“ThreatMetrix Cybercrime Report: Q1 2015” Out. Has Cybercrime Surging in Wake of Data Breaches.

Posted on May 6th, 2015 by Dan Rampe

blog-header

Analyzing More than 6 Billion Transactions Over Q4 2014 and Q1 2015, ThreatMetrix’s Digital Identity Network Shows Cybercrime Up

From Q4 2014 through Q1 2015, the ThreatMetrix® Digital Identity Network analyzed more than 6 billion transactions in real time. Almost a third had originated from mobile devices. Protecting more than 250 million active user accounts across 3,000 customers and 15,000 websites, the ThreatMetrix Digital Identity Network is able to analyze customer transactions across industries and provide an insight into legitimate end-customers’ “digital identities” — even as they move between applications, devices and networks. In addition, it highlights representative key market trends.

Just out: the “ThreatMetrix Cybercrime Report: Q1 2015”

The report is based on cyberattacks that the ThreatMetrix Digital Identity Network detected and interdicted. Among them were fraudulent online payments, logins and new account registrations.

Report shows attacks on business trending upward with more cloaking

Using improved cybercrimeware and data stolen during breaches, cybercriminals are attacking businesses as never before. And, the ThreatMetrix Digital Identity Network is seeing more and more cloaked traffic, i.e., traffic with users’ identity masked. This is especially true for new account creations where criminals use stolen identities. With more mobile users doing transactions on their devices, device spoofing is becoming the most popular attack vector.

Strong growth in online and mobile commerce along with fraud

The report highlights the trends in the 2014 holiday shopping season. This was a period of record online transactions and an unprecedented number of attacks directly associated with data breaches. Impersonation/spoofing attacks are now the most common threat.

ThreatMetrix® identifi­ed more than 11.4 million fraud attempts during peak holiday shopping and the “ThreatMetrix Cybercrime Report: Q1 2015” is the first of its kind to analyze how stolen and compromised identities are used for cybercrime.

Trust: essential for customer loyalty

e-Commerce merchants had a spike in account login transactions as customers revisited retailers to check out products and deals and to make purchases. While new account creation rates were lower than other transaction types, they were twice as likely to be fraudulent, the result of stolen identities in the wild from massive breaches.

e-Commerce transaction percentages and risks:

  • One percent of transactions were account creation, with 6.7 percent high risk
  • 80 percent of transactions were account logins, with 2 percent high risk
  • 19 percent of transactions were payments, with 2.6 percent high risk

Vanita Pandey, ThreatMetrix senior director, strategy and product marketing, on account takeover and identity spoofing

“In the wake of recent data breaches, customers’ digital debris is floating in the cyberworld for fraudsters to compromise, making accurate insight into digital identities of the utmost importance for businesses, especially in the e-commerce industry.

“ThreatMetrix data shows an upswing in account takeover and identity spoofing attacks following recent massive data breaches. While guest checkouts previously represented the highest risk, due to the breadth of digital debris at cybercriminals’ fingertips, fraudsters are much more likely to use a stolen username and password combination than to use compromised credit card information, which has a shorter life span. As the volume of e-commerce transactions increase, it gives cybercriminals more places to poke and exploit. Retailers need to leverage a digital identity network to get a comprehensive view of customers to accurately differentiate between trusted and fraudulent transactions.”

Cybercrime surges across all transaction types in the financial services industry

In addition to e-commerce, the “ThreatMetrix Cybercrime Report: Q1 2015” examines financial services transactions and authentication attempts. While online banking authentication transactions continue to dominate the ­financial services industry, payment transactions increased during this period. This was driven by the increasing adoption of alternate payment methods and bankcard authentication solutions, and an increase in online money gifting during the holiday season. The impact of breaches and consumer credentials in the wild is more evident in the financial services industry, with a substantial increase in fraud rates across all transaction types.

Financial services transactions consist of the following percentages and risks:

  • One percent of transactions were account creation, with 2 percent high risk
  • 76 percent of transactions were account logins, with 2.6 percent high risk
  • 23 percent of transactions were payments, with 3.2 percent high risk

Pandey on cybercriminals’ growing sophistication

“On the backs of major data breaches, we’re seeing a trend in cybercriminals using more sophisticated, automated crimeware tools that are deliberately targeting first generation device identification and authentication solutions used by most financial institutions.

“Fraudsters are shifting from exploiting hardware and software to exploiting people – taking bits and pieces of their digital identities that have been compromised through breaches, and attempting to make transactions disguised as those individuals. As cybercriminals move to exploit financial institutions, those businesses need a more sophisticated view of their users. They need to look at their customers’ behaviors, devices and identities as a whole – the ultimate behavioral biometric.”

Preparing for new challenges means global shared intelligence

In both the e-commerce and financial services industries, businesses must prepare for the growth of new in-store technologies such as Europay-MasterCard-Visa (EMV) and Apple Pay with the wide adoption of the Apple Watch and other connected devices (IoT). As these technologies cut down point-of-sale fraud, attacks will move to the online channel. Global shared intelligence will be crucial as businesses prepare for the 2015 holiday season.

Media industry continues to see highest percentage of high-risk transactions

Analysis of transactions from social media, content streaming and online dating websites, shows a strong growth in payment transactions through media organizations while overall fraud levels continue to be higher than other industries. Illegal access to content outside of approved geographies, combined with spamming and fraudulent bot-driven account creation, represent the key drivers of fraud in the media space.

Broken down, media consists of the following percentages and risks:

  • 22 percent of transactions were account creation, with 3.8 percent high risk
  • 26 percent of transactions were account logins, with 6.2 percent high risk
  • 52 percent of transactions were payments, with 4 percent high risk

Pandey on fraud the media industry

“From a fraudster’s perspective, social media is the gas station of the connected world. It provides a quick and easy way to assess the validity of a stolen credit card or credentials. The media industry has the highest incidence rate of high-risk transactions due to the low authentication threshold – often only consisting of a username and password combination. These identities are easily compromised, especially following a significant number of data breaches, as many people use the same login credentials across websites.”

