Identity theft is a type of fraud in which an attacker uses stolen personal information to impersonate another person.
Traditionally, this type of fraud was achieved by an attacker intercepting postal deliveries which contain personal information such as names, addresses, bank account details and so on. Attackers could then open credit card accounts and apply for loans in the victim’s name. Victims have had their financial security and lives ruined by identity theft.
The online world has opened up a new, lucrative source of information for fraudsters. Many users have been quite relaxed about sharing their information with online services and other users, but even security conscious individuals are threatened by malware designed to sniff out personal information on a computer, or phishing attacks that persuade users to divulge personal information. Additionally, as we have seen, hacking attacks on big retailers can make millions of personal records available for potential abuse.
Online identity theft still only makes up a tiny proportion of all cases of identity theft and it is actually quite a rare occurrence, but it is a growing threat.
Preventing identity theft
You can greatly limit your risk of online identity theft by following simple security procedures such as running an antivirus program, keeping it up to date and by not responding to phishing emails.
Detecting identity theft
Online identity theft may pass unnoticed for some time, during which great damage can be done to your financial security. Some signs that a victim might notice are:
- unexplained bank withdrawals or credit card charges
- bills and other expected official letters don’t arrive
- cards or cheques are declined
- debt collectors make contact about debts they know nothing about
- they receive notice that their information was compromised by a data breach at a company where they do business or have an account
- their bank or credit card provider makes contact about suspicious behaviour on their account.
Data loss can mean several things ranging from the destruction and deletion of data, to making unauthorised copies that are no longer under your control.
Data can be stolen by people who have direct access to a computer, such as by copying data to a flash memory drive, and also by attackers gaining access over a network connection.
Insider attacks
The hardest attack to defend against is when an attacker has direct access to a computer, especially in an organisation where many people might have access to a single computer, and one, or more, of them might not have the organisation’s best interests at heart. Security risks posed by employees (or ex-employees) of an organisation to their employers are known as insider threats.
A 2013 Forrester survey of businesses employing two or more people in the UK, US, Canada, France and Germany found that 36% of information security breaches were caused by insiders and represented the leading threat to organisational security. These findings were supported in a survey of attendees to the Infosecurity Europe conference where 37% of respondents said the biggest threat to their information security came in the form of ‘rogue employees’. This placed insider threats ahead of cyber attacks (19%) and device security (15%).
Case study: Stealing data
In 2012, a programmer for the Federal Reserve Bank of New York was sentenced for stealing source code used to develop the bank’s computer systems.
Bo Zhang was a third party contractor for the bank with privileged access to software that was under development. He pleaded guilty to copying the code to personal computers in violation of his contract of employment although there is no evidence that he intended to share the programs with anyone.
Similarly, in 2013, the social networking game developer Zynga settled a lawsuit with a former employee, Alan Patmore, who had copied hundreds of files, including unreleased game designs to a Dropbox cloud storage folder before taking up employment with a rival company. Patmore expressed deep regret for his actions and agreed to ensure all copies of the data were destroyed in exchange for Zynga dropping charges against him.
The case of Chelsea Manning is one of the more significant insider attacks involving the loss of data. It is another example where the attacker simply copied the data and shared it with others, depriving the data owners of control over the confidentiality of the information.
Case study: Chelsea ManningChelsea Manning (born Bradley Manning) was a United States Army soldier who leaked confidential information, including 250,000 United States diplomatic messages and 500,000 United States Army reports as well as videos of military action in Iraq, to the WikiLeaks website.
Manning obtained copies of classified materials during service in Iraq in 2009, copying them directly to a data CD disguised as a music disc, from which the materials were transferred to a laptop and then to the WikiLeaks servers for dissemination.
The reports were widely published around the world and caused enormous diplomatic embarrassment for the United States government. Manning was eventually identified after confessing in an online chat to Adrian Lamo, who informed the Army. Manning was charged with 22 offences, including that of aiding the enemy, and pleaded guilty to 10 charges. She was found guilty in 2013 and sentenced to 35 years in military prison.
No comments:
Post a Comment