Home » Posts tagged 'Social Security number'
Tag Archives: Social Security number
Big Banks Are Being Hit With Cyberattacks “Every Minute Of Every Day”
Big Banks Are Being Hit With Cyberattacks “Every Minute Of Every Day”.
What would you do if you logged in to your bank account one day and it showed that you had a zero balance and that your bank had absolutely no record that you ever had any money in your account at all? What would you do if hackers shut down all online banking and all ATM machines for an extended period of time? What would you do if you requested a credit report and discovered that there were suddenly 50 different versions of “you” all using the same Social Security number? Don’t think that these things can’t happen. According to Symantec, there was a 42 percent increase in cyberattacks against U.S. businesses last year. And according to a recent report in the Telegraph, big banks are being hit with cyberattacks “every minute of every day”. These attacks are becoming more powerful and more sophisticated with each passing year. Most of the time the general public never hears much about the cyberattacks that are actually successful because authorities are determined to maintain confidence in the banking system. But if people actually knew the truth about what was going on, they would not have much confidence at all.
At this point, the attacks have become so frequent that there is literally no break between them. According to the Telegraph, major financial institutions are continually under assault, and the total number of attacks is constantly increasing…
Every minute, of every hour, of every day, a major financial institution is under attack.
Threats range from teenagers in their bedrooms engaging in adolescent “hacktivism”, to sophisticated criminal gangs and state-sponsored terrorists attempting everything from extortion to industrial espionage. Though the details of these crimes remain scant, cyber security experts are clear that behind-the-scenes online attacks have already had far reaching consequences for banks and the financial markets.
The amount of money that some of these hackers are stealing is absolutely staggering. For example, during “Operation High Roller” thieves got away with somewhere between 78 million and 2.5 billion dollars…
Dissected last year, Operation High Roller marked one of the biggest online thefts to have been made public. According to details of the investigation, somewhere between $78m (£48m) and $2.5bn was last year stolen from thousands of bank accounts across Europe, the US and Latin America.
Among the customers targeted were rich individuals and high-value commercial accounts, with sophisticated software identifying the victims’ main bank accounts and transferring money to prepaid debit cards which could be cashed anonymously. Once the money had been taken, the hackers were able to hide their thefts by changing the victims’ bank balances so they appeared unaltered.
Do you find it unsettling that the authorities don’t even know how much money was actually stolen?
I do.
And earlier this year, another gang of cyberthieves was able to steal 45 million dollars from ATM machines…
A global posse of cyberthieves, armed with laptops in place of guns, hacked into financial institutions and stole $45 million from automated teller machines in a first-of-its-kind heist made for the 21st century,authorities in New York said Thursday.
Over a seven-month period ending last month, the authorities said, hackers broke into computer networks of financial companies in the United States and India and eliminated the withdrawal limits on prepaid debit cards.
Then, people involved in the heist withdrew tens of millions of dollars from ATMs in Manhattan and more than 20 other places around the world. In one case, surveillance cameras picked up a member of the “cashing crew” going from machine to machine, his cash-stuffed bag growing bigger with each hit.
But thefts involving tens of millions of dollars are just the beginning.
In the future, gangs of hackers, terror organizations or even foreign governments could use cyberattacks to bring the entire system down.
John McAfee (formerly of McAfee Associates) recently warned that we are now entering an era of apocalyptic cyberattacks. He said that in the “next world war … the aggressors will be people sitting at home in armchairs while their software turns … all of our guns, our bombs … against us.”
The truth is that it is not just our financial system that is vulnerable. Literally anything that is connected to the Internet could be attacked.
And that is a lot of stuff.
But for now, the big financial institutions remain the most prominent target. Just this week, we learned that a successful cyberattack on JPMorgan Chase resulted in the theft of the personal information of close to half a million corporate and government clients…
Personal information of nearly half a million corporate and government clients who hold prepaid cash cards issued by JPMorgan Chase & Co. (NYSE:JPM) may have been compromised in a cyberattack that took place on the bank’s network in July, the bank warned on Wednesday.