Use of more mobile devices means more mobile attacks

More and more consumers are using mobile phones, tablets and connected devices (such as the Apple Watch) to access content, make purchases, conduct banking transactions and pay bills.

ThreatMetrix, which analyzes mobile transactions from more than 200 countries and territories across the globe, finds consumers from emerging economies conducting a much higher percentage of transactions using mobile devices. The report found that growth in mobile brought more mobile attacks, with spoofi­ng being most prevalent. However, the attack volumes are still lower than desktop because mobile devices are not conducive to massive fraud attacks.

Pandey on mobile

“While desktop fraud still dominates, as mobile usage continues to grow, especially in emerging markets, the channel will eventually see new, sophisticated criminals targeting mobile transactions. With businesses focused on lowering consumer friction on mobile, fraudsters are increasingly targeting mobile platforms and devices to spoof identities. Businesses need to be prepared for an uptick in spoofing attacks as mobile continues to grow.”

Device spoofing remains top attack vector

Based on activity across industries for both mobile and desktop, the report also identified top attacks by transaction type. It found that spoofing, such as IP address, geolocation, identity and device spoofing is the most common attack type across all transaction attempts. More than 6 percent of attacks are from spoofed devices.

Cybercriminals are well funded and sophisticated and share information

Cybercrime continues to be a well-funded, organized business with sophisticated technology and strong knowledge sharing across organized crime rings, nation states, and decentralized cybergangs. Recent massive data breaches have resulted in an increase in attacks targeted towards businesses across all regions and industries. Cybercriminals continue to share information as well as develop tools that will help bypass the fi­rst generation fraud prevention solutions.

Using shared intelligence to fight crime: the ThreatMetrix Digital Identity Network

The only effective solution for businesses is to share information about fraud trends across their customer bases to stop cybercriminals in their tracks. ThreatMetrix delivers advanced fraud protection, frictionless authentication, and customer protection through a real-time collective response using intelligence gathered from billions of transactions in the ThreatMetrix Digital Identity Network.

To learn more, download the “ThreatMetrix Cybercrime Report: Q1 2015” eBook

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer driven-analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Digital Identity Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

ThreatMetrix Announces the “ThreatMetrix Cybercrime Report: Q1 2015,” Sees Cybercrime Surge on Backs of Breaches

Posted on May 6th, 2015 by Dan Rampe

blog-header

The Report Examines Cybercrime Attacks Detected by the ThreatMetrix® Digital Identity Network, Which Analyzes More Than One Billion Transactions Monthly

San Jose, CA – May 6, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced the availability of its “ThreatMetrix® Cybercrime Report: Q1 2015,” which examines cybercrime attacks detected by the ThreatMetrix® Digital Identity Network during Q4 2014 and Q1 2015. These attacks were detected during real-time analysis and interdiction of fraudulent online payments, logins and new account registrations.

During this period, the ThreatMetrix Digital Identity Network analyzed more than six billion transactions, with nearly one-third originating from mobile devices, and protected more than 250 million active user accounts across 3,000 customers and 15,000 websites. Through its analysis of the top customer transactions across industries, the ThreatMetrix Digital Identity Network provides unique insight into legitimate end customers’ “digital identities,” even as they move between applications, devices and networks and highlights some representative key market trends.

The number of attacks on businesses is trending up as crimeware tools gain traction providing tools to fraudsters to automate cybercrime attacks leveraging the customer data made available from breaches. As such, the ThreatMetrix Digital Identity Network is seeing more and more traffic that is cloaked – the masking of an identity. This is especially true for new account creations wherein the fraudsters use stolen identities with these tools to defraud businesses. Mobile fraud also proliferates as more users carry out transactions on their devices, with device spoofing now becoming the most popular attack vector.

Strong Growth in Online and Mobile Commerce Along with Fraud

The report highlights the trends in the 2014 holiday shopping season, which was a period of record online transactions and unprecedented number of attacks. These attacks are directly associated with the growing data breaches over the past year. Impersonation or “spoofing” attacks are now the most common threat and ThreatMetrix identifi­ed more than 11.4 million fraud attempts during peak holiday shopping. The “ThreatMetrix Cybercrime Report: Q1 2015” is the first of its kind to analyze how stolen and compromised identities are used for cybercrime.

Trust is critical for customer loyalty and e-commerce merchants had a spike in account login transactions as customers revisited retailers to view offerings/deals and make purchases. While new account creation rates were lower than other transaction types, they had two times higher instance of fraudulent transactions driven by the availability of stolen identities in the wild from massive breaches. E-commerce transactions broken down consist of the following percentages and risks:

  • One percent of transactions were account creation, with 6.7 percent high risk
  • 80 percent of transactions were account logins, with 2 percent high risk
  • 19 percent of transactions were payments, with 2.6 percent high risk

“In the wake of recent data breaches, customers’ digital debris is floating in the cyber world for fraudsters to compromise, making accurate insight into digital identities of the utmost importance for businesses, especially in the e-commerce industry,” said Vanita Pandey, senior director, strategy and product marketing at ThreatMetrix. “ThreatMetrix data shows an upswing in account takeover and identity spoofing attacks following recent massive data breaches. While guest checkouts previously represented the highest risk, due to the breadth of digital debris at cybercriminals’ fingertips, fraudsters are much more likely to use a stolen username and password combination than to use compromised credit card information, which has a shorter life span. As the volume of e-commerce transactions increase, it gives cybercriminals more places to poke and exploit. Retailers need to leverage a digital identity network to get a comprehensive view of customers to accurately differentiate between trusted and fraudulent transactions.”

