Posts Tagged ‘Online Fraud’

Documents obtained by The New York Times said the European Commission is proposing a regulation that compels “Web sites to tell consumers why their data is being collected and retain it for only as long as necessary. If data is stolen, sites would have to notify regulators within 24 hours. It also offer[ed] consumers the right to transport their data from one service to another — to deactivate a Facebook account, for example, and take one’s trove of pictures and posts and contacts to Google Plus.”

Legal systems in every part of the world are working to come to grips with who owns online personal data, what happens to it after it’s posted, and what’s fair game to use for marketing.

Viviane Reding, the European Commission’s vice president for justice, told The Times, “Companies must be transparent about what they are doing, clear about which data is being used for what.”

If the European Parliament passes the new law, it would still not go into effect before 2014 and would not directly affect American consumers. As to American companies…well, they would only have to deal with one privacy law for the European Continent instead of the current twenty-seven different ones; Germany, a special case, has different data protection laws for each of its sixteen federal states. On the other hand, penalties for breaking the law could be as high as two percent of a company’s annual global revenue.

Plus, it’s not always easy to adhere to the letter of newly proposed law. Microsoft’s Ronald Zink, chief operating officer for European affairs, brought up concerns in discussing Microsoft’s Xbox Kinect system, which stores body measurements so it can visually recognize repeat players. He questioned whether the law would require players to provide consent every time they played a game, even if the information never left the game console. “We have designed the product to be private. We put a lot of thought into how this controls our work in terms of privacy by design.”

One of the law’s most controversial provisions is an Internet user’s right to demand that his or her accumulated data on a particular site be deleted forever. Viviane Reding states, “When a citizen has asked to get [personal data] back, then the data has to be given back. When an individual no longer wants his data to be processed, it will be deleted.”

In her New York Times article, Somini Sengupta cites critics who say deleting an individual’s personal data is not that simple and clear cut. “Data does not always stay in one place; if it is transferred to another company it cannot easily be withdrawn. A company might license some of the data it collects to a third party to analyze market sentiments or social trends: reviews of kebab joints in Amsterdam or public opinion about burqas. Moreover, it may be less feasible to erase someone’s credit history, for instance, or employment record than to, say, do away with her shopping history on Amazon.”

German Green Party member, Malte Spitz, said the proposed law should restrict how companies hold onto personal information. “Lots of companies are collecting as much information as possible, and lots of this information isn’t really necessary.”

According to Reuters, Facebook, which has been investigated by European regulators for the way it retains data, warned against rules that might not keep up with the pace of change on the Internet, saying, “There is a risk that an excessively litigious environment would impede the development of innovative services that can bring real benefit to European citizens.”

Europe, the U.S., or anywhere in the world, you can count on ThreatMetrix™ to provide both online security and custom data privacy.

Without relying on passwords, user names and cookies to protect its clients, the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

Casus belli is polite diplomatic Latin for an act of war. Except for maybe the Greeks getting a bit annoyed over losing Helen and attacking Troy, acts of war have pretty much been confined to blockades (naval and otherwise) and direct military strikes.

Now the Pentagon is in the process of officially redefining acts of war to include hacking that poses a significant threat to U.S. nuclear reactors, subways, pipelines, etc. In poker terms, what it comes down to is we’ll see your virus and raise you the U.S.S. Enterprise – and we ain’t talkin’ Star Trek.

Recently, the Wall Street Journal obtained unclassified portions of the Pentagon’s formal cyber strategy. In Siobhan Gorman and Julian E. Barnes’ WSJ article, they said attacks on Pentagon systems including military contractor, Lockheed Martin, and sabotage against Iran’s nuclear program using the Stuxnet computer worm spurred the U.S. military to action.

One nagging problem is determining where an attack originated. Another is, how strongly to retaliate once the source of the attack is determined. For example, if a cyberattack produces death, damage, destruction or high-level disruption, the offending party could get a visit from Seal Team Six, Predator Drones or the entire Fourth Infantry Division.

