Microsoft’s Killswitch Incoming
July 1, 2014 by admin
Filed under Smartphones
Comments Off on Microsoft’s Killswitch Incoming
Responding to mounting pressure, Google and Microsoft will follow Apple in adding an anti-theft “kill switch” to their smartphone operating systems.
The commitment comes at a time when new data shows a dramatic drop in theft of Apple iPhones and iPads after the September 2013 introduction of iOS 7, which included a kill-switch function that allows stolen devices to be remotely locked and deleted so they become useless.
In New York, iPhone theft was down 19 percent in the first five months of this year, which is almost double the 10 percent drop in overall robberies seen in the city. Over the same period, thefts of Samsung devices — which did not include a kill switch until one was introduced on Verizon-only models in April — rose by over 40 percent.
In San Francisco, robberies of iPhones were 38 percent lower in the six months after the iOS 7 introduction versus the six months before, while in London thefts over the same period were down by 24 percent. In both cities, robberies of Samsung devices increased.
“These statistics validate what we always knew to be true, that a technological solution has the potential to end the victimization of wireless consumers everywhere,” San Francisco District Attorney George Gascon told IDG News Service.
Gascon and New York State Attorney General Eric Schneiderman have been leading a push to get smartphone vendors and telecom carriers to include kill switches in their products as a way to curb phone theft.
The joint work had early success with Apple but other carriers and phone makers dragged their feet. However, resistance to the idea appears to be dropping as several bills that mandate kill switches make their way through state legislatures and the U.S. Congress.
The bills demand a function that would enable a phone owner to remotely delete and disable a phone if stolen. The function could be disabled by consumers before a theft takes place if desired, but crucially new handsets would be supplied with it switched on by default.
PoS Cyber Attacks Up In 2013
June 4, 2014 by admin
Filed under Around The Net
Comments Off on PoS Cyber Attacks Up In 2013
A third of data intrusion investigated by security firm Trustwave last year involved compromises of point-of-sale (POS) systems and over half of all intrusions targeted payment card data.
Even though POS systems remained a significant target for attackers, as suggested by several high-profile data breaches disclosed by large retailers over the past six months, the largest number of data theft incidents last year actually involved e-commerce sites, Trustwave said Wednesday in a report that compiled data from 691 data breach investigations conducted by the company around the world.
E-commerce intrusions accounted for 54 percent of investigated data breaches and POS system intrusions accounted for 33 percent, Trustwave said. A separate report published by Verizon in April also pointed to Web application and PoS attacks as leading causes of security incidents with confirmed data disclosure last year.
According to Trustwave, over half of intrusions targeted payment-card data, with such data being stolen from e-commerce transactions in 36 percent of incidents and from POS transactions in 19 percent of attacks.
In Western Europe in particular, where countries have rolled out EMV — chip-and-PIN payment card transactions — cybercriminals shifted their focus from POS devices to e-commerce platforms, said John Yeo, EMEA Director at Trustwave. “EMV has changed the pattern of compromises when it comes to payment-card-specific data.”
However, a significant increase in the theft of sensitive, non-payment-card data, was also observed last year. This data includes financial credentials, personally identifiable information, merchant ID numbers and internal company communications, and was stolen in 45 percent of incidents, Trustwave said in the report.
Customer records containing personally identifiable information can possibly be used to perpetrate identity fraud and are sought after on the black market, so that’s why there’s been an uptick in attacks focusing on such data, Yeo said.
Only about a third of victim companies were able to self-detect data breaches, Trustwave found. In 58 percent of cases, breaches were identified by regulatory bodies, the credit card companies or merchant banks.