Helios News
Back to News
The Digital Battleground
July 1st 2011 -

Unless you live in a cave, you’ve seen the headlines about well-established companies falling victim to the digital equivalent of breaking and entering. Sony Networks is hacked, potentially exposing millions of paid subscribers; PBS and Fox News are both hacked and phony news articles seeded into their feeds; Google Gmail is hacked by a Chinese source, exposing not only Gmail subscribers but also official U.S. government email accounts; Yahoo and Hotmail email services have also been targeted with similar attacks; Social networking giant Facebook is constantly under attack through various security flaws and bugs that are inevitable in an ever-evolving open-platform environment; Even antivirus manufacturer Symantec has been hacked, which just sounds ironic.

The headline that alarms me most is the one that may not have even gotten much notice. When EMC’s RSA division, which produces SecurID tokens, was hacked, what the hackers took was the ability to subsequently access sites that use SecurID technology to prevent just such intrusion. Following this event, government contractors like Lockheed, Northrup Grumman and L-3 Communications all experienced undetected unauthorized access which amounts to the keymaker making duplicates of every customer’s keys and then using them to commit burglaries undetected. The threat to national security is incalculable… Two of these companies manufacture our defensive systems and the third provides the encrypted communications that enable those systems to be commanded remotely. This has all the makings of a science fiction movie in which our weapons are turned against us and it’s really happening.

In our digitally interconnected world, hacking is a reality and a threat we must face even if it cannot be completely eliminated. Just as you would not leave home with the door left wide open, so too your digital ‘home’ must be adequately secured and the appropriate safeguards installed to both prevent unauthorized intrusion and to notify of an impending threat. It’s not as if I suspect your computer is housing top secret information, but rather it is a stepping stone that unlocks other systems containing potentially more valuable information.

For the retailer, this threat opens up the potential for lawsuits by consumers and by the credit card companies when unauthorized access to consumer payment data exposes them to fraudulent charges. This was the case as it was confirmed in 2006 that TJX Companies, parent company of discount retailers like TJMaxx, Marshalls and Home Goods, was repeatedly hacked over a period of 18 months and more than 45 million customers’ credit card data was compromised. It was the largest known case at the time and cost that company $64 million, including $40 million directly to Visa for the reimbursement of banks required to reissue cards to their cardholders. The mastermind behind this instance was also indicted for cases involving Heartland Payment Systems, BJ’s Wholesale Clubs, Office Max, Boston Market and Barnes & Noble, netting another 130 million credit card numbers.

The other issue that arises is the stepping stone factor. Even if your computer system does not store sensitive data such as credit cards or customer identification, if it is linked to such systems then a wily hacker can use the relatively low security system as a back door into a more sensitive system without having to attack that system’s defenses head-on. And this is not a new phenomenon – it actually predates the internet as we know it today. A decade ago I read The Cuckoo’s Egg by Clifford Stoll, which documents his account in 1986 of tracking hacker Marcus Hess from Stoll’s public access network at Lawrence Berkeley Laboratories to defense contractors all over the nation and back to Hess’ home base in Germany where he was contracted by the KGB to collect government secrets. Stoll’s tenacity in tracking this hacker led to Hess’ conviction.

 
Credit Card Processing

Integrated Credit Card
Processing

Learn More  ►
  • sales: (888) 936-5160
  • support: (317) 554-9911

8001 Woodland Dr., Indianapolis, IN 46278       info@gohelios.com

Helios, LLC is a division of New Sunshine, LLC. Copyright © 2024. All Rights Reserved. indianapolis web design by: imavex

Accepted Credit Cards