The Wall Street Journal story notes attacks that impacted nations since 2007:

• June 2009: First version of Stuxnet virus starts spreading, eventually sabotaging Iran’s nuclear program. Some experts suspect it was an Israeli attempt, possibly with American help.
• November 2008: A computer virus believed to have originated in Russia succeeds in penetrating at least one classified U.S. military computer network.
• August 2008: Online attack on websites of Georgian government agencies and financial institutions at start of brief war between Russia and Georgia.
• May 2007: Attack on Estonian banking and government websites occurs that is similar to the later one in Georgia but has greater impact because Estonia is more dependent on online banking.

The article notes that the “Pentagon itself was rattled by the 2008 attack, a breach significant enough that the Chairman of the Joint Chiefs briefed then-President George W. Bush. At the time, Pentagon officials said they believed the attack originated in Russia, although didn’t say whether they believed the attacks were connected to the government. Russia has denied involvement.”

Cyberwarfare isn’t governed by the traditional rules of armed conflict based on international treaties, i.e., the Geneva Conventions and customary international law.

“Act of war” according to retired Air Force Major General and Duke University law school professor Charles Dunlap is a political phrase rather than a legal term. He also argued that cyber attacks that have a violent effect are the legal equivalent of armed attacks, or what’s called in military parlance, “use of force” and should be governed by basically the same rules as any other kind of attack. In other words, the U.S. “would need to show that the cyber weapon used had an effect that was the equivalent of a conventional attack.”

Center for Strategic and International Studies’ computer security specialist James Lewis says many military planners believe retaliation should be judged by the amount of real or attempted damage the attack caused. Therefore, if a hack attack shut down as much commerce as a naval blockade, it would be considered an act of war the same way a naval blockade is.

The Gorman and Barnes WSJ story says the origin of the Stuxnet virus, meant to sabotage Iran’s nuclear centrifuges, could not be positively identified. “While some experts suspect it was an Israeli attack, because of coding characteristics, possibly with American assistance, that hasn’t been proven. Iran was the location of only 60% of the infections, according to a study by the computer security firm Symantec. Other locations included Indonesia, India, Pakistan and the U.S.” Cyberattacks on American online assets have often been attributed to China or Russia. The difficulty proving exactly where attacks originate have some Pentagon planners seeking to deter attacks by holding the countries that build cyberweapons, themselves, responsible for their use.

Whatever international law comes to recognize as a cyberspace act of war, a growing number of companies have already come to recognize that ThreatMetrix™ offers the best protection available. Without relying on passwords, user names and cookies to protect its clients, the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

Child identity theft is exactly like stealing candy from babies. Easy. It’s easy because the crime is often not detected until the baby is an adult and has his/her credit and reputation ruined.

The Huffington Post relates the story of Jennifer Andrushko.   

When Jennifer Andrushko applied for public aid two years ago, a state employee entered her son Carter’s Social Security number into a computer and discovered something strange: The boy appeared to have been earning wages for the past eight years.

“I thought, ‘How could this be happening? He’s only three years old,’” Andrushko said.

It turned out an undocumented immigrant had been using Carter’s number to acquire jobs since before [Carter] was born. But Carter proved relatively fortunate. Unlike many child identity theft victims who do not realize their credit is ruined until they reach adulthood, his case was caught while he was young, giving him time to recover his good name.

Carter was lucky. He was living in Utah, one of the few states that cross-references its employment database with a list of children receiving public assistance. Well he wasn’t all that lucky. His mother was applying for public assistance.  Anyway, according to the Huffington Post, Utah found thousands of instances of child identity theft, including one where nine people used one nine-year-old’s Social Security number to get employment.

Parents hand over children’s Social Security numbers to schools and health care providers, and other institutions that often don’t have sufficient safeguards in place. It’s been suggested that a solution, or at least a partial one, would be if the Social Security Administration could do something with the numbers to make it possible for credit agencies to know that the holder is a minor.