Cybercrime Surges Across All Transaction Types in the Financial Services Industry

In addition to e-commerce, the “ThreatMetrix Cybercrime Report: Q1 2015” examines financial services transactions and authentication attempts. While online banking authentication transactions continue to dominate the ­financial services industry, the payment transactions increased during this period driven by the increasing adoption of alternate payment methods and bankcard authentication solutions, and increase in online money gifting during the holiday season. The impact of breaches and consumer credentials in the wild is more evident in the financial services industry, with a substantial increase in fraud rates across all transaction types. Financial services transactions broken down consist of the following percentages and risks:

  • One percent of transactions were account creation, with 2 percent high risk
  • 76 percent of transactions were account logins, with 2.6 percent high risk
  • 23 percent of transactions were payments, with 3.2 percent high risk

“On the backs of major data breaches, we’re seeing a trend in cybercriminals using more sophisticated, automated crimeware tools that are deliberately targeting first generation device identification and authentication solutions used by most financial institutions,” said Pandey. “Fraudsters are shifting from exploiting hardware and software to exploiting people – taking bits and pieces of their digital identities that have been compromised through breaches, and attempting to make transactions disguised as those individuals. As cybercriminals move to exploit financial institutions, those businesses need a more sophisticated view of their users. They need to look at their customers’ behaviors, devices and identities as a whole – the ultimate behavioral biometric.”

In both the e-commerce and financial services industries, businesses must prepare for the growth of new in-store technologies such as Europay-MasterCard-Visa (EMV) and Apple Pay with the wide adoption of the Apple Watch and other connected devices (IoT). As these technologies cut down point-of-sale fraud, the attacks will move to the online channel. Global shared intelligence will be crucial as businesses prepare for the 2015 holiday season.

Media Industry Continues to See Highest Percentage of High-Risk Transactions

The analysis of transactions from the media industry, consisting of social media, content streaming and online dating websites, show a strong growth in payment transactions through media organizations while the overall fraud levels continue to be higher than other industries. Illegal access to content outside of approved geographies, combined with spamming and fraudulent bot-driven account creation, represent the key drivers of fraudulent transactions in the media space. Broken down, media consist of the following percentages and risks:

  • 22 percent of transactions were account creation, with 3.8 percent high risk
  • 26 percent of transactions were account logins, with 6.2 percent high risk
  • 52 percent of transactions were payments, with 4 percent high risk

“From a fraudster’s perspective, social media is the gas station of the connected world,” said Pandey. “It provides a quick and easy way to assess the validity of a stolen credit card or credentials. The media industry has the highest incidence rate of high-risk transactions due to the low authentication threshold – often only consisting of a username and password combination. These identities are easily compromised, especially following a significant number of data breaches, as many people use the same login credentials across websites.”

Mobile Represents One-Third of All Activity in The ThreatMetrix Digital Identity Network

Mobile usage represents nearly one-third of all activity on the ThreatMetrix Digital Identity Network and continues to grow as more and more consumers use their mobile phone, tablets and connected devices (such as the Apple Watch) to access content, make purchases, conduct banking transactions and pay bills.

ThreatMetrix analyzes mobile transactions from more than 200 countries and territories across the globe with consumers from emerging economies conducting a much higher percentage of transactions from mobile devices. The report found that the growth in mobile brought more mobile attacks, with spoofi­ng being most prevalent. However, the attack volumes are still lower than desktop as mobile devices are not conducive to massive fraud attacks.

“While desktop fraud still dominates, as mobile usage continues to grow, especially in emerging markets, the channel will eventually see new, sophisticated criminals targeting mobile transactions,” said Pandey. “With businesses focused on lowering consumer friction on mobile, fraudsters are increasingly targeting mobile platforms and devices to spoof identities. Businesses need to be prepared for an uptick in spoofing attacks as mobile continues to grow.”

Device Spoofing Remains Top Attack Vector

Leveraging activity across industries, mobile and desktop, the report also identified the top attacks by transaction type and found spoofing, such as IP address, geolocation, identity and device spoofing to be the most common attack types across all transaction attempts. Device spoo­fing remains the top attack vector, with more than six percent of transactions. As crimeware tools gain traction, the ThreatMetrix Digital Identity Network is seeing more and more traffic that is cloaked, especially for new account creation wherein the fraudsters use stolen identities along with these tools to defraud businesses.

Cybercrime continues to be a well-funded, organized business with sophisticated technology and strong knowledge sharing across organized crime rings, nation states, and decentralized cyber gangs. Recent massive data breaches have resulted in an increase in attacks targeted towards businesses across all regions and industries. Cybercriminals continue to share information as well as develop tools that will help bypass the fi­rst generation fraud prevention solutions. The only effective solution for businesses is to share information about fraud trends across their customer bases to stop cybercriminals in their tracks. ThreatMetrix delivers advanced fraud protection, frictionless authentication, and customer protection through a real-time collective response using intelligence gathered from billions of transactions in the ThreatMetrix Digital Identity Network.

To learn more, download the “ThreatMetrix Cybercrime Report: Q1 2015” eBook

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer driven-analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Digital Identity Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
Walker Sands Communications
Tel: 312-241-1178
Email: beth.kempton@walkersands.com

 

The Great Retailer vs. Credit Union Dust Up

Posted on May 5th, 2015 by Dan Rampe

EMV

A Retail Group Suggesting Slowing Implementation of New Secure Cards and Holding Off a Shift in Payment Fraud Liability Sets Off War of Words

The switchover to EMV cards is not a matter of black-and-white. Perhaps there aren’t fifty shades of gray, but there are definitely gray areas that need exploring. For instance, will cybercriminals abandon point of sale (PoS) fraud only to turn their attention to online fraud?

In a ThreatMetrix news release, “Six Months Ahead of EMV Chip Deadline, ThreatMetrix Offers Strategies to Protect Against Expected Increase in Online Fraud,” ThreatMetrix’s chief products officer advised that “from a consumer perspective, the shift to EMV is good news as it will make it harder for cybercriminals to counterfeit credit cards and conduct fraudulent purchases in stores. But from an online merchant perspective, as it becomes more difficult for cybercriminals to monetize on counterfeit cards, their goals are now going to shift to using stolen credit card data through online channels. Right now – ahead of the October deadline – is the time for retailers to start implementing systems that look at cybercrime in context to combat the growing breadth and intelligence of fraud following the widespread adoption of EMV in the U.S.”

And there are other issues that have cropped up like the one that has credit unions and retailers throwing verbal darts at each other. Specifically, who gets stuck with the tab when payment fraud does occur? In her piece on thehill.com, Elise Viebeck talks about what happened when the Food Marketing Institute (FMI) told card networks it would be a good idea to delay plans to shift liability for payment fraud to parties using “the least-secure” technology. The following has been excerpted from her piece and edited to fit our format. You may find the full article by clicking on this link.

