Hackers hunt credit card details says IT Matrix
Online fraud security company says Sony hack was goldmine for cyber-criminals
One of the most lucrative things on the internet for hackers are debit and credit card details, according to Mirza Asrar Baig, CEO of online fraud protection company IT Matrix.
He says that wherever these kinds of details are stored, hackers will hunt it down, which is precisely what happened with the PlayStation Network, Qriocity network and Sony Online Entertainment hacks.
"If you remember in 2009 we had the Heartland security breach, where around 1.5 million card credentials were compromised. There will be many more. The question is not why social networking would be a target, just like in the Sony PlayStation hack, but where ever there is card data stored, that is a potential target. Any e-commerce site storing card data for repeat transactions is a good target," said Baig.
This targeting of e-commerce sites is why payment card industry data security standards (PCI DSS) are there, to ensure that adequate controls are in place where ever there is card data stored, according to Baig.
He said that the reason behind the Sony hack is also likely to be to do with pressures on business leading to a lapse in security measures or updates.
"The pace of business and accordingly the pressures on technology evolution is now in hyper speed. This is making it very difficult for CIOs to balance their work with adequate security controls. Not to compromise business deadlines, security controls end up at the back seat, the net result is exploitable vulnerabilities requiring little effort [to hack]," said Baig.
He added that organised crime, which is behind many of the hacks globally, is investing a huge amount of money and time in finding ways around security controls, profiling potential targets and making sure when they do move, they do so will full knowledge of their target.