no worry about a degradation in performance.

“It’s our goal to raise the bar for the level of security and privacy of online transactions,” said Alisdair Faulkner, chief products officer, ThreatMetrix. “The question is not if a consumer’s identity will be compromised, but it’s a matter of when it will be compromised. Credit card companies can update their credit cards if they’ve been compromised, but consumers can’t simply recycle their identity. ThreatMetrix is staying one step ahead so fraudulent activity is minimized and our clients can do a better job of protecting their customers.”

Faulkner added, “ThreatMetrix, in broadening its strategy as a leader in digital cyber identification, views the new data encryption feature as a critical next-step toward protecting privacy and enhancing the security of confidential consumer information during online transactions. Activities associated with hacker group LulzSec and many recent high-profile data breaches like Epsilon and PlayStation — which resulted in millions of compromised accounts — underlines the need for new encryption technology that better protects both online brands as well as consumers.”

The new release offers a host of new benefits including new fraud detection rules, device identification improvements, administrative enhancements, queue management improvements, and changes to the ThreatMetrix Portal around access and data privacy.

Faulkner observes, “PII is no longer an effective authentication tool by itself, as it can’t authenticate the person behind the transaction.  Context is key, which means looking past the device and also considering other factors associated with the device, like phone number and email. We’re looking for anomalies in customer data, in conjunction with the underlining device reputation behavior. It’s whether or not all transactions and customer and device information make sense in the context of that transaction. We then apply this intelligence across a comprehensive global network to stop fraud in real-time and better protect consumers.”

Today, ThreatMetrix serves social networks, financial services, e-commerce companies et al. by authenticating payments, new accounts, and customers in real-time —without hassling those customers for personal information like Social Security Numbers, mothers’ maiden names, etc. It’s estimated that ThreatMetrix helps screen up to one-billion online transactions each month and is successfully eliminating the threat of an estimated 300,000 fraudulent attempts every day!  That’s why ThreatMetrix has become the fastest growing provider of cloud-based fraud prevention solutions that don’t require personally identifiable information.

Anonymous took more than 600 MB of data from the International Association of Chiefs of Police and took down the IACP’s Website for good measure. Then Anonymous released data which included internal documents, membership rosters, home addresses, passwords, Social Security numbers, etc.

Now, if you agree with Occupy Wall Street, you may feel the hacker group Anonymous has its heart in the right place. But, wherever Anonymous’s heart is, the rest of its geography seems a bit skewed.

As everybody who’s ever lost money in the market knows, Wall Street’s in New York. But Anonymous revealed 1000 names and passwords from the Boston Police Patrolmen’s Association; 1000 names, ranks, social security numbers, addresses and phone numbers from Alabama law enforcement systems; and the full contact database from Arlington Virginia’s Matrix Group, a web development agency serving government Websites.

Attacking police in Boston and Alabama to support a protest in New York? Some observers might be tempted to draw a parallel between these Anonymous attacks and the invasion of Iraq as retribution for 911 which was carried out by Bin Laden from Afghanistan.

Anyway…

According to Meghan Kelly in VentureBeat.com, the Anonymous rationale for the attacks wasn’t supposed to be along geographic lines. “Anonymous said it wanted to attack the police directly because they act as a protector of ‘the one percent,’ or what OWS protesters describe as the fortunate few who hold the majority of the wealth that would otherwise benefit the remaining ‘99 percent.’”

Anonymous has attacked police in the past in an effort to “expose corruption and brutality.” In Anonymous’s own words, ““We have no problem targeting police and releasing their information even if it puts them at risk because we want them to experience just a taste of the brutality and misery they serve us on an everyday basis.”  Spoken like somebody who was caught in a speed trap. Or had his/her vehicle ticketed and towed when the meter was busted. Or got cited for jay walking at 3 in the morning on a deserted side street in a hurricane. Sort of sounds like that.

In an odd twist, Kelly points out that a call to the Baldwin County, Alabama Sheriff’s office via Skype came from a man with a British accent, who claimed he hacked the Sheriff’s website because he was bored.  Kelly’s conclusion – the man was calling from the U.K. and this was an example of how Anonymous is “disjointed.”

No matter how anybody feels about Anonymous’s goals, its tactics, which disclose personal identifying information, are either regrettable or reprehensible. No matter which, there’s one solution designed to thwart an Anonymous attack. And that solution comes from ThreatMetrix™. ThreatMetrix doesn’t rely on passwords, user names or any other personal identifying information to protect its clients. Instead the ThreatMetrix™ Cloud-Based Fraud Prevention Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to stop the bad guys and let the good guys go.