Last year, more than 18,000 cases of child identity theft were reported to the Federal Trade Commission. The Huffington Post suggests even 18,000 doesn’t come close. “The real figure…is probably much higher because the crime often goes undetected….. ID Analytics estimates that more than 140,000 children are victims of identity theft each year, based on a one-year study of those enrolled in the firm’s identity protection service.

“In the largest study on child identity theft to date, researchers at Carnegie Mellon University found that 10 percent of children were victims of identity theft, compared with less than 1 percent of adults. The study, which was published this spring, analyzed more than 800,000 records — including 40,000 belonging to minors — compromised by data breaches in 2009 and 2010. The data was provided by the credit monitoring service Debix.”

The Huffington Post story says, “Thieves now exploit a gap in the system used by the three major credit bureaus to check consumer credit. When the bureaus pull reports, they look for matching names, birthdates and Social Security numbers. But identity thieves escape detection by pairing a child’s number with a different name and birth date, creating the appearance of a consumer who is applying for credit for the first time. Debix says it recently ran credit reports on 381 cases of confirmed child identity theft and found that credit reports only turned up fraudulent activity in four cases, or 1 percent.”

Companies are able to cross check names, birthdates and SSNs with the Social Security Administration, but the agency charges a $5,000 fee upfront, plus $1 for each check – a tab many companies don’t care to pay.

Stuart Pratt, president of the Consumer Data Industry Association, the trade association for the three credit reporting agencies, asked, “How can somebody open up any kind of account with just a name and Social on its own? Authentication should be much more than that. It has to be robust.”

In the late 1980s, the Social Security Administration started requiring parents to list their children’s SSNs to claim them as dependents. Newborns got spanking new credit histories that remained that way till they turned eighteen. It was an open invitation to crooks.

So what happens when thieves have a multi-year head start?  The Huffington Post relates the story of Jaleesa Suell of Oakland, California.  When Jaleesa was 17, a thief stole her identity to open a credit card. She didn’t find out until she turned 21 and was denied her first credit card. The reason?  She had a $300 unpaid credit-card debt, which had been sent to a collection agency.

Now 22, Suell has spent the last six months disputing the fraud with Plains Commerce Bank, based in South Dakota, where the account was opened. Before accepting the charges were fraudulent, the bank insisted that Suell provide a full police report. But the Oakland Police Department has refused to provide such a report because $300 does not meet the department’s threshold.

Identity Theft 911, which is working pro-bono to help Suell, plans to write letters to the FDIC, FTC and the Better Business Bureau to pressure the bank to “do the right thing,” according to Kelly Colgan, a spokeswoman for Identity Theft 911.

If her case is not resolved, Suell fears she will graduate college in May and be unable to rent an apartment or acquire student loans for graduate school due to her damaged credit.

“I’m at an impasse,” she said. “It’s extremely frustrating.”

Story after story follows the same pattern. Even when victims are able to clear their names, they have still been forced to devote big chunks of time and energy to that end. And that’s time and energy that could be put to better use like improving their grades, finding jobs, etc.

Amending agency regulations and federal and state laws could help stop ID theft.  Another thing that could help the cause is for online businesses to use ThreatMetrix™ solutions.

ThreatMetrix doesn’t rely on passwords, user names and cookies to protect its clients.  Instead the ThreatMetrix™ Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals. The ThreatMetrix Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

Zappos, the online shoe outlet owned by Amazon, was hacked putting some 24-million customers’ personal information at risk. PCWorld.com reported that Zappos CEO, Tony Hsieh, told customers that, “names, email addresses, billing and shipping addresses, phone numbers, the last four digits of credit card numbers, and encrypted passwords may have been exposed.”  He added that the good news was that the database storing actual credit card and payment data had not been breached.

Nevertheless, the New York Daily News reported that the company had put out a statement informing customers of the incident and asking them to change their passwords. Customers, who attempted to phone Zappos for information, were met with the sounds of silence. Zappos’ CEO said in a memo, “We have made the hard decision to turn off our phones and direct customers to contact us by email because our phone systems simply aren’t capable of handling so much volume. (If 5% of our customers call, that would be over 1 million phone calls, most of which would not even make it into our phone system in the first place.).”