Corporations use JPMorgan’s cash card, known as UCard, to pay salaries, while government agencies use it for issuing tax refunds and unemployment benefits. JPMorgan said it discovered in September that web servers supporting its site, http://www.ucard.chase.com, had been hacked, potentially involving unauthorized access to the personal information of 465,000 cardholders, according to a Reuters report.
The issue was soon fixed and the incident has been brought to the attention of law enforcement authorities, JPMorgan said, adding that the bank has been trying to identify how many accounts were compromised in the attack.
Of course this was not the first major “technical glitch” that JPMorgan Chase has encountered this year. In fact, earlier this year thousands upon thousands of their customers logged into their bank accounts only to discover that their balances had all been reset to zero. That problem was fixed shortly thereafter, but I guarantee you that all of the customers that witnessed that “glitch” will remember it for a very long time.
And certainly JPMorgan Chase is far from alone in dealing with these kinds of issues. In fact, major U.S. bank websites were offline for a combined total of 249 hours during just one six week period earlier this year.
When it comes to the Internet, nobody is ever entirely safe. Every major website and every major company are being targeted. According to USA Today, a cyberattack that began on October 21st has resulted in the theft of the login information for about 2 million Internet accounts…
Almost 2 million accounts on Facebook, Google, Twitter, Yahoo and other social media and Internet sites have been breached, according to a Chicago-based cybersecurity firm.
The hackers stole 1.58 million website login credentials and 320,000 e-mail account credentials, among other items, the firm Trustwave reported. Included in the breaches were thefts of 318,121 passwords from Facebook, 59,549 from Yahoo, 54,437 from Google, 21,708 from Twitter and 8,490 from LinkedIn. The list also includes 7,978 from ADP, the payroll service provider. According to a Trustwave blog, “Payroll services accounts could actually have direct financial repercussions.”
So be cautious on the Internet. The bad guys are out there, and they are becoming more sophisticated with each passing day.
And if you think that “the government will protect us”, you are just being naive.
In fact, government agencies cannot even protect themselves from these guys. For example, identity thieves have been making fools of the IRS for years…
The Internal Revenue Service sent 655 tax refunds to a single address in Kaunas, Lithuania — failing to recognize that the refunds were likely part of an identity theft scheme. Another 343 tax refunds went to a single address in Shanghai, China.
Thousands more potentially fraudulent refunds — totaling millions of dollars — went to places in Bulgaria, Ireland and Canada in 2011.
In all, a report from the Treasury Inspector General for Tax Administration today found 1.5 million potentially fraudulent tax returns that went undetected by the IRS, costing taxpayers $3.6 billion.
So if you are waiting for the incompetent U.S. government to fix this problem, you are going to be waiting for a very, very long while.
As a society, we are constantly becoming even more dependent on the Internet.
Meanwhile, the attacks on the Internet are continually becoming even more sophisticated.
At some point those attacks are going to cause some major league problems.
It is just a matter of time.
CIA Database Tracks All US Money Transfers | Zero Hedge
CIA Database Tracks All US Money Transfers | Zero Hedge.
While hardly as dramatic as ongoing revelations of Big NSA Brother probing every aspect of Americans’ lives, overnight the WSJ reported that in addition to the complete loss of privacy – which should now be taken for granted – the CIA has been added to the list of entities that scrutinize every online interaction, and is “building a vast database of international money transfers, including Western Union, that includes millions of Americans’ financial and personal data, officials familiar with the program say.” The program will be (and is) carried out under the same provision of the Patriot Act that enables the National Security Agency to collect nearly all American phone records. In other words, instead of being upfront that all the CIA, and administration, care about is tracking large flows of money that may have “evaded” taxation, and is traditionally used by expats to send modest amounts of money back to their host countries, what the CIA is instead focusing on is whether mom and pop are using Western Union to deposit $500 in Al-Qaeda’s account in Afghanistan.