The war of words begins

The letter [from FMI] prompted a fierce response from the National Association of Federal Credit Unions (NAFCU), which criticized the group’s request in a letter to top lawmakers. “FMI is more concerned about the cost of complying with the EMV standards and how quickly they can process transactions than it is about consumers and doing everything they can to protect their customers from future breaches,” wrote NAFCU President and CEO Dan Berger. “FMI’s delay tactic is remarkable given the extraordinary number of merchant and retailer breaches that have occurred in recent months.”

Oh yeah!

[The] Retail Industry Leaders Association (RILA) fired back at the NAFCU, accusing financial institutions of rolling out chip-and-signature cards as opposed to chip-and-pin cards, which it called more secure. “Chip and PIN cards have become the mainstay in the rest of the industrialized world, sharply reducing fraud and cyber-attacks, while unfortunately making U.S. retailers and consumers the prime target for would-be hackers and credit thieves around the globe,” the group said. “NAFCU and others in the financial services industry have yet to adequately explain why they refuse to use readily available and proven technology to safeguard American consumers.” The RILA also said it has not called for a delay of the liability date.

The bottom line is who’s picking up the tab?

Financial institutions and retailers have long been at odds over who is responsible for data breaches and what should be done to fight them.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

Looking for White House Gossip, Golf Scores? Ask a Russian.

Posted on May 4th, 2015 by Dan Rampe

White House

White House, State Department Computer Systems Breached by Russian Hackers Who Got to Read Some of the President’s Emails

One look at the content of your business email (okay our business email since you’re such a paragon of virtue) shows that not every correspondence is related to business. So there’s no reason to suspect that people in the White House and State Department are any different — other than maybe they don’t work as hard.

Still, though the hacked computer systems did not contain classified information and no classified networks were compromised, Michael S. Schmidt and David E. Sanger write in their nytimes.com story that the hack “was far more intrusive and worrisome than has been publicly acknowledged.” In their far ranging article, Schmidt and Sanger detail the dangers these latest intrusions could pose. The following has been excerpted from their piece and edited to fit our format. You may find the complete, unedited article by clicking on this link.

Unclassified net may contain sensitive material

Many senior officials have two computers in their offices, one operating on a highly secure classified network and another connected to the outside world for unclassified communications. But officials have conceded that the unclassified system routinely contains much information that is considered highly sensitive: schedules, email exchanges with ambassadors and diplomats, discussions of pending personnel moves and legislation, and, inevitably, some debate about policy.

President’s emails — an interesting read?

Officials did not disclose the number of Mr. Obama’s emails that were harvested by hackers, nor the sensitivity of their content. The president’s email account itself does not appear to have been hacked. Aides say that most of Mr. Obama’s classified briefings — such as the morning Presidential Daily Brief — are delivered orally or on paper (sometimes supplemented by an iPad system connected to classified networks) and that they are usually confined to the Oval Office or the Situation Room.

Russian around

Still, the fact that Mr. Obama’s communications were among those hit by the hackers — who are presumed to be linked to the Russian government, if not working for it — has been one of the most closely held findings of the inquiry. Senior White House officials have known for months about the depth of the intrusion.

“This has been one of the most sophisticated actors we’ve seen,” said one senior American official briefed on the investigation.

Others confirmed that the White House intrusion was viewed as so serious that officials met on a nearly daily basis for several weeks after it was discovered. “It’s the Russian angle to this that’s particularly worrisome,” another senior official said.

Chinese vs. Russian hackers

While Chinese hacking groups are known for sweeping up vast amounts of commercial and design information, the best Russian hackers tend to hide their tracks better and focus on specific, often political targets. And the hacking happened at a moment of renewed tension with Russia — over its annexation of Crimea, the presence of its forces in Ukraine and its renewed military patrols in Europe, reminiscent of the Cold War.

Not the first attack

Mr. Obama is no stranger to computer-network attacks: His 2008 campaign was hit by Chinese hackers. Nonetheless, he has long been a frequent user of email, and publicly fought the Secret Service in 2009 to retain his BlackBerry, a topic he has joked about in public. He was issued a special smartphone, and the list of those he can exchange emails with is highly restricted.

Eviction notice

The discovery of the hacking in October led to a partial shutdown of the White House email system. The hackers appear to have been evicted from the White House systems by the end of October. But they continued to plague the State Department, whose system is much more far-flung. The disruptions were so severe that during the Iranian nuclear negotiations in Vienna in November, officials needed to distribute personal email accounts, to one another and to some reporters, to maintain contact.

Earlier this month, officials at the White House said that the hacking had not damaged its systems and that, while elements had been shut down to mitigate the effects of the attack, everything had been restored.

Mum’s the word

One of the curiosities of the White House and State Department attacks is that the administration, which recently has been looking to name and punish state and nonstate hackers in an effort to deter attacks, has refused to reveal its conclusions about who was responsible for this complex and artful intrusion into the government. That is in sharp contrast to Mr. Obama’s decision, after considerable internal debate in December, to name North Korea for ordering the attack on Sony Pictures Entertainment, and to the director of national intelligence’s decision to name Iranian hackers as the source of a destructive attack on the Sands Casino.

But the breach of the president’s emails appeared to be a major factor in the government secrecy. “All of this is very tightly held,” one senior American official said, adding that the content of what had been breached was being kept secret to avoid tipping off the Russians about what had been learned from the investigation.

Golf and nukes

Mr. Obama is known to send emails to aides late at night from his residence, providing them with his feedback on speeches or, at times, entirely new drafts. Others say he has emailed on topics as diverse as his golf game and the struggle with Congress over the Iranian nuclear negotiations.

Jwics where classified docs go

The White House, the State Department, the Pentagon and intelligence agencies put their most classified material into a system called Jwics, for Joint Worldwide Intelligence Communications System. That is where top-secret and “secret compartmentalized information” traverses within the government, to officials cleared for it — and it includes imagery, data and graphics. There is no evidence, senior officials said, that this hacking pierced it.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

White House Selling. Silicon Valley Buying?

