AT HOLIDAY SHOPPING TIME, EXPECT MORE CREDIT CARD NUMBERS TO BE STOLEN:
BREACHES OF CORPORATE DATA SYSTEMS ARE INEVITABLE, SAYS CYBER CRIME SECURITY EXEC - "60 MINUTES"
Last year's holiday shopping season turned into a nightmare for Target stores when 40 million credit card customers had their numbers stolen by hackers who breached the retailer's data systems. There were other such breaches throughout 2014, including when Home Depot announced that 56 million of their customers' credit cards were stolen. This holiday season will probably bring more, as a cybercrime security executive tells Bill Whitaker that intrusions allowing such theft are inevitable, no matter how much money companies spend on computer security to fight them. Whitaker's report on cybercrime and what needs to be done to stop it will be broadcast on 60 MINUTES on Sunday, Nov. 30 (7:30-8:30 PM, ET/7:00-8:00 PM, PT) on the CBS Television Network.
Nearly every company is vulnerable, says Dave Dewalt, who heads up the cybersecurity firm FireEye. "Even the strongest banks in the world - banks like JPMorgan, retailers like Home Depot, retailers like Target can't spend enough money or hire enough people to solve this problem," says the security executive. It's estimated that stolen credit cards lead to billions of dollars in fraud every year.
People doing business online need to be especially careful nowadays, says Dewalt, whose company helps corporations keep hackers out or get rid of them if they breach their data systems. "The days when we have our username and password, which is our son or daughter's name... is not enough security for... today's attackers," he tells Whitaker. "Breaches are inevitable. It's happening. It's just the life that we live in today."
Many of the cybercriminals are highly organized enterprises mostly operating out of Russia and Eastern Europe with sophisticated knowledge and equipment. The stolen credit card numbers are usually offered for sale on websites by the cartels, and then other criminals can buy them for as cheap as 10 dollars. The numbers can then be turned into cash by purchasing gift cards and buying merchandise that can easily be sold. Counterfeiting the cards is the easy part, says Ed Lowery, who runs the criminal division of the Secret Service. "You have to have the criminal drive to do it. But is it highly technical? ... No, it's not." Watch an excerpt.
Meanwhile, banks, responsible for the fraud perpetrated with the cards they issue, bear the brunt of the financial hit, and are virtually powerless to stop it. Linda Schwartz, head of security for Westfield Bank in Massachusetts, says, "We know it's going to happen. It's inevitable... There's not a lot we can do to stop it."
|