Hi-Tech-Consulting

PCI Council Releases Recommendations for Preventing Card-Skimming Attacks
Dark Reading (08/25/09) Higgins, Kelly Jackson

The Payment Card Industry Security Standards Council has released a set of best practices that aim to help merchants protect themselves and their customers from debit- and credit-card skimming. The best practices address several issues related to the problem of card skimming, including how merchants should educate and protect employees who handle the point-of-sale (PoS) devices from being targeted. The best practices also outline the steps merchants should take to prevent their PoS devices from being compromised by skimmers. In addition, they discuss how to identify a card reader that has been outfitted with a skimming device, what to do if such a device is found, and how the physical location of PoS devices and stores can raise a merchant’s risk of being targeted by skimmers. PCI general manager Bob Russo the best practices will be especially useful for small businesses that would otherwise never know if their credit card terminals had been tampered with. The guidelines are geared to be used in conjunction with the PCI’s PIN Entry Device Security Requirements, which specifies how to secure PIN devices.

Preventing Copper and Coal Thefts With Video
Security (08/09) Vol. 46, No. 8, P. 40; Ritchey, Diane

Public utilities including copper mines, coal mines, and power plants must take the same precautionary steps as corporate or government agencies to deter attacks, especially after federal security experts fingered such facilities as particularly susceptible to cataclysmic terrorist attacks. It is more likely, however, that such facilities will be targets for theft. This was the case at Gulf Power, a Florida-based utility whose rural, often unmanned, power substations were frequently raided for copper wires and components. The utility implemented thermal imaging technology from FLIR Systems to help it mitigate the mounting costs associated with the thefts. It also enlisted the help of Advanced Control Concepts (ACC), a Pensacola-based security integrator, to find a security solution that was workable in both sunlight and darkness and at close- and long-range. ACC installed multi-sensor thermal security cameras for their ability to capture images at all hours, tweaking imaging performance to focus in on the surrounding fence line and any people or individuals within the vicinity. The FLIR cameras were attached to 30-inch poles for expanded coverage, and the devices’ auto-slew command configured to react to fence sensor triggers by automatically directing the camera to the appropriate sensor zone. “These thermal cameras have greatly enhanced our security crews’ ability to see at night, and this lets us respond more efficiently to all manner of alarms and intrusions,” said Charlie Griffith, an investigator with Gulf Power.

Identity Theft Malware Surges 600 Percent
InformationWeek (08/19/09) Claburn, Thomas

The number of computer users affected by malware engineered to steal personal information has risen by 600 percent in the first half of the year compared to the first half of last year, according to PandaLabs, which identified 391,406 computers infected with identity-theft malware in the first six months of the year. Luis Corrons, technical director of PandaLabs, believes the global economic downturn and the thriving black market for credit and debit card numbers and online account information is driving the proliferation of identity stealing malware. He says the distribution of identity-theft malware through social networks and services such as Facebook and Twitter is on the rise. Financial data thieves also are targeting more diverse services, recently going after giants such as PayPal, Amazon, eBay, and various charity sites, whereas before they focused on spoofing online banks sites. The methods of attacks also have gotten more diverse.

Hackers Stole IDs for Attacks
Wall Street Journal (08/17/09) Gorman, Siobhan

Russian hackers stole U.S. identities and software tools for use in a cyberattack against Georgian government Web sites during the war between Russia and Georgia in 2008, according to a new report by the U.S. Cyber Consequences Unit. The report says that Russian hackers converted Microsoft software into a cyberweapon and collaborated on popular U.S.-based social-networking sites, including Facebook and Twitter, to coordinate attacks against Georgian sites. Although the cyberattacks were closely examined following the war, the connections to the United States had remained hidden until this year. Personal and credit card information stolen from U.S. citizens was used to register Web sites that launched the botnet attacks, and once the attacks started, Facebook and Twitter were used to exchange attack code and encourage others to join the attack. Experts say the study shows how cyberwarfare has outpaced military and international agreements, which do not account for the possibility of using U.S. resources and civilian technology as weapons. Identity theft, social networking, and modifying commercial software are all common attack strategies, but combining these strategies raises the attack to a new level, says former U.S. Department of Homeland Security cybersecurity chief Amit Yoran. White House officials are now studying how laws of war and international obligations need to be adjusted to account for cyberattacks. The U.S. Cyber Consequences Unit says the Georgian attacks were perpetrated by Russian criminal groups, and had no clear link to the Russian government, but the time of attacks, which started only hours after the military invasion started, suggests the Russian government may have at least indirectly coordinated with the cyberattackers.

Drug Giant is Targeted by Attacks
Wall Street Journal (08/05/09) P. A1; Whalen, Jeanne

Concerns are mounting that animal-rights groups are increasingly attacking drug companies and their employees for their involvement in animal research. The increased concerns come as authorities investigate several attacks on the Switzerland-based drug company Novartis AG and its CEO, Daniel Vasella. Among the attacks was a fire at Vasella’s vacation home in Austria earlier this week. Austrian officials say that arson cannot be ruled out as a cause of the fire since fire accelerators were found at the scene. Witnesses, meanwhile, reported hearing an explosion before the fire. Austrian police say they are investigating the fire and do not have any suspects, though officials at Novartis have blamed animal-rights groups. Last month, the ashes of Vasella’s mother were stolen from a cemetery in the Swiss village of Chur. Novartis has also blamed animal rights activists for that incident, since the words “Drop HLS [Huntingdon Life Sciences] Now” were found spray painted on Vasella’s mother’s gravestone. Huntingdon Life Sciences is a U.S. company that has long been targeted by animal rights activist. Novartis, however, says it has not done any work with HLS for several years. The animal rights group Stop Huntingdon Animal Cruelty has denied any involvement in the attacks.