Internet Security::Identity Theft

A very interesting show on 4 Corners tonight, with an equally interesting chat in the 4corner Forums. I had jumped into the forums as Alan Paller (Director of Research, The SANS Institute) was to be a panel member … the Forum was an eye opener for other reasons as it showed how far we have to go before people have an understanding of internet security

“Thats only for Windows Boxes…..get Unix mate.” Doh! 😦

And downhill it went, pretty quickly. Rather a shame because I would have liked a few insights from Alan Paller (SANS), and Andrew Woodward (VISA) who were doing their best to answer all the questions put forward.

Your Money and Your Life
Reporter: Quentin McDermott
Broadcast: 17/08/2005 [ABC 4Corners]

Bad guys are winning the war. There’s no question bad guys are winning the war…” – data security consultant Alan Paller.

It’s a global war being fought by governments, police, spies and the titans of banking. The enemy is everywhere in cyberspace.

If you hold a credit card, or use the Internet for financial transactions, you are a potential victim. At stake is not only your money, but your identity.

In Australia, credit card fraud and identity theft cost hundreds of millions of dollars a year. Internationally, some estimates put the cost of cyber-related identity theft at more than $200 billion – bigger than the entire cocaine market.

Recently about 130,000 Australians became casualties of a massive theft of data that compromised the details of up to 40 million people worldwide. Cyber criminals hacked into a US-based credit card processing company, CardSystem Solutions, which processed transactions for Visa and Mastercard. This crime was first detected not in America but in the backrooms of the National Australia Bank’s Melbourne fraud unit.

High tech variations on old con tricks abound. One of the biggest is “phishing”. It’s the email offering you something or, worse, pretending to be from a reliable source like your bank or insurance company. The email directs you to a website that looks genuine and invites you to submit further personal details. Some of these phishing web pages are so sophisticated that they sit like parasites on the real websites of reputable companies and institutions.

Such techniques are not solely for greedy but peaceful hackers. Four Corners examines the potential for terrorists to accumulate funds through cyber-theft. One of the convicted Bali bombers has already written a how-to guide for young jihadists.

Can cyber-theft be countered? Experts who police the net are pessimistic, not least because so much personal data now exists in insecure data banks around the world. Recently the Sun newspaper in the UK exposed a data-selling racket by employees of Indian call centres that service large global companies.

Now Four Corners has obtained evidence that individual Australians’ private data is for sale on the international market to anyone who is willing to pay for it.

If, like many Australians, you’re in the habit of giving out information to perfect strangers, this report will make you think again.

There was a far bit of interest in the SANS – Internet Storm Center’s Survival Time History as Alan Paller, had referred to it in the program. It is a pity that some of the forum members misunderstood the relevance of the statistic and took it off in an Open SOurce vs Microsoft rant.


[1] Your Money and Your Life [ABC 4Corners]
[2] Survival Time History [SANS]
[3] ElthamMob Subject: re: Internet security for home user
Technorati Tags:

This entry was posted in security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.