In an email to employees, which was posted to the Zappos blog, the company said the cyberattack came from a criminal who had gained access to parts of the company’s internal network and systems through a server in Kentucky.

Andrew Storms, director of security operations at nCircle, told PCWorld.com that Zappos’ response to the incident seemed to be appropriate in so far as it had notified customers, and reset all passwords to force customers to create new ones to replace those that may be exposed or cracked as a result of the breach.

Security expert, Neil Roiter, research director for Corero Network Security, observed, “Companies such as Zappos should have technology in place that monitors activity on their networks and reports in real time on suspicious activity or activity that does not conform to security policy. The sooner an organization detects a breach, the more quickly it can contain it.”

ThreatMetrix, the fastest-growing provider of integrated cybercrime prevention solutions, offers superior solutions that can’t be compromised by break-ins. The ThreatMetrix™ Cybercrime Defender Platform helps companies protect customer data and secure transactions against fraud, malware, data breaches, as well as man-in-the browser (MitB) and Trojan attacks. The Platform consists of advanced cybersecurity technologies, including TrustDefender™ ID, which is cloud-based, real-time device identification, as well as malware protection with TrustDefender™ Cloud and TrustDefender™ Client. The company serves a rapidly growing global customer base across a variety of industries, including financial services, e-commerce, payments,social networks, government, and healthcare.

To meet the ever mounting threat posed by malware, ThreatMetrix™, the fastest-growing provider of integrated cybercrime prevention solutions, announced today that it has acquired the Australian-based company TrustDefender™, a recognized leader of secure browsing technology to stop man-in-the-browser (MitB) attacks and provide malware protection.

The ThreatMetrix™ Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform.

This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions.

The combined companies will operate under the ThreatMetrix name with global operations in the United States, Australia and Europe. The corporate headquarters will be located in San Jose, California.

“The natural synergies between device identification and secure browsing are very obvious,” said Reed Taussig, president and CEO, ThreatMetrix. “Successful transaction profiling requires sophisticated malware detection and intelligent device identification to determine if the device is compromised or if the transaction is at risk of being fraudulent. While our customers have recognized this for a long time, the only available solution – until now – was to implement multiple products across different vendors. By integrating advanced device identification and secure browsing into a single, competitively priced, easy-to-install and easy-to-use product, ThreatMetrix is delivering the most complete online fraud management solution available in the market today.”

The Growing Global Malware Threat 

According to an Aite Group report (“Know Your Enemy: Successful Online Fraud Mitigation Strategies”), 25 million new, unique strains of malware were released in 2011. That number is projected to grow to 87 million strains by the end of 2015.

A Gartner Group report (“The Five Layers of Fraud Prevention and Using Them to Beat Malware”) containing a survey of 76 U.S. banks found malware was the number one cyberthreat.  Gartner’s recommendation:  banks and financial institutions implement a layered approach to fraud prevention to prevent and contain against cybercriminal attacks.

According to Andreas Baumhof, co-founder and CEO of TrustDefender, who now joins ThreatMetrix as CTO, the acquisition addresses the growing global malware threat.

“In 2011 we saw a huge increase in sophisticated MitB Trojan activities supporting fraudulent transactions with stolen identities,” said Baumhof. “Malware protection and fraud prevention are closely related, yet no truly integrated solutions were available in the market. The merger allows ThreatMetrix to address fraud prevention and malware protection as a single problem and deliver real benefits to customers at a lower cost.”

ThreatMetrix Cybercrime Defender Platform

With the acquisition, the ThreatMetrix™ Cybercrime Defender Platform now consists of the following product solutions and associated benefits:

• TrustDefender™ ID — TrustDefender ID is a cloud-based, real-time device identification solution that protects companies against cybercriminals and helps validate valuable returning customers. TrustDefender ID provides businesses with a crucial first perimeter of defense to protect online transactions, including account creation, login authentication and payment authorization.
• TrustDefender™ Cloud – TrustDefender Cloud is a cloud-based, real-time solution that helps companies protect customer data and defend against fraud, malware, MitB and Trojan attacks, and data breaches. It mitigates the risk of hidden malware compromising authenticated sessions to steal data, identities or money.
  