Posted on May 1st, 2015 by Dan Rampe

Snowden

Defense Secretary Tours Valley Looking for Buy-in on New Computer Military Strategy and Rebuilding Trust Post-Snowden Revelations

To borrow a basketball analogy — and what better time than during the NBA playoffs — the White House has been doing a full-court press to impress the Valley’s movers and shakers in both business and academia. In their article on nytimes.com, David E. Sanger and Nicole Perlroth examine the White House’s efforts to form a new military cyberstrategy and rebuild trust that’s been shaken by Snowden’s NSA disclosures.

Investing in start-ups and looking for talent

[Defense Secretary] Ashton B. Carter, toured Silicon Valley…to announce a new military strategy for computer conflict, starting the latest Pentagon effort to invest in promising start-ups and to meet with engineers whose talent he declared the Pentagon desperately needed in fending off the nation’s adversaries.

Whom do you trust?

Mr. Carter immediately acknowledged, though, the need to rebuild trust with Silicon Valley, whose mainstays — like Apple, Google and Facebook…have spent two years demonstrating to customers around the world that they are rolling out encryption technologies to defeat surveillance. That, of course, includes blocking the National Security Agency, a critical member of the military-intelligence community.

“I think that people and companies need to be convinced that everything we do in the cyber domain is lawful and appropriate and necessary,” Mr. Carter told students and faculty at Stanford.

Ask not what your country can do for you

He urged the next generation of software pioneers and entrepreneurs to take a break from developing killer apps and consider a tour of service fending off Chinese, Russian and North Korean hackers, even as he acknowledged that the documents leaked by Edward J. Snowden, the former intelligence contractor, “showed there was a difference in view between what we were doing and what people perceived us as doing.”

Doubters

[Jeh Johnson], the secretary of Homeland Security, and a group of other government officials ran into a buzz saw of skepticism at the world’s largest conference of computer security professionals….Those officials argued for some kind of technical compromise to allow greater security of electronic communications while enabling the F.B.I. and intelligence agencies to decode the emails and track the web activities of suspected terrorists or criminals. Yet many among the computer security professionals at the conference argued that no such compromise was possible, saying that such a system would give Russians and Chinese a pathway in, too, and that Washington might abuse such a portal.

No compromise. No access

Not long after Mr. Johnson declared that “encryption is making it harder for your government to find criminal activity and potential terrorist activity,” large numbers of entrepreneurs and engineers crammed into the first of several seminars, called “Post-Snowden Cryptography.” There, they took notes as the world’s best code makers mocked the Obama administration’s drive for a “technical compromise” that would ensure the government some continued access.

Everybody’s going to want a key

Ronald Rivest, one of the inventors of a commonly used encryption algorithm, took on the arguments by Mr. Johnson and other senior officials, including John P. Carlin, the head of the Justice Department’s national security division, that the best minds in Silicon Valley could find a way to ensure legal government access while still assuring users that communications and data stored in their iPhones and the cloud are safe. “There are lots of problems with these ideas,” Mr. Rivest said. “We live in a global information system now, and it’s not going to be just the U.S. government that wants a key. It’s going to be the U.K., it’s going to be Germany, it’s going to be Israel, it’s going to be China, it’s going to be Iran, etc.”

Trust us. We want you to make money

One of Mr. Johnson’s deputies, Phyllis Schneck [revealed] the government’s plans for real-time monitoring and blocking of malware flowing through the Internet, urging private industry to help. “We want you to make money,” said Ms. Schneck, a former chief technology officer at McAfee Inc….. Many in the crowd, though, said they worried whether the government would turn any malware-monitoring system to other uses.

Technology outpacing agreements

Mr. Obama’s cybercoordinator, Michael Daniel, who has been trying to preside over the unwieldy administration debate over encryption rules, was meeting executives in private and calling in public for “cybernorms of behavior” that could constrain the kind of hackers who attacked American corporations, the White House, the State Department and the Pentagon. But he acknowledged that this was an area where the grindingly slow wheels of diplomacy were being outpaced by technological development.

Banks, Silicon Valley giants and security companies on front lines of cyberwar

Mr. Carter, in his Stanford talk, noted that past wars were fought state to state. But in computer conflict, he said, the most sophisticated threats and weapons are seen by banks, security firms and Silicon Valley companies like Apple, Google, Yahoo, Twitter and Facebook that serve as conduits for the world’s communications. That is data Washington most needs.

The Snowden aftereffect

Yet nearly two years after the Snowden revelations, many companies are as reluctant as ever to give the government any information unless they are compelled to do so, particularly as they try to convince foreign customers in global markets that they are doing everything they can to keep Washington at a distance.

The President seeks balance

Mr. Obama, on a trip to Stanford in February, had expressed sympathy with those who were striving to protect privacy, even while saying it had to be balanced against the concerns of the F.B.I. and other agencies that fear “going dark” because of new encryption technologies. (Apple says that with its new iPhone operating system, it has no way to decode data in phones, even if given a court order.) Mr. Obama’s aides say decisions about how to resolve these differences are still months away.

Split-key. Court order

With so much more data at stake, and attacks so frequent, cryptographers say the need for encryption is greater than ever. One proposal, by Adm. Michael S. Rogers, the head of the National Security Agency, is to develop a split-key system in which companies hold half and the government, or some outside agent, holds the other half of the key to unlock encrypted communications. The two would be put together only with approval of a court. But many computer security experts reject that idea, saying it would leave too much room for theft and would motivate other governments to require the same.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

Fraud and Security Pros to Meet at ThreatMetrix Cybercrime Prevention Summit 2015

Posted on April 30th, 2015 by Dan Rampe

Blog-Header

5th Annual Summit Has Experts from Around the World Discussing Collaborative Strategies to Fight Evolving Cybercrime

Themed “Connect and Collaborate,” the ThreatMetrix® Cybercrime Prevention Summit 2015, the largest of its kind, will bring together 250 cybersecurity experts from around the globe to exchange ideas on the latest trends in cybersecurity, shared intelligence, protection against mobile fraud and improvement of online trust and Internet security. The fifth annual Summit runs from October 7-9 at the Silverado Resort & Spa in Napa, the heart of California wine country.

