[ news_security_news ]
Cyber Crime Continues To Proliferate
John Stith
Staff Writer
2005-09-23
 Insider Reports RSS Feed
The cyber crime world is growing. No if, ands or buts about it. One of the biggest problems have been weaknesses in security with banks and other institutions that handle financial information. While California has a disclosure law regarding this type of theft, no one else, including the federal government, has anything like this in place.
A couple of months ago, I got a letter from the bank that has the loan for my home, informing me that my financial information regarding my home had been compromised. Apparently, a software company working for this particularly large and well-known institution had put much of this information onto their own computers and on disk.
The laptops and the disks were stored in the trunk of someone's car and that night, someone broke into the car and stole those two computers, along with mine and many others' financial information. They said it was double password protected. Passwords are one of the easiest forms of security to crack.
They went through all the motions, telling me to report it to the credit bureaus and monitor my credit score and who offered what services to best assist me. I suppose I should be thankful because they didn't have to tell me anything, but at the same time, it's maddening too. These companies are multibillion dollar institutions with a multinational reach. They should have the wherewithal to pull it together and offer quality security measure.
Recent horror stories from credit card companies talking about tens of millions of credit card records being swiped and retail companies report the same thing. One bank lost a shipment of records while transporting it via a third part shipper. The list goes on. But, in most cases none of these companies must report the losses to you. They may choose too but it's not a necessity, certainly not a law except in California.
BusinessWeek points out in a great article that these companies concentrate on the wrong area. They all look at network and hardware issues. In most cases, according to the article, it's actually software problems. The hackers deal with firewalls and various other network security points by utilizing the same applications legitimate users use to get in.
Then they politely mention that some experts estimate that about one line in 20 has a coding error and some applications have millions of lines of code. So consider that for every million lines of code, about 50,000 would have errors. That's a lot of places for those not so honest hackers to play with.
While many of these financial institutions want the government to stay out of their business, saying they can handle it on their own, the track record doesn't agree with that practice. Some companies are realizing that this problem could be costly in a number of areas but at the same time, are the losses they're suffering more than the amount of money needed to take care of these security problems?
While more and more product is available that make this process cheaper and easier to do, there's still the point that millions of people in this country live with compromised security of their financial information. In the financial community, confidence is the air they breathe, without it, they are nothing. The real question is how far down will they have to go before they consider the needs of their customers and actually make strong, noteworthy attempts not only to stop the crimes but also to inform people when this happens.
About the Author:
John is a staff writer for SecurityProNews covering cyber security.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