• TrustDefender™ Client — TrustDefender Client is a client-based, real-time solution that mitigates the risk of hidden malware compromising authenticated sessions to steal data, identities or money. A small client component installed on end-user computers identifies and isolates malware, verifies legitimate websites, protects the online session with the business, and communicates with the business to identify potential fraud.

“Combining endpoint centric fraud prevention products is cost effective,” said Avivah Litan, vice president and distinguished analyst, Gartner. “Device identification and malware detection in particular, are two of the most prevalent and required endpoint protection products in the market today. Device identification provides a strong foundation against fraud while malware protection closes a loophole in fraud prevention caused by man-in-the-browser attacks. Combining these solutions will streamline the fraud prevention, management and administrative processes for organizations combating today’s cyberthreats.”

Additional Resources

• ThreatMetrix™ Cybercrime Defender Platform
• TrustDefender™ Client Datasheet
  
• TrustDefender™ Cloud Datasheet
  
• TrustDefender ™ID Datasheet 

PrECISE (Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness) is the cybersecurity bill introduced by members of the House Homeland Security Committee.  PrECISE establishes a quasi-governmental entity to oversee information-sharing with the private sector.

Wouldn’t you like to have sat in on the meeting where they decided on the acronym, PrECISE?  (Probably more like multiple meetings with emails flying back and forth for months):

Staffers: “How about Cybersecurity Information Sharing (CIS)?”

Committee: “CIS?  Too close to CIA, which is supposed to gather information, not spread it. Leaves the wrong impression.”

Staffers: “How about Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness (PECISE)?”

Committee:  “That’d be pronounced Pea-size. Does Pea-size sound like the taxpayers are getting any bang for their buck?”

Staffers:  “How about we put in an “R” for Research? “Promoting Research and Enhancing Cybersecurity and Information Sharing Effectiveness.” Then we’ve got PRECISE. “

Committee: “PRECISE.  Like it.  But we’re not doing Research. That makes PRECISE imprecise.”

Staffers:  “Okay, we can take the “R” from “Promoting” to make it “PRECISE.” And to differentiate it from the rest of the acronym, we can make the “R” an “r”.

Committee:  “But what do we do about the “a”s in the “ands” in “Promoting Research and Enhancing Cybersecurity and Information Sharing Effectiveness?”

Staffers:  “Lower case ands are always silent.” 

Committee:  “Precisely.”

However the PrECISE Act got its name, The Hill’s “Hillicon Valley Technology Blog” reports that it’s designed to encourage “private firms to share information on cyber threats [stopping] short of mandating new security standards for sectors deemed critical to national security” following other cybersecurity bills offered by House Republicans.

The bill lays out the Department of Homeland Security’s cybersecurity functions which would require DHS to evaluate cybersecurity risks for critical infrastructure firms and determine the best way to mitigate the risks.

“Cybersecurity is truly a team sport, and this bill gives DHS needed authorities to play its part in the federal government’s cybersecurity mission and enables the private sector to play its part by giving them the information and access to technical support they need to protect critical infrastructure,” said House Cybersecurity subcommittee Chairman Dan Lungren (R-Calif.).

Hillicon Valley Technology Blog observes, “By authorizing DHS to oversee civilian cybersecurity, the legislation aligns with proposals from both the Senate and the White House, but it is unclear how much authority DHS would have to enforce its security standards. Democrats have argued DHS needs some enforcement authority to ensure firms beef up their network protections.”

While there hasn’t been a whole lot of bi-partisan support for any measure recently, this bill appears to come close. Bennie Thompson (D-Miss.) said, “Introduction of this legislation represents a solid and significant step forward in the effort to secure our nation’s cyber infrastructure. While I am not prepared to give my full support to the bill at this time, there’s a lot to like in this bill. I am pleased that it gives DHS the authority and resources it needs to fulfill its cybersecurity mission instead of creating a whole new bureaucracy or complicated regulatory framework.”

