The Identity (Theft) Crisis
We’re having an identity crisis. What will it take for companies to take this as seriously as they should?
Officials have found small devices in European point of sale card swipe machines that send selected transaction information to Pakistan. These are the card machines you use at the grocery store — totally plain vanilla. The devices appear to be untraceable and are inserted in some made-in-China MasterCard boxes. The best way to find out if a store has been infected is to literally weigh their card swipe machines. Bad machines weigh four ounces more than good ones.
This is affecting large chain stores, including a British unit of Wal-Mart and Tesco. It is not isolated or off the beaten path — and it really is diabolical. The machines can be set, evidently, to just send a few transactions, say every tenth Visa Platinum transaction, once a day. They can also get new instructions when they send their take — so their work is quite hidden. Add that up over time.
What happens to the information once it goes to Pakistan? It gets used, of course. Bank withdrawals are made, plane tickets and other merchandise get purchased. So far, the estimates are between $50 and $100 million. The motivation appears not to be a espionage, but plain old theft. Authorities are watching, though, in case there is a terrorism link, the destination being in Pakistan and all.
Meanwhile, just to ratchet up the Tom Clancy: The Chinese version of Skype evidently spies on users. This was discovered by a University of Toronto researcher in relatively simple fashion — by checking out what happened when he used the f-word in a message. (To be clear, this is a joint venture between Chinese phone provider TOM and Skype, it is not Skype itself.)
This happened a couple of years ago, in Rhode Island, if memory serves. A team of Armenian bad guys visited an all-night supermarket. They split up. One engaged the skeleton staff’s attention, while the others swapped out several of the debit card PIN-pad devices.
Not long after, the local banks were hit with a wave of disputed withdrawals. The supermaket was the common factor. Investigators reviewed the video surveillance and observed the PIN-pads being switched. So, they set a trap and busted the bad guys when they returned to harvest the captured PINs.
there are no secrets, so i am not sure what we are attempting to protect, or why we are driving ourselves crazy over not protecting it. if company secrets are so valuable, why are they all going bankrupt and need bailouts. soon, governments won’t bother with hacking to throw citizens in prison, they can do that from the internet. information and secrecy is a paradigm in flux, there is no new paradigm and the old one doesn’t seem very useful. individuals and governments have little credit or money, this may cease to be meaningful as well. pakistani gangs stealing confederate dollars and maxed ccards would be more dangerous pulling an all available weimer-republic wheelbarrows heist.
this is crazy. i hope the next administration does a forward looking job of addressing these things.
Not a day goes by when you don’t hear about identity theft. It has really gotten bad with all of the technology we use today. Identity theft protection is a must. I use Solus Identity Theft Protection to protect my family.