Thursday, April 16, 2009

Painting (a picture) By Numbers

What are the Odds?

I was reading a Page 1 article about HomeATM in "ISO and Agent" published by SourceMedia and saw the tell-tale quote on the left from Avivah Litan.  I'm wondering why "everyone" isn't  listening to her?

After a post I did yesterday, (If Cybercriminals are Focusing on PIN's, Shouldn't  Someone Be Focusing on Security?) some numbers kept sticking in my head. 

Now I'm no statistician, but I was playing with those numbers in my head and came up with an interesting thought...which led to a question which I pose below...

First the numbers:

1. 93% of breaches were targeted at the financial sector: (Last year Verizon investigated 90 breaches with 285 million records stolen, of which 93% were accounted for by the financial sector...)

2. 92% of breaches are software related... - TowerGroup

3. 90% of breaches were committed by organized crime syndicates - Verizon

4. PIN's are the new focus of cybercriminals - "Organized crime was responsible for (90%) nine in 10 breaches, with an explosion of attacks targeting PIN data" - Verizon



So...here's my question...first, I asked myself, if PIN's are the new focus of cybercriminals... if 93% of breaches occur at Financial Institutions and 92% are software related (with "organized crime" being responsible for 90% of the attacks) then...



What are the chances that a Software Based PIN Debit "Application" Will be Attacked, Cracked and Hacked by an
"Organized Crime Syndicate?"


Anybody Want to Take an Educated Guess?

Finally I'll make this last promise or take a lunch bet with anyone...that once software PIN goes live,
within a month an FTP site will arise with user's PAN and PIN numbers.

I One-Hundred-Percent (100%) guarantee it.


Thanks,

kgm
Chairman/CEO
HomeATM ePayment Solutions

Report: 2008 Saw More Records Breached Than The Previous Four Years Combined

By Tim Wilson DarkReading

More electronic records were breached in 2008 than the previous fouryears combined, according to a report published today by VerizonBusiness Systems.

This second annual study -- based on data analyzed from VerizonBusiness' actual caseload comprising 285 million compromised recordsfrom 90 confirmed breaches -- revealed that corporations fell victim tosome of the largest cybercrimes ever during 2008, the company said.

The financial sector accounted for 93 percent of all suchrecords compromised last year, and a staggering 90 percent of theserecords involved groups identified bylaw enforcement as engaged in organized crime.


Verizon Business investigative experts found, as they did inthe company's first report covering 230 million compromised recordsfrom 2004 to 2007, that nearly nine out of 10 breaches were consideredavoidable if security basics had been followed. Most of the breachesinvestigated did not require difficult or expensive preventivecontrols.

Similar to the first study's findings, the latest study found thathighly sophisticated attacks account for only 17 percent of breaches.However, these relatively few cases accounted for 95 percent of thetotal records breached -- proving that motivated hackers know where andwhat to target, the company says.

(Click any graphic to enlarge)

"The compromise of sensitive information increased dramaticallyin 2008, and it's past time to be vigilant about enterprise security,"said Dr. Peter Tippett, vice president of research and intelligence forVerizon Business Security Solutions. "This report should serve asanother wake-up call that good security and a proactive approach areparamount to running a business in this day and age -- particularlysince the economic crisis is likely to trigger a further increase incriminal activity."




















Reblog this post [with Zemanta]

Disqus for ePayment News