Offers Cybersecurity sub-panel ranking member Yvette Clarke (D-N.Y.), “While we continue to review this legislation, I look forward to working with my colleagues in a more collaborative way to strengthen this bill.”

You may have to wait for Congress to work out the precise language of PrECISE before it’s enacted.  But, you don’t have to wait to achieve the most effective protection for your online assets.  That protection is available today from ThreatMetrix™.

The first perimeter and the most effective element in a multi-layered defense against cybercriminals is device identification.  Offering transaction security from hidden proxies, scripted attacks and cookie and browser manipulation, the ThreatMetrix™ Cloud-Based Fraud Prevention Platform  lets companies authenticate payments, new accounts and returning customers in real time. And it doesn’t matter what device is being used from smartphones to PCs to tablets. Combined with aggregated fraud intelligence in the cloud, ThreatMetrix device identification offers companies maximum protection without the need to collect Social Security numbers, email addresses or bank account information.

1917:  The Foreign Secretary of the German Empire, Arthur Zimmermann sent a diplomatic proposal from the German Empire to Mexico to make war against the United States. Intercepted by British intelligence and forwarded on to the United States, the Zimmermann Note angered Americans, adding another reason for the U.S. declaration of war against Germany in World War I.

2011: U.S. officials investigate reports that Iranian and Venezuelan diplomats in Mexico are involved in planned cyberattacks against U.S. targets, including nuclear power plants.

According to the Washington Times, a documentary that aired on the Spanish-language TV network, Univision, included secretly recorded footage of Iranian and Venezuelan diplomats being briefed on planned attacks and promising to pass information to their respective governments.

A former computer instructor at the National Autonomous University of Mexico told Univision that he was recruited by a professor there in 2006 to organize a group of student hackers to carry out cyberattacks against the United States, initially at the behest of the Cuban Embassy.

In an undercover sting, an instructor and several students infiltrated the hackers, secretly videotaping Iranian and Venezuelan diplomats.

State Department spokesperson William Ostick called the reports “disturbing,” but added that U.S. officials “don’t have any information at this point to corroborate them.”  However, earlier this year, U.S. prosecutors charged an Iranian official based in Tehran with trying to recruit a Mexican drug cartel to kill the Saudi ambassador to the United States by bombing a Washington restaurant. Ostick noted, “We constantly monitor for possible connections between terrorists and transnational criminals.”

An aide to New Jersey Senator Robert Menendez, chairman of the Senate Foreign Relations subcommittee on the Western Hemisphere told the Washington Times that the Univision report, which also said that Iranian extremists were recruiting young Latin American Muslims, is “one of a variety of concerns we have about Iran’s efforts to engage with countries and other actors in the region.”

Stating the obvious: technology has changed dramatically since 1917. People haven’t.  To ensure your company is protected against attack from people, who are out to cause harm or perpetrate fraud, the best solutions come from ThreatMetrix. Without requiring personal identifiable information, such as Social Security Numbers, that can be compromised, ThreatMetrix solutions nab criminals in real-time before they can do real damage. The ThreatMetrix™ Cloud-Based Fraud Prevention Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to stop criminals whether in Toledo or Tehran.

Just released in a second edition, Inside Cyber Warfare: Mapping the Cyber Underworld by Jeffrey Carr, is a wide-ranging overview of virtually every type of online illicit activity from cyber spying and cyber stealing to malicious malware attacks and identity theft.

Carr, a cyber intelligence expert is a columnist for Symantec’s Security Focus. A writer who specializes in investigating cyber attacks against governments and infrastructures, he’s been quoted in The New York Times, Washington Post, The Guardian, Business Week, Parameters, and Wired. Carr was also principal Investigator for Project Grey Goose, an Open Source intelligence investigation into the Russian cyber attacks on Georgia in August, 2008.

