The Great Retailer vs. Credit Union Dust Up

Posted on May 5th, 2015 by Dan Rampe

EMV

A Retail Group Suggesting Slowing Implementation of New Secure Cards and Holding Off a Shift in Payment Fraud Liability Sets Off War of Words

The switchover to EMV cards is not a matter of black-and-white. Perhaps there aren’t fifty shades of gray, but there are definitely gray areas that need exploring. For instance, will cybercriminals abandon point of sale (PoS) fraud only to turn their attention to online fraud?

In a ThreatMetrix news release, “Six Months Ahead of EMV Chip Deadline, ThreatMetrix Offers Strategies to Protect Against Expected Increase in Online Fraud,” ThreatMetrix’s chief products officer advised that “from a consumer perspective, the shift to EMV is good news as it will make it harder for cybercriminals to counterfeit credit cards and conduct fraudulent purchases in stores. But from an online merchant perspective, as it becomes more difficult for cybercriminals to monetize on counterfeit cards, their goals are now going to shift to using stolen credit card data through online channels. Right now – ahead of the October deadline – is the time for retailers to start implementing systems that look at cybercrime in context to combat the growing breadth and intelligence of fraud following the widespread adoption of EMV in the U.S.”

And there are other issues that have cropped up like the one that has credit unions and retailers throwing verbal darts at each other. Specifically, who gets stuck with the tab when payment fraud does occur? In her piece on thehill.com, Elise Viebeck talks about what happened when the Food Marketing Institute (FMI) told card networks it would be a good idea to delay plans to shift liability for payment fraud to parties using “the least-secure” technology. The following has been excerpted from her piece and edited to fit our format. You may find the full article by clicking on this link.

The war of words begins

The letter [from FMI] prompted a fierce response from the National Association of Federal Credit Unions (NAFCU), which criticized the group’s request in a letter to top lawmakers. “FMI is more concerned about the cost of complying with the EMV standards and how quickly they can process transactions than it is about consumers and doing everything they can to protect their customers from future breaches,” wrote NAFCU President and CEO Dan Berger. “FMI’s delay tactic is remarkable given the extraordinary number of merchant and retailer breaches that have occurred in recent months.”

Oh yeah!

[The] Retail Industry Leaders Association (RILA) fired back at the NAFCU, accusing financial institutions of rolling out chip-and-signature cards as opposed to chip-and-pin cards, which it called more secure. “Chip and PIN cards have become the mainstay in the rest of the industrialized world, sharply reducing fraud and cyber-attacks, while unfortunately making U.S. retailers and consumers the prime target for would-be hackers and credit thieves around the globe,” the group said. “NAFCU and others in the financial services industry have yet to adequately explain why they refuse to use readily available and proven technology to safeguard American consumers.” The RILA also said it has not called for a delay of the liability date.

The bottom line is who’s picking up the tab?

Financial institutions and retailers have long been at odds over who is responsible for data breaches and what should be done to fight them.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

 

Looking for White House Gossip, Golf Scores? Ask a Russian.

Posted on May 4th, 2015 by Dan Rampe

White House

White House, State Department Computer Systems Breached by Russian Hackers Who Got to Read Some of the President’s Emails

One look at the content of your business email (okay our business email since you’re such a paragon of virtue) shows that not every correspondence is related to business. So there’s no reason to suspect that people in the White House and State Department are any different — other than maybe they don’t work as hard.

Still, though the hacked computer systems did not contain classified information and no classified networks were compromised, Michael S. Schmidt and David E. Sanger write in their nytimes.com story that the hack “was far more intrusive and worrisome than has been publicly acknowledged.” In their far ranging article, Schmidt and Sanger detail the dangers these latest intrusions could pose. The following has been excerpted from their piece and edited to fit our format. You may find the complete, unedited article by clicking on this link.

Unclassified net may contain sensitive material

Many senior officials have two computers in their offices, one operating on a highly secure classified network and another connected to the outside world for unclassified communications. But officials have conceded that the unclassified system routinely contains much information that is considered highly sensitive: schedules, email exchanges with ambassadors and diplomats, discussions of pending personnel moves and legislation, and, inevitably, some debate about policy.

President’s emails — an interesting read?

Officials did not disclose the number of Mr. Obama’s emails that were harvested by hackers, nor the sensitivity of their content. The president’s email account itself does not appear to have been hacked. Aides say that most of Mr. Obama’s classified briefings — such as the morning Presidential Daily Brief — are delivered orally or on paper (sometimes supplemented by an iPad system connected to classified networks) and that they are usually confined to the Oval Office or the Situation Room.

Russian around

Still, the fact that Mr. Obama’s communications were among those hit by the hackers — who are presumed to be linked to the Russian government, if not working for it — has been one of the most closely held findings of the inquiry. Senior White House officials have known for months about the depth of the intrusion.

“This has been one of the most sophisticated actors we’ve seen,” said one senior American official briefed on the investigation.

