RealNews

Firms Targeted by Hackers Keep Vulnerabilities Secret

News this week that hackers had broken into the computers of a company that processes credit card transactions was remarkable on two counts. Not only did the cybercrooks gain access to 5 million Visa and MasterCard accounts. But this Internet intrusion also was broadly publicized. In most hacker attacks, nobody outside of the victimized company finds out when thieves steal trade secrets, confidential consumer information or money. Since companies aren’t obligated to report such crimes, only a third notify police, according to a survey by the FBI and the Computer Security Institute (CSI), a group of information-security professionals. The vast majority of firms keep the attacks to themselves out of fear that disclosure would hurt business and invite lawsuits. In an age when commerce is increasingly taking place on the Internet, this information gap leaves consumers and investors at risk. Customers can be financially liable for losses. Even when they aren’t, as in the recent credit card case, personal information often has been accessed. Individuals who don’t know about the crimes can’t be sure the companies they do business with are using adequate safeguards to protect their privacy and money. Similarly, firms’ stockholders can’t determine whether a company could incur substantial financial losses because of frequent cyberattacks. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.