With a foreword by former Secretary of Homeland Security, Michael Chertoff and guest essays, including an essay by former senior advisor to the Director of National Intelligence and Cyber Coordination Executive,  Melissa Hathaway, Inside Cyber Warfare is encyclopedic in scope as it takes up :

·      The Conficker Worm: The Cyber Equivalent of an Extinction Event?

·      Africa: The Future Home of the World’s Largest Botnet?

·      The StopGeorgia.ru Project Forum

·      The Russian Information War

·      The Gaza Cyber War between Israeli and Arabic Hackers during Operation Cast Lead

·      Control the Voice of the Opposition by Controlling the Content in Cyberspace: Nigeria

·      Are Non-state Hackers a Protected Asset?

·     The Legal Status of Cyber Warfare

·      The Antarctic Treaty System and Space Law

·      The Law of Armed Conflict

·      Is This an Act of Cyber Warfare?

·      Responding to International Cyber Attacks as Acts of War

·      Analyzing Cyber Attacks under Jus ad Bellum – whether entering into a war would be a just war

·      The Korean DDoS Attacks (July 2009)

·      One Year After the RU-GE War (the War between Russia and Georgia)  Social Networking Sites Fall to DDoS Attack

·      Ingushetia Conflict, August 2009

·      Pakistani Hackers and Facebook

·      TwitterGate: A Real-World Example of a Social Engineering Attack with Dire Consequences

·      False Identities

·      Components of a Bulletproof Network

·      The Bulletproof Network of StopGeorgia.ru

·      SORM-2

·      The Kremlin and the Russian Internet

·      A Three-Tier Model of Command and Control

·      Organized Crime in Cyberspace

·      Russian Organized Crime and the Kremlin

·      Using Open Source Internet Data

·      Team Cymru and Its Darknet Report

·      Using WHOIS

·      Weaponizing Malware

·      The Role of Cyber in Military Doctrine

·      China Military Doctrine

·      A Cyber Early Warning Model

·      Advice for Policymakers from the Field

·      When It Comes to Cyber Warfare: Shoot the Hostage

·      The United States Should Use Active Defenses to Defend Its Critical Information Systems

·      Scenarios and Options to Responding to Cyber Attacks

·      Whole-of-Nation Cyber Security

·      Conducting Operations in the Cyber-Space-Time Continuum

·      Anarchist Clusters: Anonymous, LulzSec, and the Anti-Sec Movement

·      Social Networks: The Geopolitical Strategy of Russian Investment in Social Media

·      Globalization: How Huawei Bypassed US Monitoring by Partnering with Symantec

·      The Russian Federation: Information Warfare Framework

·      Russia: The Information Security State

·      Russian Ministry of Defense

·      Internal Security Services: Federal Security Service (FSB), Ministry of Interior (MVD), and Federal Security Organization (FSO)

·      Russian Federation Ministry of Communications and Mass Communications (Minsvyaz)

·      Cyber Warfare Capabilities for: Australia – Brazil – Canada – Czech Republic – Democratic People’s Republic of Korea – Estonia – European Union – France – Germany – India – Iran – Israel – Italy – Kenya – Myanmar – NATO – Netherlands – Nigeria – Pakistan – People’s Republic of China – Poland – Republic of Korea – Russian Federation – Singapore – South Africa – Sweden – Taiwan (Republic of China) – Turkey – United Kingdom

·      US Department of Defense Cyber Command and Organizational Structure

·      Active Defense for Cyber: A Legal Framework for Covert Countermeasures

·      Covert Action

·      Cyber Active Defenses as Covert Action Under International Law

The book covers much more in 316 pages that are topical while, at the same time, providing in-depth analyses of the often dark underbelly of cyberspace.

For maximum protection from cyberspace’s dark underbelly, there’s one company that stands out — ThreatMetrix. ThreatMetrix offers superior solutions that can’t be compromised by break-ins. ThreatMetrix solutions protect against bad scripts and fraudulent account logins, payments and transactions.  With customized rules for each, ThreatMetrix solutions are designed to interdict attacks of fraud and other criminal behavior in real-time, while passively and transparently profiling users — without collecting extraneous personal identity information such as Social Security Numbers, birth dates and mother’s maiden names.