Others confirmed that the White House intrusion was viewed as so serious that officials met on a nearly daily basis for several weeks after it was discovered. “It’s the Russian angle to this that’s particularly worrisome,” another senior official said.

Chinese vs. Russian hackers

While Chinese hacking groups are known for sweeping up vast amounts of commercial and design information, the best Russian hackers tend to hide their tracks better and focus on specific, often political targets. And the hacking happened at a moment of renewed tension with Russia — over its annexation of Crimea, the presence of its forces in Ukraine and its renewed military patrols in Europe, reminiscent of the Cold War.

Not the first attack

Mr. Obama is no stranger to computer-network attacks: His 2008 campaign was hit by Chinese hackers. Nonetheless, he has long been a frequent user of email, and publicly fought the Secret Service in 2009 to retain his BlackBerry, a topic he has joked about in public. He was issued a special smartphone, and the list of those he can exchange emails with is highly restricted.

Eviction notice

The discovery of the hacking in October led to a partial shutdown of the White House email system. The hackers appear to have been evicted from the White House systems by the end of October. But they continued to plague the State Department, whose system is much more far-flung. The disruptions were so severe that during the Iranian nuclear negotiations in Vienna in November, officials needed to distribute personal email accounts, to one another and to some reporters, to maintain contact.

Earlier this month, officials at the White House said that the hacking had not damaged its systems and that, while elements had been shut down to mitigate the effects of the attack, everything had been restored.

Mum’s the word

One of the curiosities of the White House and State Department attacks is that the administration, which recently has been looking to name and punish state and nonstate hackers in an effort to deter attacks, has refused to reveal its conclusions about who was responsible for this complex and artful intrusion into the government. That is in sharp contrast to Mr. Obama’s decision, after considerable internal debate in December, to name North Korea for ordering the attack on Sony Pictures Entertainment, and to the director of national intelligence’s decision to name Iranian hackers as the source of a destructive attack on the Sands Casino.

But the breach of the president’s emails appeared to be a major factor in the government secrecy. “All of this is very tightly held,” one senior American official said, adding that the content of what had been breached was being kept secret to avoid tipping off the Russians about what had been learned from the investigation.

Golf and nukes

Mr. Obama is known to send emails to aides late at night from his residence, providing them with his feedback on speeches or, at times, entirely new drafts. Others say he has emailed on topics as diverse as his golf game and the struggle with Congress over the Iranian nuclear negotiations.

Jwics where classified docs go

The White House, the State Department, the Pentagon and intelligence agencies put their most classified material into a system called Jwics, for Joint Worldwide Intelligence Communications System. That is where top-secret and “secret compartmentalized information” traverses within the government, to officials cleared for it — and it includes imagery, data and graphics. There is no evidence, senior officials said, that this hacking pierced it.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

White House Selling. Silicon Valley Buying?

Posted on May 1st, 2015 by Dan Rampe

Snowden

Defense Secretary Tours Valley Looking for Buy-in on New Computer Military Strategy and Rebuilding Trust Post-Snowden Revelations

To borrow a basketball analogy — and what better time than during the NBA playoffs — the White House has been doing a full-court press to impress the Valley’s movers and shakers in both business and academia. In their article on nytimes.com, David E. Sanger and Nicole Perlroth examine the White House’s efforts to form a new military cyberstrategy and rebuild trust that’s been shaken by Snowden’s NSA disclosures.

Investing in start-ups and looking for talent

[Defense Secretary] Ashton B. Carter, toured Silicon Valley…to announce a new military strategy for computer conflict, starting the latest Pentagon effort to invest in promising start-ups and to meet with engineers whose talent he declared the Pentagon desperately needed in fending off the nation’s adversaries.

Whom do you trust?

Mr. Carter immediately acknowledged, though, the need to rebuild trust with Silicon Valley, whose mainstays — like Apple, Google and Facebook…have spent two years demonstrating to customers around the world that they are rolling out encryption technologies to defeat surveillance. That, of course, includes blocking the National Security Agency, a critical member of the military-intelligence community.

“I think that people and companies need to be convinced that everything we do in the cyber domain is lawful and appropriate and necessary,” Mr. Carter told students and faculty at Stanford.

Ask not what your country can do for you

He urged the next generation of software pioneers and entrepreneurs to take a break from developing killer apps and consider a tour of service fending off Chinese, Russian and North Korean hackers, even as he acknowledged that the documents leaked by Edward J. Snowden, the former intelligence contractor, “showed there was a difference in view between what we were doing and what people perceived us as doing.”

Doubters

[Jeh Johnson], the secretary of Homeland Security, and a group of other government officials ran into a buzz saw of skepticism at the world’s largest conference of computer security professionals….Those officials argued for some kind of technical compromise to allow greater security of electronic communications while enabling the F.B.I. and intelligence agencies to decode the emails and track the web activities of suspected terrorists or criminals. Yet many among the computer security professionals at the conference argued that no such compromise was possible, saying that such a system would give Russians and Chinese a pathway in, too, and that Washington might abuse such a portal.