2014: breaches happening at unprecedented rate

There were major breaches in almost every sector — healthcare, financial services, retail, government, military and other industries. The Identity Theft Resource Center tracked a record 780 plus breaches – a 27.5 percent increase over the number of breaches reported in 2013. Faced with this ongoing assault, the summit will focus on how businesses and consumers can leverage a collective approach to cybersecurity.

The ThreatMetrix Digital Identity Network: leading a collaborative approach to defeating fraud and data breaches

Processing more than one billion online transactions each month, the ThreatMetrix Digital Identity Network, the world’s largest, enables ThreatMetrix customers across industries to access the most comprehensive world-wide data and analysis available to combat cybercrime.

Bert Rankin, ThreatMetrix chief marketing officer, on the best way to combat fraud

“The fallout from a record high in data breaches last year has made it challenging for businesses to protect their employees and customers from fraud on various levels. The best way to combat fraud in the wake of these breaches is to bring together all aspects of customers’ and employees’ online devices and behaviors into one unique digital identity. By connecting with experts and peers, summit attendees will hear specific insights on the most recent cyber attacks identified through the ThreatMetrix Digital Identity Network and the best practices being used to deter them.”

For Summit attendees an opportunity to connect and collaborate with experts in fraud prevention and cybersecurity

Through a variety of activities, attendees will be able to get a clearer understanding of the most recent cyberthreats and take their respective companies’ best practices to the next level.

Summit subjects

Topics at the Summit include finding ways to reduce online payment fraud, account takeover, identity spoofing and other forms of cybercrime. And, attendees will include experts and senior fraud and cybercrime prevention professionals from the world’s leading online businesses, representing financial services, e-commerce, social networks, government, insurance and other industries.

Attending: key members of the ThreatMetrix executive and professional services team

Sharing insights and trends identified through the ThreatMetrix Digital Identity Network will be key members of the ThreatMetrix team. In addition, industry experts including Julie Conroy, research director for Aite Group’s Retail Banking practice, will speak at the Summit on ongoing research regarding fraud, data security and other market data.

Attendance at the Summit limited to 250

To foster personal interactions, attendance at the ThreatMetrix Cybercrime Prevention Summit 2015 will be limited to 250 attendees. To learn more or to register, please visit: http://cybercrimepreventionsummit.com/.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer driven-analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Digital Identity Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

ThreatMetrix to Host the Fifth Annual Cybercrime Prevention Summit 2015

Posted on April 30th, 2015 by Dan Rampe

Blog-Header

The Summit Brings Together Industry Experts to Discuss Collaborative Strategies
for Businesses and Consumers to Combat Evolving Cybercrime Threats

San Jose, CA – April 30, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced the ThreatMetrix® Cybercrime Prevention Summit 2015, themed “Connect and Collaborate.” The fifth annual summit will take place October 7-9 at the Silverado Resort & Spa, Napa, Calif.

The ThreatMetrix Cybercrime Prevention Summit 2015 is the largest of its kind, bringing together 250 cybersecurity experts from around the globe to “Connect and Collaborate” on the latest trends in cybersecurity, shared intelligence, protection against mobile fraud and improvement of online trust and Internet security.

During 2014 major breaches in healthcare, financial services, retail, government, military and other industries continued to increase. The Identity Theft Resource Center tracked a record high number of data breaches in 2014, with more than 780 breaches – a 27.5 percent increase over the number of breaches reported in 2013. Faced with the continued escalation in online attacks, the summit will focus on how businesses and consumers can leverage a collective approach to cybersecurity. A collaborative approach to cybercrime prevention will become even more important as cybercriminals have access to even more ways to easily commit fraud than ever before.

The ThreatMetrix® Digital Identity Network, the world’s largest trusted identity network, which is currently processing more than one billion online transactions each month, enabling ThreatMetrix customers across industries to access the most comprehensive world-wide data and analysis available to combat cybercrime.

“The fallout from a record high in data breaches last year has made it challenging for businesses to protect their employees and customers from fraud on various levels,” said Bert Rankin, chief marketing officer, ThreatMetrix. “The best way to combat fraud in the wake of these breaches is to bring together all aspects of customers’ and employees’ online devices and behaviors into one unique digital identity. By connecting with experts and peers, summit attendees will hear specific insights on the most recent cyber attacks identified through the ThreatMetrix Digital Identity Network and the best practices being used to deter them.”

The conference will connect industry experts, technologists and other fraud prevention and cybersecurity practitioners to connect and collaborate in an informal environment. During the summit, attendees will have the chance to make direct, meaningful connections through various activities to better understand the most recent cyber threats and take their company’s best practices to the next level.

The information and experiences at the ThreatMetrix Cybercrime Prevention Summit are valuable for anyone interested in finding ways to reduce online payment fraud, account takeover, identity spoofing and other forms of cybercrime. Attendees include experts and senior fraud and cybercrime prevention professionals from the world’s leading online businesses, representing financial services, e-commerce, social networks, government, insurance and other industries.

During this year’s summit, key members of the ThreatMetrix executive and professional services team will share insights and trends identified through the ThreatMetrix Digital Identity Network. In addition, industry experts including Julie Conroy, research director for Aite Group’s Retail Banking practice will speak at the summit. Conroy will present on ongoing research regarding fraud, data security and other market data to promote discussion among the event attendees.

To maintain intimacy and foster personal interactions, attendance at the ThreatMetrix Cybercrime Prevention Summit 2015 will be limited to 250 attendees. To learn more or to register, please visit: http://cybercrimepreventionsummit.com/.

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer driven-analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Digital Identity Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
Walker Sands Communications
Tel: 312-241-1178
Email: beth.kempton@walkersands.com

Not Just Numbers

Posted on April 29th, 2015 by Dan Rampe

Anthem

Often Overlooked in the Anthem and Premera Breaches That Compromised Tens of Millions Are Individual Victims. These Are Some of Their Stories.

