We Had Fair Warning

The TJ Maxx cyber breach of 2007 sounded the warning bell to consumers and retailers that the security of credit card sales was in question. Upwards of 40 million customers were put at risk with that breach. Since then retailers have dutifully upgraded their security but the recent breach at Target and Neiman Marcus clearly indicates that retailers haven’t done enough and are not exercising due diligence or, cyber criminals are staying at least one move ahead of everyone. Today comes a report from the Federal Bureau of Investigation that the problems at Target and Neiman Marcus may only be the tip of the cyber iceberg. According to the FBI warning, criminals are cloning the malware used against the major retailers, modifying it, and launching attacks against smaller retailers that do not have the finances or cyber resources to combat the attacks. In a Reuters report dated 1/23, investigators report that the malware software used in the attacks is selling for as much as $6,000 on the underground internet and that nearly two dozen attacks have been launched as a result.

Major retailers can continue to try and harden their cyber security, but small and major retailers are going to have to bit the financial bullet and invest in better security lest they open themselves to government prosecution for violation of regulations and from civil lawsuits for damages. Those professionals who are working hard to combat cyber criminals are simply going to have to increase their efforts, hire more and well educated and better trained professionals, and develop better relationships with likeminded people to share information in an effort to subdue this new crime wave.

Consumers in the meantime really have few choices; they can try to move back to a cash society and keep their credit cards in the pocket, or, they
can continue to use plastic and trust the retailers will do a better job protecting their data. Since the latter is more likely, we are then in a
sense reliving history as we harken back to Dr. Strangelove and “Learn to Stop Worrying and Love the Bomb”.

Sources:

http://www.reuters.com/article/2014/01/23/us-target-databreach-fbi-idUSBREA0M1UF20140123

http://www.bizjournals.com/albany/morning_call/2014/01/retailers-warned-by-fbi-to-watch-out.html?ana=e_alby_rdup&s=newsletter&ed=2014-01-24