No compromise. No access

Not long after Mr. Johnson declared that “encryption is making it harder for your government to find criminal activity and potential terrorist activity,” large numbers of entrepreneurs and engineers crammed into the first of several seminars, called “Post-Snowden Cryptography.” There, they took notes as the world’s best code makers mocked the Obama administration’s drive for a “technical compromise” that would ensure the government some continued access.

Everybody’s going to want a key

Ronald Rivest, one of the inventors of a commonly used encryption algorithm, took on the arguments by Mr. Johnson and other senior officials, including John P. Carlin, the head of the Justice Department’s national security division, that the best minds in Silicon Valley could find a way to ensure legal government access while still assuring users that communications and data stored in their iPhones and the cloud are safe. “There are lots of problems with these ideas,” Mr. Rivest said. “We live in a global information system now, and it’s not going to be just the U.S. government that wants a key. It’s going to be the U.K., it’s going to be Germany, it’s going to be Israel, it’s going to be China, it’s going to be Iran, etc.”

Trust us. We want you to make money

One of Mr. Johnson’s deputies, Phyllis Schneck [revealed] the government’s plans for real-time monitoring and blocking of malware flowing through the Internet, urging private industry to help. “We want you to make money,” said Ms. Schneck, a former chief technology officer at McAfee Inc….. Many in the crowd, though, said they worried whether the government would turn any malware-monitoring system to other uses.

Technology outpacing agreements

Mr. Obama’s cybercoordinator, Michael Daniel, who has been trying to preside over the unwieldy administration debate over encryption rules, was meeting executives in private and calling in public for “cybernorms of behavior” that could constrain the kind of hackers who attacked American corporations, the White House, the State Department and the Pentagon. But he acknowledged that this was an area where the grindingly slow wheels of diplomacy were being outpaced by technological development.

Banks, Silicon Valley giants and security companies on front lines of cyberwar

Mr. Carter, in his Stanford talk, noted that past wars were fought state to state. But in computer conflict, he said, the most sophisticated threats and weapons are seen by banks, security firms and Silicon Valley companies like Apple, Google, Yahoo, Twitter and Facebook that serve as conduits for the world’s communications. That is data Washington most needs.

The Snowden aftereffect

Yet nearly two years after the Snowden revelations, many companies are as reluctant as ever to give the government any information unless they are compelled to do so, particularly as they try to convince foreign customers in global markets that they are doing everything they can to keep Washington at a distance.

The President seeks balance

Mr. Obama, on a trip to Stanford in February, had expressed sympathy with those who were striving to protect privacy, even while saying it had to be balanced against the concerns of the F.B.I. and other agencies that fear “going dark” because of new encryption technologies. (Apple says that with its new iPhone operating system, it has no way to decode data in phones, even if given a court order.) Mr. Obama’s aides say decisions about how to resolve these differences are still months away.

Split-key. Court order

With so much more data at stake, and attacks so frequent, cryptographers say the need for encryption is greater than ever. One proposal, by Adm. Michael S. Rogers, the head of the National Security Agency, is to develop a split-key system in which companies hold half and the government, or some outside agent, holds the other half of the key to unlock encrypted communications. The two would be put together only with approval of a court. But many computer security experts reject that idea, saying it would leave too much room for theft and would motivate other governments to require the same.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

Fraud and Security Pros to Meet at ThreatMetrix Cybercrime Prevention Summit 2015

Posted on April 30th, 2015 by Dan Rampe

Blog-Header

5th Annual Summit Has Experts from Around the World Discussing Collaborative Strategies to Fight Evolving Cybercrime

Themed “Connect and Collaborate,” the ThreatMetrix® Cybercrime Prevention Summit 2015, the largest of its kind, will bring together 250 cybersecurity experts from around the globe to exchange ideas on the latest trends in cybersecurity, shared intelligence, protection against mobile fraud and improvement of online trust and Internet security. The fifth annual Summit runs from October 7-9 at the Silverado Resort & Spa in Napa, the heart of California wine country.

2014: breaches happening at unprecedented rate

There were major breaches in almost every sector — healthcare, financial services, retail, government, military and other industries. The Identity Theft Resource Center tracked a record 780 plus breaches – a 27.5 percent increase over the number of breaches reported in 2013. Faced with this ongoing assault, the summit will focus on how businesses and consumers can leverage a collective approach to cybersecurity.

The ThreatMetrix Digital Identity Network: leading a collaborative approach to defeating fraud and data breaches

Processing more than one billion online transactions each month, the ThreatMetrix Digital Identity Network, the world’s largest, enables ThreatMetrix customers across industries to access the most comprehensive world-wide data and analysis available to combat cybercrime.