Seen People’s Court? The opening has the announcer intoning “Real cases. Real people.” Forgotten among the tens of millions who’ve had their information compromised, but haven’t been affected…yet…are the cases of “real people” who’ve had their lives turned upside down by identity theft.

On truth-out.org, which co-published with USA Today, Charles Ornstein, writing for ProPublica, which describes itself as an independent nonprofit newsroom for investigative journalism in the public interest, puts the Anthem and Premera breaches in “human terms.” He does so by relating stories of individuals who’ve suffered identity theft as a result of these attacks. The following has been excerpted from his truth-out.org piece and edited to fit our format. You may find the full article by clicking on this link.

Knowing the score doesn’t ensure you won’t be a victim

[A] company’s privacy officer didn’t realize that health insurer Anthem even had her data. “It gives you a new perspective when you’re actually one of the folks whose data is disclosed.”

[Rebecca Fayed’s company provides research, technology and consulting services to health care and higher education organizations.] As the privacy officer for The Advisory Board Co., Rebecca Fayed knows a thing or two about privacy and what can happen when it’s violated. But when Fayed received a letter telling her that she, like nearly 80 million others, was the victim of a hacking attack on health insurer Anthem Inc., she couldn’t figure out why. Anthem wasn’t her insurance provider.

“I had no idea that Anthem even had my data,” Fayed told a gathering of privacy professionals recently at the National HIPAA Summit in Washington, D.C. “I went running around the house, ‘Why does Anthem have my data?'”

Fayed soon figured out the connection: Her previous insurer, a Blue Cross plan, was affiliated with Anthem in some way. Whoever hacked Anthem’s records accessed names, Social Security numbers, dates of births, addresses and more going back a decade.

But they weren’t covered by Anthem or Premera

Julie Grimley, 46, a content editor for an educational software startup, initially assumed the Anthem breach wouldn’t affect her because her family had coverage through CareFirst BlueCross BlueShield. Then she got letters informing her that her data, along with that of her husband and 15-year-old daughter, might have been compromised.

“At this point, I’m not sure what the best thing” to do is, said Grimley…”I really don’t.”

What about her college-age daughter?

Grimley said she is most worried about her daughter. “She’s already starting the college process,” she said. “Her life is starting. This could be really serious. I should be worried about me too but we’re established. … I’ve read horror stories and think, ‘Oh my gosh.'”

Lightning strikes twice

Bethesda, Md., resident Eric Forseter and his family managed to fall victim to both the Anthem and the Premera hackings.

Forseter’s wife and son received letters…from their health insurer Premera telling them that some of their information—but not their Social Security numbers–was compromised in the Anthem breach. Days later, they received additional letters saying they also were victims of Premera’s own breach, which affected not only Social Security numbers, but also medical claims information.

Forseter, 40, who works for an IT security and identity management company, said he doesn’t know how his family’s information got ensnared in the Anthem breach but suspects it may have happened because his son had to see a doctor while in New York. He’s gotten nowhere when he’s called the insurers’ customer- service line for answers.

“I don’t think they really know half the stuff that’s happening,” he said. “Unfortunately they’re reading a canned script and all they want to do is say, ‘Well, sorry.'”

Forseter said he is considering legal action against the insurers for failing to safeguard his family’s information. He called the offer of two years of credit monitoring inadequate.

“If data was stolen then sold and sold many times over, then potentially three to five to 10 years from now, that data could be used and I’d have to pay for my own coverage and I’m at risk,” he said. “I’m responsible for covering it.”

Lightning strikes “more than” twice

For some victims, the Anthem and Premera breaches have been all too familiar.

Bill Speaks, 61, who works in mainframe software for the U.S. Department of Interior in Colorado, said he was also a victim of the Home Depot hacking attack last year, as well as one involving his bank, and he believes he was also a victim of the Target hack. Moreover, he said, his driver’s license was stolen when he had surgery at a hospital about three years ago. That may have resulted in someone opening up an account and running up charges in his name, he said.

Speaks said he’s fed up.

“No one is looking out for us and no one at the higher levels of these organizations are suffering any consequences because of their lax security,” he said.

What have the insurers done?

Anthem spokesman Darrel Ng said the company finished mailing letters notifying those affected …. The process took two months because of the number of people affected and to not overwhelm its credit-monitoring vendor, AllClear. “Anthem initially started by sending out 1.5 million letters a day and eventually ramped up to about 2.5 million per day.”

Anthem said it has tried to reach people in other ways, including by email and through a website, AnthemFacts.com. Ng said he did not know how many people had signed up for the credit monitoring, but anyone can seek help in clearing up credit reports and contesting false charges for the next two years.

Premera also has set up a website with information, premeraupdate.com. It has notified 6 million members in Washington and Alaska affected by the breach and is working to notify members of other Blue Cross plans if they sought care in those states. As of April 1, more than 194,000 people had enrolled in credit monitoring, Premera spokeswoman Melanie Coon said by email.

Did Anthem and Premera do all they could?

The Department of Health and Human Services’ Office for Civil Rights, which oversees compliance with federal patient privacy law, is investigating the Anthem and Premera breaches. If the agency determines the insurers did not take adequate steps to protect members’ health information, it could impose steep fines.

A right to be nervous

Ann Patterson, senior vice president and program director for the Medical Identity Fraud Alliance, an industry group, said consumers are right to be nervous. Medical identity theft poses a more serious risk than credit card fraud. “You really can’t change your birth date. So when that kind of information is out there, the type of fraud that is perpetrated in the health care sense involves your wellbeing, your life.”

Patterson recommends that consumers take several steps if they have been affected. First, they should sign up for the free credit monitoring, which alerts people to possible suspicious activity if it happens. “If you became a victim, you would be notified as soon as possible,” she said, noting that it doesn’t prevent fraud. Beyond that, consumers should review all insurance forms, hospital bills and other medical correspondence they receive. If something doesn’t look right, don’t throw it out, Patterson said; make a phone call to clarify what has been sent.

“Some reason people think, ‘I was not the patient, so why should I call that hospital?’ Definitely call the provider and the health plan to make [sure] both parties know that you are not the patient. You should report it to your local law enforcement so you have a record that it was reported from a legal standpoint.”

