Whats going to happen? My thoughts on the security breaches from blog The Technology blog and podcast
This is for the technology blog and podcast Commentary, articles, and podcasts
Whats going to happen? My thoughts on the security breaches
These are only my thoughts. These are not the thoughts of a security expert who may know more about this stuff than I. Please take it as such.
We’ve had a pretty hard time understanding the massive compromise at Target. The massive amount of coverage that we’ve seen since has lead us to what was going on. Criminals will want to go where the money is, and the money lies in people’s credit cards. It no longer lies in the hacking of web sites, although that will continue. That doesn’t seem to change. What also won’t change is the defacement of software from companies like Adobe, Microsoft, and others. What will change is these data breaches.
Trend Micro in their year end report which you can find on the Internet, hinted at one major breach a month. December and January found Target which was the biggest.
Krebs On Security broke the story of the target breach with the post entitled Sources: Target Investigating Data Breach which was posted on December 15, 2013. The next itemHackers Steal Card Data from Neiman Marcus which was big to start January. Finally, Sources: Card Breach at Michaels Stores which also came out toward the end of January and in to February. This is a big deal, as these are big retail chains. The latest post dealing with target should be no surprise, and it came out on February 12, 2014. Email Attack on Vendor Set Up Breach at Target which was posted at 9 am on Feb 12, goes in to detail on how the hackers were able to phish an employee, maybe 2, in to installing a piece of software.
Phishing is nothing new. It has been going on ever since the telephone became an easy item to get as far as I’m aware. It was not known as phishing until the Internet was born, but scams by telephone are what started the whole thing. They now do this type of thing by E-mail and now a days Smishing or SMS phishing may be used. Voice phishing is another tactic, and more common. What they do is social engineer a caller, SMS recipient, or E-mail a recipient The bate? Try to get personal information and then use it to buy things, steal identity, and other things.
Getting your personal information may mean a lot of different things. They may or may not do anything with the information. They may do it for the fun of it. They may sell your information underground for hundreds of dollars. Targets stolen credit card data was sold in pieces, and according to one article between $60 and $100 a piece. This is fast moving money changing hands, and sadly, prices may be higher, and if they grab your social security number, it may be higher still. We have to do the best we can.
Target got social engineered in the E-mail department. The latest by Brian goes in to great detail. Sadly, the consumers are at a loss, because we can’t do anything about this. I’ve talked on my podcasts numerous times on how I got hacked. It is not fun. It is a hassle. I won’t go in to detail here, I can give you podcasts where credit card discussion is talked about, and you can listen to those. This is going to be a big deal now, since everything is done on the Internet.
Here is what is going to happen. The big companies in which you don’t suspect being bitten will be next. Companies in the hotel industry, banking industry, markets, gas stations, and others. The criminals will go after the big chains like Ralphs, Dollar Tree stores, and other big stores like Walmart. That won’t be my big concern. My biggest concern is the hospitals, doctor offices, and other types of businesses that deal with patient data. All of that data will move to the cloud, or what we call, on the Internet. This can be a big problem, because people don’t know how secure systems are. One article which mentioned a possible breach at such a facility was talking about how 405,000 different records were taken from an inside job. I can’t seem to find the article off hand, but that was the first. More types of this activity will occur, and the criminals know it.
As blind people, which seem to be my target audience, it is very important that you pay attention to your statements and charges. Here is what I personally recommend since I’ve been there twice. I’m not going to tell you what you should do, but I seem to do these things. Its not 100 percent guaranteed, as something may happen in between checks, but you may catch it quickly if it does.
- If you charge a lot, make sure you look at your online account, or call in on a regular basis to determine if anything doesn’t match, or if you have a lot pending, verify that everything is yours. The 2nd time I got hacked, it wasn’t necessarily a hack. It was a small charge at a merchant that I never did business with. The Fraud Protection service would’ve never caught that.
- Don’t wait for your statement to come in the mail. If you have a suspicious charge, I recommend you don’t wait till your statement comes. Sure, you could try and call the merchant like I did, but while you’re doing that, a criminal may put more charges on the card which may or may not set off alarms at the Fraud Protection Service from your issuing institution.
- Don’t wait days to report something is wrong. My biggest mistake, although it didn’t cost me, was waiting days after getting hacked. After giving the company the information they requested, they promptly changed my password, and changed my contact information. I didn’t know this, and thought I had entered the wrong password. I waited for a charge to post before calling and dealing with it, and that could have cost me.
- Read your statement in case something came through in between the times you check online. I doublecheck my statement, to make sure I know where things are. Some things may post within one day of pending. That could be the time someone read your card, shopped somewhere, and it posted just before statement generation. Mcdonalds usually posts within one day, and that is an example.
- Try if possible to remember credit card numbers. When you first get your credit card number read to you, try to memorize it. This way, nobody can take it down when reading it to you later.
I can’t seem to think of anything else, but you can come up with a plan that suits you. Several blind customers who shopped at Target may have been compromised during the Target breach intrusion. Those people may have had charges show up on their credit card statements as new charges before their statement closed. Luckily, the banks and other institutions were aware of the potential breaches, and monitored cards right away, but your hack may be a one time thing, and nothing massive occurred. Don’t rely on the credit card company or bank to help.
What really bothers me about the Target breach is the fact that names, numbers, and possibly debit card information was taken. Debit card customers may want to keep a closer eye on their transactions since money leaves the account within a day or two, even if the charge takes a week. Being disabled means we have less money to play with than the normal sighted person, but it doesn’t mean we are not secure. I was on top of my charges, are you?
Comment on this post with any tips you might have. Lets open this up for dialogue. The comment boards await you.
Informazioni sull'articolo
Whats going to happen? My thoughts on the security breaches was released on February 18, 2014 at 9:04 pm by tech in security news and commentary.
Last modified: February 18, 2014.
Comments (0)
No comments yet.
Leave a comment
You must be logged in to post a comment.
navigation menu
- Archives
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- Categories of this blog
- Subscribe to Blog via Email
- The tech blog’s pages
- Blogroll