Bert Rankin, ThreatMetrix chief marketing officer, on the best way to combat fraud

“The fallout from a record high in data breaches last year has made it challenging for businesses to protect their employees and customers from fraud on various levels. The best way to combat fraud in the wake of these breaches is to bring together all aspects of customers’ and employees’ online devices and behaviors into one unique digital identity. By connecting with experts and peers, summit attendees will hear specific insights on the most recent cyber attacks identified through the ThreatMetrix Digital Identity Network and the best practices being used to deter them.”

For Summit attendees an opportunity to connect and collaborate with experts in fraud prevention and cybersecurity

Through a variety of activities, attendees will be able to get a clearer understanding of the most recent cyberthreats and take their respective companies’ best practices to the next level.

Summit subjects

Topics at the Summit include finding ways to reduce online payment fraud, account takeover, identity spoofing and other forms of cybercrime. And, attendees will include experts and senior fraud and cybercrime prevention professionals from the world’s leading online businesses, representing financial services, e-commerce, social networks, government, insurance and other industries.

Attending: key members of the ThreatMetrix executive and professional services team

Sharing insights and trends identified through the ThreatMetrix Digital Identity Network will be key members of the ThreatMetrix team. In addition, industry experts including Julie Conroy, research director for Aite Group’s Retail Banking practice, will speak at the Summit on ongoing research regarding fraud, data security and other market data.

Attendance at the Summit limited to 250

To foster personal interactions, attendance at the ThreatMetrix Cybercrime Prevention Summit 2015 will be limited to 250 attendees. To learn more or to register, please visit: http://cybercrimepreventionsummit.com/.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer driven-analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Digital Identity Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

ThreatMetrix to Host the Fifth Annual Cybercrime Prevention Summit 2015

Posted on April 30th, 2015 by Dan Rampe

Blog-Header

The Summit Brings Together Industry Experts to Discuss Collaborative Strategies
for Businesses and Consumers to Combat Evolving Cybercrime Threats

San Jose, CA – April 30, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced the ThreatMetrix® Cybercrime Prevention Summit 2015, themed “Connect and Collaborate.” The fifth annual summit will take place October 7-9 at the Silverado Resort & Spa, Napa, Calif.

The ThreatMetrix Cybercrime Prevention Summit 2015 is the largest of its kind, bringing together 250 cybersecurity experts from around the globe to “Connect and Collaborate” on the latest trends in cybersecurity, shared intelligence, protection against mobile fraud and improvement of online trust and Internet security.

During 2014 major breaches in healthcare, financial services, retail, government, military and other industries continued to increase. The Identity Theft Resource Center tracked a record high number of data breaches in 2014, with more than 780 breaches – a 27.5 percent increase over the number of breaches reported in 2013. Faced with the continued escalation in online attacks, the summit will focus on how businesses and consumers can leverage a collective approach to cybersecurity. A collaborative approach to cybercrime prevention will become even more important as cybercriminals have access to even more ways to easily commit fraud than ever before.

The ThreatMetrix® Digital Identity Network, the world’s largest trusted identity network, which is currently processing more than one billion online transactions each month, enabling ThreatMetrix customers across industries to access the most comprehensive world-wide data and analysis available to combat cybercrime.

“The fallout from a record high in data breaches last year has made it challenging for businesses to protect their employees and customers from fraud on various levels,” said Bert Rankin, chief marketing officer, ThreatMetrix. “The best way to combat fraud in the wake of these breaches is to bring together all aspects of customers’ and employees’ online devices and behaviors into one unique digital identity. By connecting with experts and peers, summit attendees will hear specific insights on the most recent cyber attacks identified through the ThreatMetrix Digital Identity Network and the best practices being used to deter them.”

The conference will connect industry experts, technologists and other fraud prevention and cybersecurity practitioners to connect and collaborate in an informal environment. During the summit, attendees will have the chance to make direct, meaningful connections through various activities to better understand the most recent cyber threats and take their company’s best practices to the next level.

The information and experiences at the ThreatMetrix Cybercrime Prevention Summit are valuable for anyone interested in finding ways to reduce online payment fraud, account takeover, identity spoofing and other forms of cybercrime. Attendees include experts and senior fraud and cybercrime prevention professionals from the world’s leading online businesses, representing financial services, e-commerce, social networks, government, insurance and other industries.

During this year’s summit, key members of the ThreatMetrix executive and professional services team will share insights and trends identified through the ThreatMetrix Digital Identity Network. In addition, industry experts including Julie Conroy, research director for Aite Group’s Retail Banking practice will speak at the summit. Conroy will present on ongoing research regarding fraud, data security and other market data to promote discussion among the event attendees.

To maintain intimacy and foster personal interactions, attendance at the ThreatMetrix Cybercrime Prevention Summit 2015 will be limited to 250 attendees. To learn more or to register, please visit: http://cybercrimepreventionsummit.com/.

