Advertisers Can Track Their Work on Photosharing App
You’ve probably heard about (and may have been personally affected by) the cyber-attack on Target last year, but did you know these crimes continue to occur every day?
In an era of increasing online connectivity, cyber-crime and cyber-terrorism continue to have an impact on businesses and individuals across the globe. Hackers in various countries employ their skills and software to break into company databases to obtain sensitive information about these businesses and their customers.
Data hacker targets include credit card numbers, banking information, Social Security numbers and business operational information. They use this data for various purposes, including:
- Cybert-errorism. Individuals opposed to Western values or practices may wish to thwart the profits or aims of business or government entities and cause harm to the country as a whole.
- Financial gain. Some cyber-criminals seek to use the financial or identifying information of their victims to obtain money for their own use or that of their employing organization.
- Political purposes. Evidence indicates that some cyber-attacks may be linked to foreign governments who seek to gain information to use for themselves (or against the U.S.).
Regardless of their intent, cyber-criminals represent one of the most serious current security threats to business, individuals, and the government.
Recent attacks on Texas companies indicate continued vulnerability
Despite the international nature of cyber-crime, a recent data breach hit close to home when two Texas companies discovered they had been targeted:
- Houstonian Hotel, Club and Spa. On July 8, more than 10,000 guests of the Houston luxury retreat discovered their credit card data had been snatched by cyber-criminals in amalicious software attack. The breach occurred between Dec. 28, 2013 and June 20.
After the U.S. Secret Service alerted Houstonian staff of the breach on June 10, they acted quickly to secure their customers’ information. They replaced and overhauled their existing systems, then employed a data forensics firm to assist with strengthening digital security. They also informed the affected customers by e-mail.
- Spec’s liquor stores. One of the largest liquor store chains in Texas, Spec’s, discovered a data breach in March that occurred between Oct. 31, 2012 and March 20. According to the retailer, about five percent of customers’ transactions became exposed to hackers, including those using credit and debit cards and checks.
To help customers recover from potential harm caused by the attack, Spec’s offered potentially affected individuals free identity theft protection and credit monitoring for the coming year.
How businesses can keep their data safe
Modern businesses retain a great deal of electronic records, from customer contact and transaction information to their own financial records. To combat the increasingly sophisticated threat posed by cyber-criminals and terrorists, companies must implement new security methods, such as:
- Electronic access control. Building security features, such as rack-level electronic locks and RFID card readers, only authorized personnel to gain access to areas where sensitive information is kept.
- EMV cards. Microprocessor chips embedded within credit cards create uniquely coded transaction information with each purchase. This tool — already common in Europe and likely to become so in the U.S. — offers better security than traditional “mag stripes.”
- Point-to-point encryption. Also known as “end-to-end encryption,” this method uses a complicated process to encrypt credit card information from point-of-sale (POS) transactions. Data travels to a secure outside site, which prevents interception as the POS terminal transmits information to a payment processor.
- Securing cloud data. While information stored in the cloud is never completely safe, businesses can use techniques such as creating unique and complicated passwords, encrypting files, and using encrypted cloud services.
- Including mobile devices in security plans. Smartphones, tablets, and laptops are as “hackable” as desktops and other infrastructure, but many companies fail to secure these devices properly. Encryption and malware protection applications are essential for mobile devices. In addition, individuals who travel internationally for business should takemeasures to ensure authorities don’t seize their sensitive mobile data.
Fort Worth criminal attorney Jeff Hampton notes theft is a serious crime in Texas, whether it occurs virtually or in person. Businesses and individuals can protect themselves by staying abreast of the latest security trends and threats, as well as remaining cautious whenever they give sensitive information to other parties.
E-mail messages are more secure than ever before thanks to encryption implemented by webmail providers like Yahoo and Microsoft, Facebook notes in a new blog post.
Facebook, of course, noticed the change because of the massive number of notification e-mails it sends each day. The social network, in May, reported only 28.6 percent of its outbound notification e-mails were successfully encrypted and passed strict certificate validation.
“Since STARTTLS encryption requires both sides to deploy it, we encouraged others to take the next step,” reads the post. “As a result of recent changes by major providers, most notably Microsoft and Yahoo, 95 percent of our notification emails are now successfully encrypted with both Perfect Forward Secrecy and strict certificate validation.”
STARTTLS is a type of webmail encryption that uses Transport Layer Security encryption to make it more difficult to intercept e-mails.
Since the news broke late last year of the National Security Agency’s clandestine gathering of Yahoo’s data, the firm said it planned to implement 2048-bit key encryption as soon as possible.
As of March 31, traffic moving between Yahoo data centers became fully encrypted. The latest in security best practices, including supporting TLS 1.2, Perfect Forward Secrecy and a 2048-bit RSA were implemented not long after.
Yahoo has also promised its Mail service will be encrypted end-to-end sometime next year, making it compatible with the end-to-end encryption that Google has planned for Gmail. This means any e-mails sent between the two services will be completely secure. Once both Yahoo Mail and Gmail are fully encrypted, that will cover a large swath of webmail users — about 700 million. More than 425 million people use Gmail while Yahoo Mail users total about 273 million.
Microsoft also promised to go the 2048-bit key encryption route.
The firm said customer content moving between its customers and the company would be encrypted by default and all of its key platform, productivity and communications services would encrypt customer content as it moves between its data centers.
Microsoft also promised to use best-in-class industry cryptography to protect these channels, including Perfect Forward Secrecy and 2048-bit key lengths and said all of the measures would be in place by the end of 2014.
So far, there has been no indication when the new service will be launched