Superstition has it that if a horseshoe is hung upside down, the luck runs out. Running out of luck and into a scam is exactly what happened to a number of unlucky Lucky Supermarket customers in Northern California.

U.S. Secret Service agents told Save Mart CFO Stephen Ackerman – Save Mart is Lucky’s parent company — that the device thieves concealed in Lucky card readers was ”the most sophisticated device[ they'd] ever seen in the United States.” Without being detected, thieves planted circuit board sniffer devices inside debit and credit card readers at self-checkout lanes in several San Francisco Bay Area stores. To make detection more difficult, only one card reader at each store was targeted.

Lucky informed customers that they might have to cancel their credit cards or change their bank accounts. “At this time, we strongly recommend that anyone who used our self-check terminals in the affected stores during the months of October and November consider closing their bank account and opening a new one,” said Ackerman.

Television station KTVU said that thus far eighty people have reported money taken or suspicious activity on their accounts with losses in the thousands of dollars.

Lucky only discovered that the card readers had been tampered with after routine maintenance. You might say Lucky found them by “sheer luck.”  Once detected, the affected card readers were immediately removed.

While management told KTVU that a recurrence of the tampering “could not happen again,” federal investigators were not quite so optimistic.  However, the feds did have a clue how thieves were able to plant the sniffers. It seems someone had stolen credit card readers from a Lucky store in Fresno, California several months prior. If and when they catch the responsible individuals, the feds could be on their way to finding the thieves.

Authorities maintained that thefts of this nature are most likely to occur over the weekend when most financial institutions are closed or have limited hours. To protect against credit card and other financial fraud 24/7/365, more and more online financial institutions are turning to ThreatMetrix.

ThreatMetrix solutions combine a computer’s packet signature data with transaction details and anonymized credentials (credentials that are obtained anonymously and unlinkably by the user) to differentiate between honest transactions and fraudulent ones. Financial institutions are protected against bad scripts and fraudulent account logins, payments and transactions.

The world is a big place with close to seven billion people. And, according to professional researcher Moya K. Mason, something like 50-million new firms are started each year. So when you think about ThreatMetrix making Red Herring’s top 100 leading private companies in all of North America, Europe, and Asia, it’s quite an honor – especially when put in the context of other companies that have made the Top 100 in past years: Google, Skype, Baidu, Salesforce.com, YouTube and eBay. (The full list of winners in 2011 can be found here: http://www.herring100.com/RHG/2011/top100.html)

Red Herring’s editorial staff evaluated the companies on both quantitative and qualitative criteria, such as financial performance, technology innovation, management quality, strategy, and market penetration. This assessment of potential was complemented by a review of the track record and standing of start-ups relative to their sector peers.

Alex Vieux, Chairman of Red Herring, observed, “Choosing the best [companies from] the previous two years was by no means a small feat. After rigorous contemplation and discussion, we narrowed down our list from 1,100 potential companies to 100 winners.  It was an extremely difficult process [and the] competition for the Top 100 was fierce.  [The] Top 100 Global are truly the best of the best.”

“We’re extremely proud to be recognized by Red Herring as among the best technology companies globally,” said Reed Taussig, president and CEO, ThreatMetrix. “Winning the Red Herring Global award further validates ThreatMetrix’s value proposition in the marketplace as a leading provider of online fraud prevention and cybersecurity solutions.”

Many companies have already come to the conclusion that ThreatMetrix is the “right decision” when it comes to protecting their online assets. Offering transaction security from hidden proxies, scripted attacks and cookie and browser manipulation, the ThreatMetrix™ Cloud-Based Fraud Prevention Platform lets companies authenticate payments, new accounts and returning customers in real time. And it doesn’t matter what device is being used from smartphones to PCs to tablets. Combined with aggregated fraud intelligence in the cloud, ThreatMetrix device identification offers companies maximum protection without the need to collect Social Security numbers, email addresses or bank account information.