ThreatMetrix Resources

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer driven-analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Digital Identity Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
Walker Sands Communications
Tel: 312-241-1178
Email: beth.kempton@walkersands.com

Not Just Numbers

Posted on April 29th, 2015 by Dan Rampe

Anthem

Often Overlooked in the Anthem and Premera Breaches That Compromised Tens of Millions Are Individual Victims. These Are Some of Their Stories.

Seen People’s Court? The opening has the announcer intoning “Real cases. Real people.” Forgotten among the tens of millions who’ve had their information compromised, but haven’t been affected…yet…are the cases of “real people” who’ve had their lives turned upside down by identity theft.

On truth-out.org, which co-published with USA Today, Charles Ornstein, writing for ProPublica, which describes itself as an independent nonprofit newsroom for investigative journalism in the public interest, puts the Anthem and Premera breaches in “human terms.” He does so by relating stories of individuals who’ve suffered identity theft as a result of these attacks. The following has been excerpted from his truth-out.org piece and edited to fit our format. You may find the full article by clicking on this link.

Knowing the score doesn’t ensure you won’t be a victim

[A] company’s privacy officer didn’t realize that health insurer Anthem even had her data. “It gives you a new perspective when you’re actually one of the folks whose data is disclosed.”

[Rebecca Fayed’s company provides research, technology and consulting services to health care and higher education organizations.] As the privacy officer for The Advisory Board Co., Rebecca Fayed knows a thing or two about privacy and what can happen when it’s violated. But when Fayed received a letter telling her that she, like nearly 80 million others, was the victim of a hacking attack on health insurer Anthem Inc., she couldn’t figure out why. Anthem wasn’t her insurance provider.

“I had no idea that Anthem even had my data,” Fayed told a gathering of privacy professionals recently at the National HIPAA Summit in Washington, D.C. “I went running around the house, ‘Why does Anthem have my data?'”

Fayed soon figured out the connection: Her previous insurer, a Blue Cross plan, was affiliated with Anthem in some way. Whoever hacked Anthem’s records accessed names, Social Security numbers, dates of births, addresses and more going back a decade.

But they weren’t covered by Anthem or Premera

Julie Grimley, 46, a content editor for an educational software startup, initially assumed the Anthem breach wouldn’t affect her because her family had coverage through CareFirst BlueCross BlueShield. Then she got letters informing her that her data, along with that of her husband and 15-year-old daughter, might have been compromised.

“At this point, I’m not sure what the best thing” to do is, said Grimley…”I really don’t.”

What about her college-age daughter?

Grimley said she is most worried about her daughter. “She’s already starting the college process,” she said. “Her life is starting. This could be really serious. I should be worried about me too but we’re established. … I’ve read horror stories and think, ‘Oh my gosh.'”

Lightning strikes twice

Bethesda, Md., resident Eric Forseter and his family managed to fall victim to both the Anthem and the Premera hackings.

Forseter’s wife and son received letters…from their health insurer Premera telling them that some of their information—but not their Social Security numbers–was compromised in the Anthem breach. Days later, they received additional letters saying they also were victims of Premera’s own breach, which affected not only Social Security numbers, but also medical claims information.

Forseter, 40, who works for an IT security and identity management company, said he doesn’t know how his family’s information got ensnared in the Anthem breach but suspects it may have happened because his son had to see a doctor while in New York. He’s gotten nowhere when he’s called the insurers’ customer- service line for answers.

“I don’t think they really know half the stuff that’s happening,” he said. “Unfortunately they’re reading a canned script and all they want to do is say, ‘Well, sorry.'”

Forseter said he is considering legal action against the insurers for failing to safeguard his family’s information. He called the offer of two years of credit monitoring inadequate.

“If data was stolen then sold and sold many times over, then potentially three to five to 10 years from now, that data could be used and I’d have to pay for my own coverage and I’m at risk,” he said. “I’m responsible for covering it.”

Lightning strikes “more than” twice

For some victims, the Anthem and Premera breaches have been all too familiar.

Bill Speaks, 61, who works in mainframe software for the U.S. Department of Interior in Colorado, said he was also a victim of the Home Depot hacking attack last year, as well as one involving his bank, and he believes he was also a victim of the Target hack. Moreover, he said, his driver’s license was stolen when he had surgery at a hospital about three years ago. That may have resulted in someone opening up an account and running up charges in his name, he said.

Speaks said he’s fed up.

“No one is looking out for us and no one at the higher levels of these organizations are suffering any consequences because of their lax security,” he said.

What have the insurers done?

Anthem spokesman Darrel Ng said the company finished mailing letters notifying those affected …. The process took two months because of the number of people affected and to not overwhelm its credit-monitoring vendor, AllClear. “Anthem initially started by sending out 1.5 million letters a day and eventually ramped up to about 2.5 million per day.”

Anthem said it has tried to reach people in other ways, including by email and through a website, AnthemFacts.com. Ng said he did not know how many people had signed up for the credit monitoring, but anyone can seek help in clearing up credit reports and contesting false charges for the next two years.

