Traverse City Record-Eagle

Other Views

January 7, 2014

Another View: Data theft raises Web security questions

If an Internet security breach compromises credit and debit card accounts of 40 million Target customers, is anyone safe?

Apparently not.

The cat and mouse game between those charged with keeping data safe and those trying to steal it seems never-ending.

The old “if they can put a man on the moon, why can’t they .?” doesn’t seem very helpful.

Security experts, left to speculate in the absence of solid information about the Target heist, believe it was very carefully planned and coordinated. It’s possible that the thieves had help within the company. With or without that help, they had several routes, “vectors,” to their target. One route might have been penetration of the system that serves the chain’s credit card swipers, perhaps infecting those servers to free up the desired data.

“A hacker can find a tiny vulnerability to get into a server, and then move laterally” to exploit other vulnerabilities, said Ken Westin, a security researcher. “Once you get your foot in the door, all heck breaks loose.”

Breaching a retailer’s security doesn’t always mean the credit card information will be used. But that wasn’t the case in the Target theft. Card data began showing up on underground “shops” quickly.

In the absence of new safeguards capable of preventing such theft, cardholders are asked to jump through the usual hoops. Target will pay for credit monitoring for all of the victims. New cards will be issued by the victims’ financial institutions. Cardholders might keep a close eye on their accounts online. If the cards were used for automatic payments, the cardholder will have to contact those companies.

In other words, the usual inconvenient mess.

This latest theft, together with reports of thieves putting “skimming” devices on ATMs to gather card data, intrusions at power generating plants, phone hacking, spam - all make it more or less clear that alongside the blessings the Internet has brought us is the realization that it’s rather porous.

Security is a mirage.

Which brings us back to that earlier question. If we could put a man in the moon in 1969, why can’t we create an Internet that’s secure 45 years later?

The Oakland Press

1
Text Only

Facebook
Twitter Updates
Follow us on twitter
Associated Press Video
Facebook Is Officially A Mobile Company 'Fifty Shades of Grey': Watch the Super Sexy First Trailer Now! Swiftair Loses Contact With Air Algerie Aircraft Diamond Stone, Malik Newman, Josh Jackson and others showcase talent Free Arturo - The World's Saddest Polar Bear A Look Back at Batman On Film Through The Years LeBron James -- Dropped $2k On Cupcake Apology ... Proceeds To Benefit Charity Snoop Dogg Says He Smoked Weed at the White House Raw: Fight Breaks Out in Ukraine Parliament Chris Pratt Interrupts Interview To French Braid Intern's Hair Shirtless Super Mario Balotelli Dances While Ironing - @TheBuzzeronFOX Whoa! Watch "Housewives" Star Do the Unthinkable LeBron apologizes to neighbors with cupcakes Justin Bieber In Calvin Klein Underwear Shoot Samsung Pre-Trolls The IPhone 6 With New Ad Jimmy Kimmel Introduces His Baby Girl Swim Daily, Nina Agdal in the Cook Islands Guilty Dog Apologizes to Baby for Stealing Her Toy Prince George Turns 1 and is Already a Trendsetter Train Collides With Semi Truck Carrying Lighter Fluid