The Cost of Cyber Crime
Cyber attacks continue to occur frequently and result in serious financial consequences for businesses and government institutions.
Yesterday I was waiting in line at the grocery store's self-checkout. The guy in front of us scanned a single bag of pretzels that cost about $1.50. Then he took out his debit card and swiped it.
I live in a college town where the only currency for the vast majority is plastic. I have two twenty-something children and two in-laws who never seem to carry cash. Yet it never ceases to amaze me how few people use actual dollar bills and coins anymore.
It also amazes me that most serial swipers don't realize that they are putting their financial security at risk every time they take out the plastic. Take the recent news story of the Romanian hackers who have been charged with hacking card-processing systems in Subway restaurants and about 50 other retailers. According to Wired:
From 2008 until May 2011, the hackers allegedly hacked into more than 200 point-of-sale (POS) systems in order to install a keystroke logger and other sniffing software that would steal customer credit, debit and gift-card numbers. They also placed backdoors on the systems to provide ongoing access.
The article goes on to say that the hackers allegedly searched the Internet to discover the vulnerabilities on the POS systems with remote desktop software applications installed, and then they did what hackers do best - they figured out how to get into the system and take it over.
Beyond the risks involved to those who swipe all of their transactions, store owners who use POS systems need to step up to ensure that the systems they use are secure and that, if using one, the third-party vendor they've hired is compliant with credit card industry security standards. This is especially important when you consider this statistic from the Sophos Naked Security blog:
The U.S. accounts for 47 percent of debit and credit card fraud despite only accounting for 27 percent of transactions, according to a recent report.
So, even though the country is responsible for less than a third of the world's plastic transactions, we have nearly half of the fraud cases? What gives? A report from ATM Marketplace cites two primary reasons: U.S. banks are slower than other countries to adopt newer technologies that will provide better security, and credit card issuers don't decline authorizations from retailers and others as often as they probably should. Why not? Because the credit card companies want to make sure merchants are happy and keep accepting their cards. Too many authorization denials could end up frustrating the retailer, who then no longer accepts the card from customers.
The problem is probably going to get worse before it gets better, unfortunately. Gartner has developed a long-range forecast of cybersecurity predictions, and the organization believes the financial impact of cyber crime will grow at a rate of 10 percent a year through 2016.
With a little more vigilance from everybody - retailers keeping on top of the security of POS systems, credit card companies stopping to authorize on rote, banks upgrading to new technologies and notification policies, and consumers reconsidering the amount they use a credit or debit card - perhaps we can prove the Gartner prediction wrong.