Premera also has set up a website with information, premeraupdate.com. It has notified 6 million members in Washington and Alaska affected by the breach and is working to notify members of other Blue Cross plans if they sought care in those states. As of April 1, more than 194,000 people had enrolled in credit monitoring, Premera spokeswoman Melanie Coon said by email.

Did Anthem and Premera do all they could?

The Department of Health and Human Services’ Office for Civil Rights, which oversees compliance with federal patient privacy law, is investigating the Anthem and Premera breaches. If the agency determines the insurers did not take adequate steps to protect members’ health information, it could impose steep fines.

A right to be nervous

Ann Patterson, senior vice president and program director for the Medical Identity Fraud Alliance, an industry group, said consumers are right to be nervous. Medical identity theft poses a more serious risk than credit card fraud. “You really can’t change your birth date. So when that kind of information is out there, the type of fraud that is perpetrated in the health care sense involves your wellbeing, your life.”

Patterson recommends that consumers take several steps if they have been affected. First, they should sign up for the free credit monitoring, which alerts people to possible suspicious activity if it happens. “If you became a victim, you would be notified as soon as possible,” she said, noting that it doesn’t prevent fraud. Beyond that, consumers should review all insurance forms, hospital bills and other medical correspondence they receive. If something doesn’t look right, don’t throw it out, Patterson said; make a phone call to clarify what has been sent.

“Some reason people think, ‘I was not the patient, so why should I call that hospital?’ Definitely call the provider and the health plan to make [sure] both parties know that you are not the patient. You should report it to your local law enforcement so you have a record that it was reported from a legal standpoint.”

ThreatMetrix: a caution and solutions

In his blog, The Anthem Tipping Point Reed Taussig, ThreatMetrix® president and CEO advised, “The most valuable data stores for fraudsters are stolen patient records that are associated with a valid health insurance policy. While most enterprises continue to focus on securing their internal networks, what is really required is broad adoption and use of secure, anonymized global shared intelligence that will identify what for and where those 90 million stolen identities are being used.”

Alisdair Faulkner, ThreatMetrix chief products officer, notes, “When Anthem and Premera sneezed, the cybersecurity industry caught a cold. Most organizations are focusing purely within their own networks, but the board room needs to be aware that these massive data breaches are just a precursor to the main event – a systemic and continuous attack on their customer and employee authentication, fraud and identity systems. To do a credible job defending against stolen identities, organizations need better risk intelligence based on anonymized shared intelligence to differentiate between trusted users and cyber threats.”

Find more in the ThreatMetrix news release, Anthem and Premera Healthcare Breaches Were Preventable: Protection Beyond Encryption: ThreatMetrix Strategies for Preventing Cybercrime in Healthcare and Other Industries

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

Biting off More Than You Can Chew: Why Biometrics Aren’t the Future

Posted on April 28th, 2015 by Dan Rampe

Standard-Header-Tony

Recently a senior PayPal evangelist gave a rather controversial interview to the Wall Street Journal. In it, he appeared to suggest a radical alternative to password-based authentication systems: biometrics generated by devices ingested or embedded under the user’s skin. Now, it’s true that passwords should no longer be used by any online provider serious about security. And it’s always interesting to hear new approaches to user authentication.

But organisations need an answer today to the mounting problem of online fraud. It needs to be fast, affordable, frictionless and accurate. And in those respects, biometrics just don’t deliver.

So why isn’t biometric technology the answer?

The problem with biometrics

On paper, the prospect of biometrics like embedded wireless chips monitoring ECG readings, or ingestible capsules that can detect glucose levels, sounds like a decent idea. After all, the readings they then transmit should be unique to that person – surmounting problems of false positives and false negatives. LeBlanc even suggested that batteries for such systems could be powered by stomach acid. At last, a fully internalised, unhackable “natural body identification” system to put “users in charge of their own security”. Right?

Well, not really.

The main issue many people have with biometrics is that they rely on something that should be unhackable – impossible to simulate or crack. But if cyber criminals do find a way of doing so – and they’ve proven themselves to be a pretty resourceful bunch thus far – then what? You might be able to reset your password pretty easily after a phishing attack, but what about your heart rate? Or your glucose levels?

The next major barrier is the users themselves. Security versus usability is a tough balance at the best of times. How much tougher will it be to sell such invasive authentication systems if the user is basically happy with the level of security they get with a regular fingerprint scan or a phone based one-time passcode system?

Why context-based wins

I’m not dismissing the work of PayPal and others to improve on password-based verification. But too many question marks remain over biometrics – even the systems that are closer to reality than the hypothetical scenarios painted by LeBlanc. Whether your business is in e-commerce, social media, banking, insurance or another sector – you need fast, reliable, friction-free two factor authentication that works … today.