ThreatMetrix: a caution and solutions

In his blog, The Anthem Tipping Point Reed Taussig, ThreatMetrix® president and CEO advised, “The most valuable data stores for fraudsters are stolen patient records that are associated with a valid health insurance policy. While most enterprises continue to focus on securing their internal networks, what is really required is broad adoption and use of secure, anonymized global shared intelligence that will identify what for and where those 90 million stolen identities are being used.”

Alisdair Faulkner, ThreatMetrix chief products officer, notes, “When Anthem and Premera sneezed, the cybersecurity industry caught a cold. Most organizations are focusing purely within their own networks, but the board room needs to be aware that these massive data breaches are just a precursor to the main event – a systemic and continuous attack on their customer and employee authentication, fraud and identity systems. To do a credible job defending against stolen identities, organizations need better risk intelligence based on anonymized shared intelligence to differentiate between trusted users and cyber threats.”

Find more in the ThreatMetrix news release, Anthem and Premera Healthcare Breaches Were Preventable: Protection Beyond Encryption: ThreatMetrix Strategies for Preventing Cybercrime in Healthcare and Other Industries

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

Biting off More Than You Can Chew: Why Biometrics Aren’t the Future

Posted on April 28th, 2015 by Dan Rampe

Standard-Header-Tony

Recently a senior PayPal evangelist gave a rather controversial interview to the Wall Street Journal. In it, he appeared to suggest a radical alternative to password-based authentication systems: biometrics generated by devices ingested or embedded under the user’s skin. Now, it’s true that passwords should no longer be used by any online provider serious about security. And it’s always interesting to hear new approaches to user authentication.

But organisations need an answer today to the mounting problem of online fraud. It needs to be fast, affordable, frictionless and accurate. And in those respects, biometrics just don’t deliver.

So why isn’t biometric technology the answer?

The problem with biometrics

On paper, the prospect of biometrics like embedded wireless chips monitoring ECG readings, or ingestible capsules that can detect glucose levels, sounds like a decent idea. After all, the readings they then transmit should be unique to that person – surmounting problems of false positives and false negatives. LeBlanc even suggested that batteries for such systems could be powered by stomach acid. At last, a fully internalised, unhackable “natural body identification” system to put “users in charge of their own security”. Right?

Well, not really.

The main issue many people have with biometrics is that they rely on something that should be unhackable – impossible to simulate or crack. But if cyber criminals do find a way of doing so – and they’ve proven themselves to be a pretty resourceful bunch thus far – then what? You might be able to reset your password pretty easily after a phishing attack, but what about your heart rate? Or your glucose levels?

The next major barrier is the users themselves. Security versus usability is a tough balance at the best of times. How much tougher will it be to sell such invasive authentication systems if the user is basically happy with the level of security they get with a regular fingerprint scan or a phone based one-time passcode system?

Why context-based wins

I’m not dismissing the work of PayPal and others to improve on password-based verification. But too many question marks remain over biometrics – even the systems that are closer to reality than the hypothetical scenarios painted by LeBlanc. Whether your business is in e-commerce, social media, banking, insurance or another sector – you need fast, reliable, friction-free two factor authentication that works … today.

The key for organisations going forward is to seek out systems which can work in the background, completely invisible to the user, checking things like device identity, malware, and use of ToR or other obfuscation methods favoured by cybercriminals. They’ll be able to check against a series of unique attributes associated with that user comprised of log-in habits, typical locations, user IDs, email addresses, phone numbers, shipping information etc, and flag a suspect transaction even if the person is using valid (but stolen) credentials.

Futuristic biometrics will always grab the headlines. But context-based authentication is where the smart money’s already being spent, to cut fraud and keep customers happy.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

ThreatMetrix a Winner in 3 Info Security Products Guide 2015 Global Excellence Awards’ Categories

Posted on April 27th, 2015 by Dan Rampe

Awards

ThreatMetrix Takes Home More Awards! Wins 3 Bronzes and Is Honored by the Info Security Products Guide at RSA

During RSA, the security industry honored some of the best companies, executives and products in the world with Info Security Products Guide 2015 Global Excellence Awards.

Winner in 3 Info Security Products Guide 2015 Global Excellence Awards’ categories

ThreatMetrix took Bronzes for the Most Innovative Security Software (Product) of the Year, Most Innovative Company of the Year (Security), and Innovation in Enterprise Security.

Other honors ThreatMetrix received in 2015

  • Winner of the 2015 Cyber Defense Magazine Awards for Best Anti-Malware and Hot Company in Multi-Factor Authentication
  • Named to the 2015 OnCloud Top 100 private companies list
  • The Channel Company’s CRN 100 Coolest Cloud Computing Vendors of 2015

Bert Rankin, ThreatMetrix chief marketing officer, on the company’s pioneering efforts

“Recognition by the Info Security Products Guide serves as validation of our continued efforts to stay one step ahead of cybercriminals by leveraging global shared intelligence,” said Bert Rankin, chief marketing officer at ThreatMetrix. “Given the sophistication of today’s cybercriminals, no business or individual can stand alone in the fight against cybercrime and ThreatMetrix is pioneering efforts to securely and anonymously share threat intelligence across business boundaries.”

During RSA ThreatMetrix announced its Digital Identity Network

The ThreatMetrix Digital Identity Network, the largest network of its kind in the world, creates an anonymized digital identity of consumers based on device, persona and behavior from every transaction, account creation and account login.

Analyzing more than a billion transactions each month to stop cybercrime

Leveraging the ThreatMetrix Digital Identity Network, ThreatMetrix analyzes more than one billion transactions each month to differentiate between fraudulent and authentic account creations, logins and transactions.

Less friction for a better customer experience

ThreatMetrix offers the only frictionless cybersecurity solution that combines enhanced mobile identification, location-based authentication, endpoint intelligence, behavior intelligence and real-time trust analytics into a powerful, context-based authentication and fraud prevention solution.

For a full list of 2014 Global Excellence Awards winners, go to: http://www.infosecurityproductsguide.com/world/

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.