Airport raids tackle cyberthieves – BBC News 28 November 2014 Last updated at 06:54 ET


Screen Shot 2014-11-29 at Nov 29, 2014 4.03

Wil Van Gemert, Europol: This fraud costs up to a billion dollars a year

Cyberthieves who used stolen credit cards to buy airline tickets have been targeted in a series of raids.

Europol co-ordinated the raids at airports, targeting people who were trying to travel using a fraudulently bought ticket.

In total, 118 people were arrested at 80 airports in 45 countries during the raids.

Airlines lose more than $1bn (£640m) a year to the trade in fraudulent tickets, said Europol.

“Airlines are fighting credit card fraud on their ticket sales on daily basis,” said Meta Backman from the European airline fraud prevention group in a statement. “It is clear to the airlines that they are up against organised crime in this fight.”

Europol said the raids marked the start of an initiative called Global Airport Action, which will build on the links forged between police forces, airlines and credit card companies in preparation for the raids.

These links helped to spot when tickets bought with stolen cards were being used to check in at an airport during the two days of the action. Police officers then swooped on the individuals using the tickets. Command centres in The Hague, Singapore and Bogota helped to direct the checking of tickets and travel documents as well as identifying individuals arrested.

Some of those arrested were already known to police and had been arrested before for trading in tickets.

In a statement, Europol said the stolen credit cards also helped organised crime groups keep operating and to facilitate the drug trade and human trafficking.

http://www.bbc.com/news/technology-30245807

Americans are more afraid of getting hacked than they are of getting mugged – Updated by Anand Katakam on October 30, 2014, 3:13 p.m. ET


According to a Gallup poll, Americans worry more about getting hacked than they do about any other crime:

Gallup Survey

69 percent of Americans worry about their credit cards being hacked and 62 percent worry about the theft of data from their computers — far higher than the share who report worrying about more grievous crimes such as burglary and murder.

Americans’ fears aren’t wholly unfounded. There have been a number of large-scale attacks in recent years, compromising millions of user’s data. The chart below shows how many millions of users have been affected by the biggest data breaches on record:

Statista and Information is Beautiful

(Statista / Information is Beautiful)

This is the first Gallup poll to ask about hacking worries, and thus the firm has no historical data to show when or how quickly it came to dominate Americans’ fears. But these statistics do reflect the increase in cybercrime and decline in other crimes in recent years. As the rate of violent crime has gradually decreased over the past 20 years, security breaches among businesses have gone up.

85 percent of households earning above $75,000 a year reported worrying about a credit card hack, as opposed to only 50 percent of households earning under $30,000 a year. Hacking typically worries people from higher income groups more because they are likelier to have access to credit cards and cloud computing.

http://www.vox.com/2014/10/30/7131579/hacking-american-greatest-fear-crime

Community Health Systems data hack hits 4.5 million – BBC News 18 August 2014 Last updated at 13:09 ET


StethoscopeCommunity Health Systems has 206 hospitals across the US

A major US hospital group said it was the victim of a cyber-attack resulting in the theft of 4.5 million people’s personal data.

The attack, which Community Health Systems believed originated in China, happened in April and June this year.

The data included patient names, addresses, birthdates, telephone numbers and social security numbers.

The firm, which runs 206 hospitals in 29 states, is now in the process of notifying affected patients.

One security expert warned that the data could be used to steal people’s identity.

The FBI confirmed to news agency Reuters that it was investigating the breach.

Community Health Systems stressed that it believed no medical or credit card records were taken.

News of the attack follows several warnings, from both law enforcement and security experts, that medical equipment is at risk from hack attacks due to poor security measures.

Community Health Systems said security group Mandiant, part of FireEye, advised the company that the techniques used were similar to those used by a well-known Chinese hacking group.

However, both Community Health Systems and Mandiant declined to elaborate on the identity of the group – nor would they say whether they believed the hackers were working on behalf of the Chinese government.

Personal impact

Lamar Bailey, director of security research and development at cybersecurity firm Tripwire, said the fact medical records and credit card details were not stolen will be of little comfort to those affected.

“When financial data is stolen, such as when credit card numbers are stolen from retailers, the retailer and card issuers are hit with the fraudulent charges and the costs for generating new cards.