The key for organisations going forward is to seek out systems which can work in the background, completely invisible to the user, checking things like device identity, malware, and use of ToR or other obfuscation methods favoured by cybercriminals. They’ll be able to check against a series of unique attributes associated with that user comprised of log-in habits, typical locations, user IDs, email addresses, phone numbers, shipping information etc, and flag a suspect transaction even if the person is using valid (but stolen) credentials.

Futuristic biometrics will always grab the headlines. But context-based authentication is where the smart money’s already being spent, to cut fraud and keep customers happy.

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

 

ThreatMetrix a Winner in 3 Info Security Products Guide 2015 Global Excellence Awards’ Categories

Posted on April 27th, 2015 by Dan Rampe

Awards

ThreatMetrix Takes Home More Awards! Wins 3 Bronzes and Is Honored by the Info Security Products Guide at RSA

During RSA, the security industry honored some of the best companies, executives and products in the world with Info Security Products Guide 2015 Global Excellence Awards.

Winner in 3 Info Security Products Guide 2015 Global Excellence Awards’ categories

ThreatMetrix took Bronzes for the Most Innovative Security Software (Product) of the Year, Most Innovative Company of the Year (Security), and Innovation in Enterprise Security.

Other honors ThreatMetrix received in 2015

  • Winner of the 2015 Cyber Defense Magazine Awards for Best Anti-Malware and Hot Company in Multi-Factor Authentication
  • Named to the 2015 OnCloud Top 100 private companies list
  • The Channel Company’s CRN 100 Coolest Cloud Computing Vendors of 2015

Bert Rankin, ThreatMetrix chief marketing officer, on the company’s pioneering efforts

“Recognition by the Info Security Products Guide serves as validation of our continued efforts to stay one step ahead of cybercriminals by leveraging global shared intelligence,” said Bert Rankin, chief marketing officer at ThreatMetrix. “Given the sophistication of today’s cybercriminals, no business or individual can stand alone in the fight against cybercrime and ThreatMetrix is pioneering efforts to securely and anonymously share threat intelligence across business boundaries.”

During RSA ThreatMetrix announced its Digital Identity Network

The ThreatMetrix Digital Identity Network, the largest network of its kind in the world, creates an anonymized digital identity of consumers based on device, persona and behavior from every transaction, account creation and account login.

Analyzing more than a billion transactions each month to stop cybercrime

Leveraging the ThreatMetrix Digital Identity Network, ThreatMetrix analyzes more than one billion transactions each month to differentiate between fraudulent and authentic account creations, logins and transactions.

Less friction for a better customer experience

ThreatMetrix offers the only frictionless cybersecurity solution that combines enhanced mobile identification, location-based authentication, endpoint intelligence, behavior intelligence and real-time trust analytics into a powerful, context-based authentication and fraud prevention solution.

For a full list of 2014 Global Excellence Awards winners, go to: http://www.infosecurityproductsguide.com/world/

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

 

 

ThreatMetrix Wins Three Bronze Awards in the Info Security Products Guide 2015 Global Excellence Awards

Posted on April 27th, 2015 by Dan Rampe

Awards

Award Winners and Finalists Were Honored by Info Security Products Guide in San Francisco during the RSA Conference 2015

San Jose, CA – April 27, 2015 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announces it has won Bronze in three categories of the Info Security Products Guide 2015 Global Excellence Awards. The security industry celebrated the annual Global Excellence Awards during RSA Conference 2015 in San Francisco by honoring excellence in every facet of the industry, including companies, executives and products.

ThreatMetrix is a Bronze winner in the Most Innovative Security Software (Product) of the Year, Most Innovative Company of the Year (Security) and Innovation in Enterprise Security categories of the Global Excellence Awards. ThreatMetrix continues its cybersecurity innovation following its recent announcement of the ThreatMetrix Digital Identity Network during the RSA Conference. The world’s largest network of its kind, it creates an anonymized digital identity of consumers based on device, persona and behavior from every transaction, account creation and account login.

“Recognition by the Info Security Products Guide serves as validation of our continued efforts to stay one step ahead of cybercriminals by leveraging global shared intelligence,” said Bert Rankin, chief marketing officer at ThreatMetrix. “Given the sophistication of today’s cybercriminals, no business or individual can stand alone in the fight against cybercrime and ThreatMetrix is pioneering efforts to securely and anonymously share threat intelligence across business boundaries.”

By leveraging the ThreatMetrix Digital Identity Network, ThreatMetrix analyzes more than one billion transactions each month to differentiate between fraudulent and authentic account creations, logins and transactions. ThreatMetrix offers the only frictionless cybersecurity solution that combines enhanced mobile identification, location-based authentication, endpoint intelligence, behavior intelligence and real-time trust analytics into a powerful, context-based authentication and fraud prevention solution.

