IT Security

IT and Cyber Security related information

Security fears at Indian Call Centre

Information  could have been used to clone credit cards

Police are investigating reports that an Indian call centre worker sold the bank account details of 1,000 UK customers to an undercover reporter.
The Sun claims one of its journalists bought the personal details from an IT worker in Delhi for £4.25 each.

They included account holders' secret passwords, addresses, phone numbers and passport details, it reports.

City of London Police has begun an investigation after being handed a dossier by the newspaper.

While the allegations made in the dossier are very serious, City of London Police would like to remind people that incidents of this kind are still relatively rare City of London Police

The centre worker reportedly told the Sun he could sell up to 200,000 account details each month.

Details handed to the reporter had been examined by a security expert who had indicated they were genuine, the paper said.

The information passed on could have been used to raid the accounts of victims or to clone credit cards.

'Reflect on decision'

More than one bank is thought to be involved in the fraud.

A police spokeswoman said officers were not yet aware of "the breadth of what we are going to be investigating".

"While the allegations made in the dossier are very serious, City of London Police would like to remind people that incidents of this kind are still relatively rare," she said.

The Amicus union said it had warned of the "data protection implications" of offshoring financial services.

"Companies that have offshore jobs need to reflect on their decision and the assumption that cost savings benefiting them and their shareholders outweigh consumer confidentiality and confidence," senior finance officer Dave Fleming said.

Continuity Forum Comment

In the past few months we have seen an increased media focus on the security of Electronic Banking Systems with both TV and Print news sources citing alarming lapses in the procedures followed.

While technology can go a long way to 'secure' information there remains for many the issue of the 'insider'.

Whilst a lot of time and money is spent combating external Security threats it appears as though there is still some way to go to protect the organisation and its stakeholders from the actions of someone on the 'inside'. Whatever the motivation, Greed or Revenge, the threat posed can be far greater both in financial terms and in damage to the Reputation of the organisation.

To help you consider the risks to your organisation we have listed below some of the common characteristics of the 'insider' below:

Insider Characteristics

The majority of the insiders were former employees.

• At the time of the incident, 59% of the insiders were former employees or contractors of the affected organizations and 41% were current employees or contractors.

• The former employees or contractors left their positions for a variety of reasons. These included the insiders being fired (48%), resigning (38%), and being laid off (7%). Most insiders were either previously or currently employed full-time in a technical position within the organization.

• Most of the insiders (77%) were full-time employees of the affected organizations, either before or during the incidents. Eight percent of the insiders worked part-time, and an additional 8% had been hired as contractors or consultants. Two (4%) of the insiders worked as temporary employees, and one (2%) was hired as a subcontractor.

• Eighty-six percent of the insiders were employed in technical positions, which included system administrators (38%), programmers (21%), engineers (14%), and IT specialists (14%). Of the insiders not holding technical positions, 10% were employed in a professional position, which included, among others, insiders employed as editors, managers, and auditors. An additional two insiders (4%) worked in service positions, both of whom worked as customer service representatives.

Insiders were demographically varied with regard to age, racial and ethnic background, gender, and marital status.

• The insiders ranged in age from 17 to 60 years (mean age = 32 years) and represented a variety of racial and ethnic backgrounds.

• Ninety-six percent of the insiders were male.

• Forty-nine percent of the insiders were married at the time of the incident, while 45% were single, having never married, and 4% were divorced.

• Thirty percent of the insiders had been arrested previously, including arrests for violent offences (18%), alcohol or drug related offences (11%), and nonfinancial/
fraud related theft offences (11%).

Organization Characteristics

The incidents affected organizations in the following critical infrastructure sectors:

• banking and finance (8%)

• continuity of government (16%)

• defence industrial base (2%)

• food (4%)

• information and telecommunications (63%)

• postal and shipping (2%)

• public health (4%)

In all, 82% of the affected organizations were in private industry, while 16% were government entities. Sixty-three percent of the organizations engaged in domestic activity only, 2% engaged in international activity only, and 35% engaged in activity both domestically and internationally.

Below we have outlined some of the effects on the organisation:

Consequences for Targeted Organizations

Key Findings

• Insider activities caused organizations financial losses, negative impacts to their
business operations and damage to their reputations.

• Incidents affected the organizations’ data, systems/networks, and components.

• Various aspects of organizations were targeted for sabotage by the insider.

• In addition to harming the organizations, the insiders caused harm to specific
individuals.

Supporting Data

Eighty-one percent of the organizations experienced a negative financial impact as a
result of the insiders’ activities. The losses ranged from a reported low of $500 to a
reported high of “tens of millions of dollars.” The chart below represents the percentage
of organizations experiencing financial losses within broad categories.
Percentage of Organizations Financial Loss

Direct Financial Loss   Percentage
$1 - $20,000   42
$20,001 - $50,000   9
$50,001 - $100,000   11
$100,001 - $200,000   11
$200,001 - $999,999   7
$1,000,001 - $5,000,000   9
Greater than $10,000,000   2

For the full 45 page Report or to comment on this piece please mail us HERE! or call Russell Price directly on +44 (0) 208 993 1599.

 

Citigroup loses data on 3.9 million customers

The banking firm has written to customers whose information was stored on computer tapes that were lost last month by courier UPS in transit to a credit office.

Kevin Kessinger, Citigroup's president of consumer finance in North America, said: "We deeply regret this incident, which occurred in spite of the enhanced security procedures we require of our couriers.

"There is little risk of the accounts being compromised because customers have already received their loans, and no additional credit may be obtained from CitiFinancial without prior approval of our customers, either by initiating a new application or by providing positive proof of identification. Beginning in July, this data will be sent electronically in encrypted form."

