Research from First Data Corp. suggests that 6.8% of all US adults have been victimized by identity theft, with more than 43% receiving phishing emails. This brings the total of Americans who have fallen victim to some form of ID theft to a staggering 54 million.
November 30, 2005
ID Theft Still Skyrocketing
November 29, 2005
firms still ignorant to endpoint security risks
According to new research published this week, despite storing PINs, passwords and other sensitive information on PDAs and smartphones, a third of IT professionals admit to not using any form of security technology to protect these devices. 81 per cent of respondents used a PDA or smartphone to store business contacts, 45 per cent to receive and view emails and 27 per cent to store corporate information.
Loss of these devices is also on the up, from 16 per cent two years ago to 22 per cent this year.
UK politicians call for ‘Cybersecurity Tsar’
British MPs this week called for the government to appoint a Cybersecurity Tsar who would be a single point of information, guidance and advice for the nation. Conservative MP, Mark Pritchard, is concerned at the effect technology crime could have on Britain’s critical national infrastructure (CNI).
The CNI includes energy, transport, finance, telecoms and aviation - which rely heavily on information technology. “A penetration of any of those networks would be a serious threat to national security, not least when it comes to the potential access to Britain’s 14 nuclear power stations,” said Pritchard.
More stories:
Four arrested in Indian Call Center ID theft
12 Arizonans arrested and charged with using stolen credt card numbers
Six plead guilty to trafficking stolen identity information
November 24, 2005
Sony BMG faces the music
Following accusations that it illegally installed spyware onto customers’ PCs, Sony BMG is now facing two law suits in Texas and California. Despite Sony having now withdrawn the controversial XCP (eXtended Copy Protection) software, it is estimated that as many as two million CDs may be in circulation in the US.
And with the Texan lawsuits claiming compensation of up to $100,000 for each violation - under the Consumer Protection Against Spyware Act - it could end up being an expensive time for Sony.
Meanwhile, for businesses, the case has highlighted the ease with which spyware can get on the corporate network through CDs and other removable media types. For many IT managers, the events of the past week have dispelled any notion that email and the internet are the only communications mechanisms to guard.
And one of the main forms of spyware they’re on the look out for are so-called keyloggers. Research announced this week claims that 2005 will be a record year for the malicious applications, with 6,000 expected to be released. This compares against 3,753 last year.
November 23, 2005
US senate approves Data-Breach Bill
The US Senate Judiciary Committee has approved a bill requiring companies with data breaches to notify affected customers. The “Personal Data Privacy & Security Act” was sponsored by committee chairman, Arlen Specter.
The bill, however, has been criticized by many security experts as being too lax, as it allows companies who suffer a security breach to avoid notifying customers if they consider that the incident poses “no significant risk” of identity theft or data fraud.
While Vermont Democrat, Patrick Leahy is quoted as saying “This bill will ensure that our laws keep pace with technology”, many disagree.
Matt Fisher from security vendor, Centennial Software, commented: “The bill will need very careful policing if it is to be successful in its aims. If it is easy for companies to hide security breaches by declaring there is no risk, then we must expect that they will do so - as the financial implications of admitting to a security incident can be dramatic. What’s need are much tighter rules, and perhaps federal enforcement, of what breaches constitute a risk of identity theft.”
Debt drives employees to commit corporate fraud
It might not be a surprise, but a survey announced yesterday concluded that personal debt is the prime reason that otherwise good employees turn to fraud. The research cites the ease with which employees can commit fraud - including the removal and modification of company data - as being a major concern.
According to security expert, Mike Adlem: “The problem with corporate fraud is that the people doing this are experts in their field. They know their companies inside out. They know the computer systems and they know exactly what to do.”
November 22, 2005
ipod sales hit 30 million
Apple yesterday announced that it has shipped more than 30 million iPods since the MP3 player was first launched in November 2001. The company sold some 6.45 million units in the three months to September 2005 and sales are expected to be even higher still in the run up to Christmas.
But not everyone is so happy that the iPod has become so pervasive.
VNUNet reports that a Windows vulnerability is allowing hackers to exploit security gaps in iTunes which can put corporate networks at risk.
The Financial Times has also picked up on the fact that, with millions of these devices now walking in and out of offices on a daily basis, there is a major security risks being ignored by many businesses.