For a full list of 2014 Global Excellence Awards winners, visit: http://www.infosecurityproductsguide.com/world/

ThreatMetrix Resources

About Info Security Products Guide Awards

SVUS Awards organized by Silicon Valley Communications are conferred in 10 annual award programs: The Info Security’s Global Excellence Awards, The IT Industry’s Hot Companies and Best Products Awards, The Golden Bridge Business and Innovation Awards, and Consumer World Awards, CEO World Awards, Customer Sales and Service World Awards, The Globee Fastest Growing Private Companies Awards, Women World Awards, PR World Awards, and Pillar Employee Recognitions World Awards. These premier awards honor organizations of all types and sizes from all over the world including the people, products, performance, PR and marketing. To learn more, visit www.svusawards.com

About ThreatMetrix

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real-time customer-driven analytics platform. These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes more than one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.

© 2015 ThreatMetrix. All rights reserved. ThreatMetrix, TrustDefender ID, TrustDefender Cloud, TrustDefender Mobile, TrustDefender Client, the TrustDefender Cybercrime Protection Platform, ThreatMetrix Labs, and the ThreatMetrix logo are trademarks or registered trademarks of ThreatMetrix in the United States and other countries. All other brand, service or product names are trademarks or registered trademarks of their respective companies or owners.

Media Contacts

Dan Rampe
ThreatMetrix
Tel: 408-200-5716
Email: drampe@threatmetrix.com

Beth Kempton
Walker Sands Communications
Tel: 312-241-1178
Email: beth.kempton@walkersands.com

 

iGad!

Posted on April 24th, 2015 by Dan Rampe

ThreatMetrix-CafeThreats

iOS Vulnerability Discovered by Researchers Could Let an Attacker Crash Any iPad or iPhone within Range of WiFi Hotspot

Researchers discovered an iOS vulnerability that turns WiFi into Why Me!!! Now imagine you’re strolling past a WiFi hotspot without a care in the world except how to pay your monthly iPhone bill. Well no worries. The mere act of walking past the WiFi hotspot could solve that problem because, say researchers, that’s all it’ll take to turn your iPhone into a doorstop.

In his piece on gizmodo.com Chris Mills explains what the researchers discovered. The following has been excerpted from his article and edited to fit our format. You may find the complete article by clicking on this link.

A bug in iOS.8

The vulnerability takes advantage of a bug in iOS 8: namely, that by manipulating SSL certificates sent to iOS devices over a network — certificates used in virtually every app, and in iOS itself — the researchers could make iOS devices crash, in the worst-case scenario putting them into a constant boot-loop.

Not connecting doesn’t help

At first glance, the vulnerability doesn’t seem too bad: after all, in order to have those bad SSL certificates sent to you, the attacker needs control of the Wi-Fi network. So just don’t connect to random Wi-Fi hotspots, and you should be fine — or you’d think.

Have to turn off WiFi completely

The researchers combined the SSL certificate flaw with an older exploit, one they’d named WiFiGate. In short, they found that iOS devices are pre-programmed by the carrier to automatically connect to certain networks. For example, AT&T customers will auto-connect to any network called ‘attwifi’. There’s no way to prevent your phone from doing this, short of turning Wi-Fi off altogether.

No way out

[The] Skycure team [i.e., the researchers who found the flaw] could create a tainted Wi-Fi hotspot, which any nearby iOS device would connect to, and then constantly crash, rendering the device useless. And, because the device is stuck in a bootloop, there’s no easy way to disable Wi-Fi, and escape the hacker’s network. [The] vulnerability can be used to render any iOS device in a certain location completely useless….

Apple working on a fix

The team is working with Apple on a fix; in the meantime, they haven’t disclosed the full details of their attack, but anyone with an iPhone is theoretically vulnerable for now.

Advice from ThreatMetrix on how to avoid the bad guys at WiFi hotspots:

In Avoid a Very Expensive Cup of Coffee: ThreatMetrix Has Tips to Stop Cybertheft When Using WiFi at Coffee Shops, Eateries and Other Public Places, Dean Weinert, ThreatMetrix product manager, cautions, “Consumers can easily access public Wi-Fi networks from just about anywhere – and so can cybercriminals. Cyberthreats are certainly a reality at local coffee shops and other wireless hotspots. If consumers don’t take extra precaution to protect their personal devices, they can unwittingly share sensitive information with cybercriminals interfering on the network.”

ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions leveraging a global shared digital identity network and real time customer driven analytics platform.  These solutions help customers differentiate between trusted users and potential fraud resulting in reduced friction, incremental revenue and lower fraud and operational costs.

ThreatMetrix secures customers against account takeover, payment fraud, fraudulent account registrations resulting from malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over one billion monthly transactions and protects more than 250 million active user accounts across 3,000 customers and 15,000 websites and mobile applications. ThreatMetrix is deployed by industry leaders across financial services, e-commerce, payments, social networks, government and insurance.

For more information, visit www.threatmetrix.com or call 1-408-200-5755.

Join the cybersecurity conversation by visiting the ThreatMetrix blogFacebookLinkedIn and Twitter pages.