The WSJ explains as much:
The data is obtained from companies in bulk, then placed in a dedicated database. Then, court-ordered rules are applied to “minimize,” or mask, the information about people in the U.S. unless that information is deemed to be of foreign-intelligence interest, a former U.S. official said.
A limited number of analysts are allowed to search the database with queries that meet court-approved standards. This is similar to the way NSA handles its phone-data program.
…
The CIA, as a foreign-intelligence agency, is barred from targeting Americans in its intelligence collection. But it can conduct domestic operations for foreign intelligence purposes. The CIA program is meant to fill what U.S. officials see as an important gap in their ability to track terrorist financing world-wide, current and former U.S. officials said.
The program serves as the latest example of blurred lines between foreign and domestic intelligence as technology globalizes many activities carried out by citizens and terrorists alike. The CIA program also demonstrates how other U.S. spy agencies, aside from the NSA, are using the same legal authority to collect data such as details of financial transactions.
Ah yes, “limited number.” And since every single American is a potential sponsor of terrorism, it is only logical that this latest dragnet covers absolutely every single US citizen. And in the outlier case that the CIA also taps, investigates, records, and just happens to forward to the IRS, every single money transfer originating or terminating in the US, oh well.
The data collected by the CIA doesn’t include any transactions that are solely domestic, and the majority of records collected are solely foreign, but they include those to and from the U.S., as well. In some cases, it does include data beyond basic financial records, such as U.S. Social Security numbers, which can be used to tie the financial activity to a specific person. That has raised concerns among some lawmakers who learned about the program this summer, according to officials briefed on the matter.
What is peculiar is that unlike wire transfers which are virtually unlimited in size, and scrutinized by all relevant, and irrelevant, authorities money transfers are for the most part tiny and anything that is of a more sizable amount, over $3000, is already subject to the microscope treatment:
Money transfer forms differ depending on location and type. But they ask for the names, addresses and telephone numbers of senders and receivers. Depending on the transfer, senders and receivers also may be asked to provide the date and place of their birth. In most locations in the U.S., people sending $1,000 or more must provide an ID such as a driver’s license. People sending $3,000 or more must provide additional ID, such as a Social Security number or passport.
However, it appears the small transfer limit did not trouble Al-Qaeda:
The money-transfer program appears to have been inspired by details of the Sept. 11, 2001, terrorist plot, in which the al Qaeda hijackers were able to move about $300,000 to U.S.-based bank accounts without arousing suspicion. In part, it was because the transactions were comparably small and fit the pattern of the remittances used by immigrants or foreign visitors to send money home.
Some of the transfers were between bank accounts, but some moved through person-to-person transfers. In 2000, Sept. 11 plot facilitator Ramzi Binalshibh made a series of transfers, totaling more than $10,000, from Germany to the U.S., where they were collected by hijacker Marwan al-Shehhi. Two transfers were through MoneyGram and two through Western Union.
And while hardly as dramatic in the grand scheme of things, the WSJ report shows just how much, or little, personal privacy hinges on one simple word:
That program was institutionalized by 2006 and continues under a controversial authority tucked into a part of the Patriot Act known as Section 215. That law permits the government to obtain “tangible things,” including records, as long as the government shows it is reasonable to believe they are “relevant” to a terrorism investigation.
Under that provision, the U.S. government secretly interpreted the term “relevant” to permit collection of records on millions of people not necessarily under suspicion. That secret interpretation, used to justify the legality of the phone-records program, was brought to light in the wake of the revelations by former NSA contractor Edward Snowden.
The interpretation also was used by CIA as the legal underpinning of its bulk financial-records effort under the money-transfer program, officials said.
One doesn’t need to clarify that just like with the NSA, the CIA is logging, recording and analyzing every single money transfer of even the most nominal amount. Which, quite simply, continues to build an architecture for the full tracing of all electronic monetary transactions in the US. Because once every flow of funds is logged at even the most micro level, the US will be able to not only regulate and supervise, but to implement any type of capital and fund flow controls it desires. Which it will in due course.