The tapes contained US customer data from CitiFinancial branch network operations and CitiFinancial Retail Services. The company said the tapes did not contain information from CitiFinancial Auto, CitiFinancial Mortgage or any other Citigroup business.

The company also believes the data has not been compromised and that none of the tapes contained details of CitiFinancial network customers in Canada or Puerto Rico.

"We are making every effort to ensure that our customers are aware of what we are doing and what we suggest they do to protect their identity. We are committed to ensuring that our customers have the support they need to monitor their credit and know how to respond should they identify any problems," added Kessinger.

Last week, the Japanese arm of investment firm UBS apologised for losing a hard disk that contained confidential data of 15,500 customers.

Continuity Forum Comment

There can’t be many people who haven’t had something ‘lost in transit’, but the experience of Citigroup shows that while mistakes can and will happen. The nature of today’s world means and the desire of media to report new stories means that within a few hours even a relatively minor problem will be seen by potentially tens of millions of people and you can be sure it will affect the way many view the organisation.

In most respects this simple process failure is a day to day occurrence, something lost or stolen, but carrying sensitive information, becomes a story reported widely and needing a measured response form the organisation affected. The clear statement and explanation from Citigroup shows to Customers that there is little on-going Risk to them and that the already strict procedures in place further reduces the Risk to clients.

Another detail that it is important to learn from is the issues was not created directly by Citigroup, rather it was a supplier of core services that was responsible for the loss despite the ‘added measures’ Citigroup had in place. This shows the importance of working with key partners in the Supply Chain to ensure on-going compliance withyour special procedures and to avoid supplier complacency creeping in. Failure to ensure that your policies and procedures are being adhered to can quickly undermine even the best plans and procedures and result in incidents like this or indeed far far worse problems.

Forum Statistic

  •  Fewer than 20% of Global 2000 companies work with their Key Supply Chain Partners to embed BCM and even fewer (7%) regularly include partners in Exercises and Rehearsals despite the knowledge of the risks.

    Ends
    _________________________________

    If you have any comments on this article or would like to find out more about the work of the Continuity Forum please contact Sara McKenna or Russell at the Continuity Forum directly on 020 8993 1599 or info@continuityforum.org

 

Trojan holds PC files for ransom

A unique new kind of malicious threat which locks up files on a PC then demands money in return for unlocking them has been identified. The program, Trojan.Pgpcoder, installs itself on a vulnerable computer after users visit certain websites and then turns files into gobbledegook, holding them to "ransom"

UK firms get fresh hacker warning

Organised gangs are using distribution e-mail lists to cleverly engineer mails that look legitimate and relevant.

The Home Office said many of the attacks seemed to originate from Asia.

The warning is aimed at government departments and businesses that are part of the UK's Critical National Infrastructure (CNI).

The government's NISCC works with the CNI so that computer systems which run critical infrastructure, such as telecommunications, energy, and power station networks, are protected.

Biggest security headache just won't go away...

According to a recent poll, employees represent the biggest single threat to any company. And while temps have often come in for stick because of the threat more nomadic staff can pose, especially the sales team, with their eye on business critical data, that really needs to be watched - if only for their own sake. With a combined 33.3% Employee caused issues were the biggest threat feared and this was broken down into Employee error (17.2%)and Malicious Employee behaviour (13.1%) - meaning almost a third of respondents fear the activity, whether intentional or not, of their staff.

Spyware was next up, cited by 27.8 per cent of respondents, with viruses being cited by 20.5 per cent, followed by phishing (11.3 per cent) and hacking (10.5 per cent). Separate research from Unisys reveals that 51 per cent of security managers believe negligent or malicious employees are a significant threat to their business.

Mark Thomas, head of security at Logicalis, said: "One of the biggest problems is that everybody comes into a company on day one, signs the email and internet usage policy and that's the last they think about it."

Many companies have made a rod for their own backs by turning a blind eye to many behaviours which are technically in breach of the rules, he added. And he believes the problem is out of control, with a raft of consumer gadgets and portable storage devices travelling in and out of organisations each day and staff making free with email, IM and their internet access and storing illegal copyrighted files on the network. "If you walked out of your office four years ago with a 40Gb hard drive under your arm you would be arrested but that's exactly what people are doing every day." The problem, especially where companies losing track of their data is concerned, isn't helped by the form factor of increasingly scaled down storage devices. "The mediums are almost impossible to control and they will continue to grow in numbers. So companies have to secure their data."

The far and wide distribution of data outside the organisation also creates problems, said Gary Clark, VP EMEA at encryption specialist SafeNet. The more well-travelled data becomes, on phones, laptops, handhelds, over networks, site to site and on portable storage devices, the greater the chance it will be lost or stolen along the way. But before implementing any measures which will change and limit the way employees can interact with data within the organisation, companies need to make sure staff know why they are doing it, said Logicalis' Thomas. "They need to say, we're not doing this because we're being Big Brother. They need to convey the message as to why security is important and they need to get people to buy in to this."

Thomas added that companies could do worse than start with their sales team. Often the sales team will include the biggest gadget fans who act as their own administrator, he said. They are also frequently the ones with most direct access to business critical data which can be compromised either accidentally or maliciously. "It's the sales guys you need to watch, you need to know if they're emailing all your sales lists to their Hotmail accounts."

END


If you have any comments on this article or would like to find out more about the work of the Continuity Forum please contact Sara McKenna or Russell at the Continuity Forum directly on <b>020 8993 1599</b> or <a href="mailto:info@continuityforum.org">info@continuityforum.org</a>

 

 

Syndicate content

Business Continuity Forum creating Resilince and security

Creating Continuity... Building Resilience...