October 25, 2006

Data Security: Still An Oxymoron

Richard Kuper
The Kuper Report

I have written several times here about how data security is an oxymoron, and have given presentations on the subject. Here are excerpts from and links to two current ComputerWorld articles about some of the latest sad examples.

Identity thieves hit customers at TD Ameritrade, E-Trade

Overseas hackers broke into customer accounts at two popular online stock brokerages, TD Ameritrade Holding Corp. and E-Trade Financial Corp., in a "pump and dump" stock-trading scheme that led to at least $22 million in losses.

The attacks, which took place during the last three months, were launched by identity thieves in Eastern Europe and Asia who primarily used keylogging software delivered via Trojan horses or other malware to steal users' confidential information as they logged onto public computers or their own infected machines, TD Ameritrade CIO Jerry Bartlett said in an interview today.

The hackers then logged into existing customer accounts -- or created dummy accounts -- to buy shares in little-traded stocks, driving prices up so they could sell their own previously purchased shares for a profit.

8,500 victims in international data theft

British electronic-crime detectives are investigating a massive data theft operation that stole sensitive information from 8,500 people in the U.K. and others in some 60 countries, officials said Tuesday.

In total, cybercriminals targeted 600 financial companies and banks, according to U.K. authorities, who have worked over the past week to identify and notify victims.

The data was collected by a malicious software program nicknamed Haxdoor that infected victims' computers. Some 2,300 machines were located in the U.K. McMurdie said.

Haxdoor is a powerful program that can collect passwords and send them to another e-mail address plus disable a computer's firewall, among other functions, according to a description posted on security vendor F-Secure Corp.'s Web site. Symantec Corp., another security company, wrote it first detected Haxdoor in November 2003.

Computers can get infected with Haxdoor if they don't have security patches or up-to-date antivirus software. London police said it's believed many victims were infected through instant message programs.