“But when personal information is stolen – name, address, phone number, birthdates, and social security number – it impacts the person and not a company.

“This is the information needed for identity theft to allow criminals to open accounts in the names of the 4.5 million victims.”

In May, the US charged five Chinese military officers over claims they were behind hacks on US companies. The officers denied the charges, and the Chinese government said the action was “groundless” and represented “US distrust”.

http://www.bbc.com/news/technology-28838661

Why American Express Wants to Kill Credit Cards BY MARCUS WOHLSEN 06.05.14 | 6:00 AM


Illustration: Getty

 

There are two things you always have with you: a credit card and a smartphone. The day is coming when we combine them.

At a recent event, hosted by Andreessen-Horowitz, on the future of retail, Berland pointed out that there are two things you always have with you: a credit card and a smartphone. The day is coming when we combine them. “What we are hyper-focused on is how do we merge those two things,” she says. “Especially as one day the physical card will disappear.”

Berland is not alone in thinking plastic is on its way out. Figuring out how to make smartphones the primary way we pay for things is one of Silicon Valley’s great white whales. The same minds that have put airline boarding passes on our phones alongside every song ever recorded and video calling a la The Jetsons are trying to crack this problem. Everyone from Google and Apple to Square is pondering this.

So far they’ve had little success. But, ironically, this creates an opportunity for the very industry these tech giants are trying to disrupt. A company like American Express has every reason to want things to stay as they are. But if it’s willing to concede its core product’s days are numbered, it has a chance of beating the Apples and Googles of the world in the race to redefine payment tech. That’s because it’s got a key advantage over Silicon Valley: Amex already is in people’s wallets.

 

http://www.wired.com/2014/06/even-credit-card-companies-think-plastics-days-are-numbered/

Target Hack A Tipping Point In Moving Away From Magnetic Stripes – by ELISE HU January 23, 2014 3:42 AM


A cryptographic chip embedded onto a British debit card. America is nearly alone in still relying on magnetic stripes to authenticate purchases.

A cryptographic chip embedded onto a British debit card. America is nearly alone in still relying on magnetic stripes to authenticate purchases.

Christopher Furlong/Getty Images

The credit and debit card data breaches at Target and Neiman Marcus compromised at least 70 million American consumers, and analysts say even more of us are at risk. That’s because the technology we use to swipe for our purchases — magnetic stripes on the backs of cards — isn’t hard for a skilled fraudster to hack.

“It’s totally unprotected and it’s static, so it’s the same data that’s read every single time. It’s just about the worst security that you can put into a payment system,” says Avivah Litan, a security analyst for Gartner, a firm retailers hire to assess their cybersecurity gaps.

Sophisticated cyberthieves got consumer data during the holiday season breaches by injecting a virus into Target’s card payment terminals. From there, the bad guys systematically captured the information found on every card swiped, from Thanksgiving through just before Christmas.

“We’ve seen hacks as big as this before, in fact we’ve seen bigger, but what we haven’t seen before is something this sophisticated and well organized,” Litan says. The data from the cards was turned around and sold on an underground market, where thieves can recreate credit cards using the stolen data and use them to make fraudulent purchases, she says.

Industry leaders know magnetic stripes are outdated and easily exploitable. The rest of the world moved onto a more secure, harder-to-hack payment system based on chip-enabled cards — chip and PIN. Chip-enabled cards are more secure because the data on the chip is hidden behind encryption. So even if criminals intercept what’s on it, they can’t re-use it.

“It’s standardized all over the world and used all over the world, except in the U.S. and perhaps one country in Africa,” Litan says.

It’s a reality that NPR’s new London correspondent, Ari Shapiro, learned quicklywhen he moved overseas a few weeks ago.

“Basically my American credit card is like a second-class citizen here,” Shapiro says. “I can’t use the self-checkout line at the supermarket, I can’t use the automated machine in the subway system or the post office. Some merchants charge me an extra charge just because of my American credit card.”

Shapiro’s new British pal, Ben Thompson, explains how he pays for purchases without swiping — or signing.

Article continues:

http://www.npr.org/blogs/alltechconsidered/2014/01/23/264910138/target-hack-a-tipping-point-in-moving-away-from-magnetic-stripes