The Proverbial Tip of the Iceberg and Wringing of Hands

By now the Target data breach story is common knowledge, but it still has headlines to make. The latest one? Cybersecurity experts say the Target fiasco may be just the beginning of a new wave of vicious cyber attacks.

The article comes from the Providence Journal and provides some eye-opening information about what the Target incident means for the future.

Target, the third-largest US retailer, suffered a major hacking during the 2013 holiday season, resulting in the theft of the personal information of up to 110 million customers.

“The Target hacking was an earthquake in comparison with previous ones,” Eugene Fram told the Providence Journal. Fram is professor emeritus of marketing with the Saunders College of Business at the Rochester Institute of Technology.

The FBI agrees, and believes there are worse attacks to come. The agency published its views in a recent report for retailers, “Recent Cyber Intrusion Events Directed toward Retail Firms.”

According to the Providence Journal article, the FBI said in its report, “We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms’ actions to mitigate it.”

POS (point of sale) systems can be vulnerable to malware.

“The accessibility of the malware on underground forums, the affordability of the software and the huge potential profits to be made from retail POS systems in the United States make this type of financially motivated cyber crime attractive to a wide range of actors,” the FBI said.

Though there is no perfect defense against hackers and cyber attacks, some experts are pushing for a change in American credit card technology to better guard against them.

According to the article, the magnetic strip most credit cards use today is outdated and more easily hacked than the PIN and Chip technology used in other parts of the world, like Europe.

To provide some perspective on the issue, the article quoted the head of the National Retail Federation, Matthew Shay.

“For years, banks have continued to issue fraud-prone magnetic stripe cards to U.S. customers, putting sensitive financial information at risk while simultaneously touting the security benefits of next-generation PIN and Chip card technology for customers in Europe and dozens of other markets,” said Shay.

“The retail industry is eager to work with banks and card companies to fight cyber attacks and reduce fraud,” he said. “These efforts include installation of sophisticated new PIN-enabled point-of-sale-systems and readiness to adopt cards with more secure microchip technology, but the fact remains that retailers cannot do this alone.”

Another suggestion is for consumers to pay with cash rather than plastic, to avoid any potential data theft – but that is an adjustment many may find difficult to make.

 

For a more detailed analysis of commercial cybersecurity risks and recommendations, see the original article here: http://www.providencejournal.com/breaking-news/content/20140201-cybersecurity-experts-warn-target-data-breach-only-the-beginning.ece
For information about how Congress is getting involved in this story, check out this article: http://www.twincities.com/business/ci_25047596/cyber-security-expert-target-case-is-watershed-moment