02 September 2014

AndreEdelbrock

Andre Edelbrock - Ethoca

8 | posts 28,791 | views 1 | comments

Information Security

The risks from Cyber cime - Hacking - Loss of Data Privacy - Identity Theft and other topical threats - can be greatly reduced by implementation of robust IT Security controls ...
A post relating to this item from Finextra:

New York ATM skimming gang steals $500,000

13 May 2009  |  9295 views  |  0
New York police are on the hunt for a gang of thieves accused of using ATM skimming technology to steal account details and PIN numbers before withdrawing over $500,000.

Thinking and Awareness Needed to Stop Crime, Not Just Tech

27 May 2009  |  3828 views  |  0

Recently, a targeted crime spree hit Staten Island with 250 Sovereign Bank customers caught up in a never-ending technological arms race between criminals and the rest of us.  This time it wasn’t the latest hacker sitting at a far away computer in the middle of the night.  Rather it was a small gang that used skimming technology and video cameras to compromise the accounts and make off with over $500,000. But for the alertness of Microsoft "evangelist", Sean Siebel who spotted the scam while doing his own personal banking, it probably would have been millions lost before detection.

According to banks, skimmers are rarely spotted in the wild, yet after seeing Sean on the news, another New Yorker spotted another skimmer at a Chase branch. The branch manager hadn't heard of the scam.

We see national news headlines about breaches and individual customer information being stolen by faceless entities in far-away lands.  We assume these scams require tech prowess and amazing skill, but it usually turns out to be as simple as a mirror and hidden video camera. Many times the response to these attacks is to add more features and functionality to our technology.  In the case of credit cards, the focus has been on Chip and PIN, especially in Europe. Soon, even more sophisticated 2-factor authentication is coming through cards with built-in single use PIN generators.

Unfortunately, as this story shows, even the most advanced technology is easily subverted by cheap tools you could purchase at Best Buy or download for free, together with a small amount of ingenuity. The problem is that we place too much trust in the technology, and not enough in being alert, observant and careful. In fact, the more we rely on technology to do our thinking for us, the more complacent and vulnerable we become.

The lesson: if your security approach is purely based on a better technology mousetrap, you are a breach waiting to happen. Don't forget to educate your people, understand the risks you face, and always assume that the criminals will find a way around whatever technology barriers you erect.

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Andre

Payments Fraud Hurts All of Us

02 July 2009  |  3016 views  |  0  |  Recommends 0 TagsPaymentsRisk & regulationGroupTransaction Fraud Systems and Analysis

CardSystems Case Signals Accountability and Liability Shift

26 June 2009  |  5123 views  |  0  |  Recommends 1 TagsCardsSecurityGroupTransaction Fraud Systems and Analysis

Cybercrime Czar? Government bailout for cybercrime?

01 June 2009  |  3997 views  |  0  |  Recommends 0 TagsSecurityRisk & regulationGroupInformation Security

Thinking and Awareness Needed to Stop Crime, Not Just Tech

27 May 2009  |  3828 views  |  0  |  Recommends 0 TagsSecurityRisk & regulationGroupInformation Security
name

Andre Edelbrock

job title

CEO

company name

Ethoca

member since

2009

location

Toronto

Summary profile See full profile »
As CEO and co-founder of Ethoca I drive the strategic direction of the business and business deve...

Andre's expertise

Andre's blog archive
2009 (8)

Who is commenting on Andre's posts