Heartland Payment Systems, one of the biggest card payment processors in
the US, has been the victim of what could well be the biggest security
breach of its kind. Malicious software installed onto the Heartland network could have compromised as many as 100 million transactions
according to numerous emerging reports. This would dwarf the TJ Maxx breach which involved details of some 40 million credit card transactions being stolen.
Apparently the hack attack at Heartland was discovered in-house last
week and law enforcement agencies notified along with the credit card
companies whose customers could become potential victims of the fraud.
Data including names and card numbers was compromised, exactly the kind
of information needed to clone cards.
Some security experts have accused Heartland of attempting to bury the
news of the breach by releasing the news just as US Presidential
inauguration hysteria swept the world. Others have expressed doubts as
to whether what actually happened here, as regards the detail of how
the malware was installed onto what was meant to be a highly secure
system, will ever be exposed for public consumption. "It will be
interesting to see how this incident pans out. Our best guess is that
the software was either installed by a sleeper, a rogue employee
working inside the firm who passed the usual vetting procedures, or a
direct systems attack followed by the insertion of a custom application
on the processor's IT resources," said Rob Rachwald, a director at
security specialists Fortify Software. "The $64,000 question, of
course, is whether Heartland and the US Secret Service, who are working
with company staff on an investigation, will reveal the actual modus
operandi of the fraudsters. I somehow think this will not happen,"
Rachwald concludes.
Meanwhile, Bradley Anstis, Director of Technology Strategy at another
security company, Marshal8e6, told us "Even though Heartland was PCI
DSS compliant, determined criminals were still able to steal millions
of credit card details. We are seeing more and more instances of IT
staff relying on their AV and not being aware that their computers have
been compromised with spyware or other malware. Today's widely accepted
methods of signature-based malware detection are simply not going to
catch targeted spyware because the AV companies won't be familiar with
its signature. Companies should also look to emerging technology like
behaviour-based malware analysis which would have caught this malware."
One thing is for sure, this is a bad start to 2009 and could be indicative of the malware year to come.
the US, has been the victim of what could well be the biggest security
breach of its kind. Malicious software installed onto the Heartland network could have compromised as many as 100 million transactions
according to numerous emerging reports. This would dwarf the TJ Maxx breach which involved details of some 40 million credit card transactions being stolen.
Apparently the hack attack at Heartland was discovered in-house last
week and law enforcement agencies notified along with the credit card
companies whose customers could become potential victims of the fraud.
Data including names and card numbers was compromised, exactly the kind
of information needed to clone cards.
Some security experts have accused Heartland of attempting to bury the
news of the breach by releasing the news just as US Presidential
inauguration hysteria swept the world. Others have expressed doubts as
to whether what actually happened here, as regards the detail of how
the malware was installed onto what was meant to be a highly secure
system, will ever be exposed for public consumption. "It will be
interesting to see how this incident pans out. Our best guess is that
the software was either installed by a sleeper, a rogue employee
working inside the firm who passed the usual vetting procedures, or a
direct systems attack followed by the insertion of a custom application
on the processor's IT resources," said Rob Rachwald, a director at
security specialists Fortify Software. "The $64,000 question, of
course, is whether Heartland and the US Secret Service, who are working
with company staff on an investigation, will reveal the actual modus
operandi of the fraudsters. I somehow think this will not happen,"
Rachwald concludes.
Meanwhile, Bradley Anstis, Director of Technology Strategy at another
security company, Marshal8e6, told us "Even though Heartland was PCI
DSS compliant, determined criminals were still able to steal millions
of credit card details. We are seeing more and more instances of IT
staff relying on their AV and not being aware that their computers have
been compromised with spyware or other malware. Today's widely accepted
methods of signature-based malware detection are simply not going to
catch targeted spyware because the AV companies won't be familiar with
its signature. Companies should also look to emerging technology like
behaviour-based malware analysis which would have caught this malware."
One thing is for sure, this is a bad start to 2009 and could be indicative of the malware year to come.
Comments :
Posting Komentar