This is a very good article. Indeed – credit card fraud can be easily related with terrorism. That’s why it’s very important to chose the right credit card, a credit card with a high security level. After $800 suddenly disappeared from my credit card I had to change banks. I looked first on the internet to find out which credit card is the most secure. I found this site: www.mycapitalonecard.com where you can find the best credit card offers and all the information about them and the best thing about it is that I was able to apply for a credit card online.

Posted by: Ada at September 15, 2008 04:31 PM

yeah...cyberscare or "pump my...budget" ?

Posted by: dickIn at April 14, 2008 07:13 AM

More changes:
1. Quit pushing US to use credit cards.
2. Fine banks who Knowingly Fund terrorisim
3. Change credit card rules, etc.
4. Change credit system
5. ID overseas use.
6. ID thefts (where, how much, when).
7. Hold Banks accountable & User.
8. If stolen, then hold criminals responsable
9. Link to Arab fdns ?
10. See ACT.org for info on Terrorisim.
11. Change lending rules
12. More oversight by Consumers Assn.
13. More prosecutions by DAs alone.
14. 800 # phone to call in Card theft.
15. Sue Mid East terror states for loss.

More can be done

Posted by: stephen russell at April 9, 2008 11:27 PM

b,

You're just a big fat meanie!

Posted by: Christian at April 9, 2008 04:47 PM

I attended the RSA conference and wanted to say that U.S. Secretary of Homeland Security Michael Chertoff said almost word for word what you have been saying on here since you two began this blog. I think he is listening so both of you keep it up!

THANK YOU FOR YOUR EFFORTS

Posted by: mk at April 8, 2008 09:29 PM

Just as an FYI, I got a phone call advertising a 6.5% interest rate for my credit card. Interestingly, it did not say which credit card, i.e. bank and card company. The caller ID revealed that the call originated from a Middle Eastern country, Bahrain.

I'm convinced it was a credit card scam. Was it terrorist related? I don't know, but I wouldn't be surprised.

Posted by: DopplerDave at April 8, 2008 04:23 PM

I keep waiting for one of these data breaches to catalyze a good ol' American class-action lawsuit which ruins a major company and thereby scare everyone else into behaving responsibly, but so far it hasn't happened.

Posted by: TrustButVerify at April 8, 2008 03:52 PM

All anyone has to do is read the news and you will see just how exposed our information systems are currently. I guess "b" can't read! Symantec just announced internet threats rose over 400% in 2007 from 2006 numbers. We really need to address this!

Posted by: SPY GUY at April 8, 2008 03:38 PM

hmmmm, I dunno, the idea of a 23 year old hacker working for Al-Qaeda does sound a little too much like a movie to me, but I think I'll take your information over "b". At least you have some semblance of facts.

Posted by: Pantera at April 8, 2008 03:17 PM

b YOU JUST DON'T GET IT! Until you protect the massive systems used in business and the sensitive data they collect and store the country is at risk. Read "UnRestricted Warfare" it will help you understand our enemy. Oh by the way, I retired from Netscape and donate about 70% of my time to helping other deal with strategic technology issues. Just for the record.

Posted by: Kevin at April 8, 2008 02:43 PM

Coleman is a propagandist who sells himself for $5,000 a gig, currently for doing "cyberscare" but eventually for anything that might be profitable for HIM.

This has little to do with Defense or Technology, thus doesn't belong on this ever deteriorating blog, and a lot to do with hyping his business.

If some 23 year old geek confessed (under torture?!) to be the "mastermind" of Al Qaeda's internet operation I certainly have no fear for the world to be taken over by those.

Posted by: b at April 8, 2008 02:23 PM

To Camp - Finally someone who gets it. Security for our systems cannot be piecemeal and must go end to end. Encryption is one way to increase the security of our networks and our data. I am not sure you knew this but, criminal enterprises have been established to sell software exploits, trojans, viruses and other malware to anyone who want them. They have become the new arm dealers. While the government is laser focused on their systems and DoD capabilities, we will not really make a big difference in security until businesses are made to increase their security.

Thanks for reading the article and your posting

Posted by: Kevin at April 8, 2008 01:09 PM

When you say "Hannaford", I take it you're referring to this....

"Hannaford Breach May Presage '08 Trend"
http://blog.washingtonpost.com/securityfix/2008/03/hannaford_breach_may_presage_0.html

"While the payment card industry standards require retailers to encrypt payment data when it traverses public networks, that requirement does not necessarily apply to a company's own internal, non-public networks, Sartin said.

"I would say a trend we're seeing hitting a lot of retailers right now is that these organizations can be [compliant with the credit card industry security standards] and still have customer data stolen," Sartin said. "The data in transit is allowed to traverse private links and internal infrastructure without being encrypted, and the attackers are taking advantage of that."

Sartin declined to say whether this dynamic was at work in the Hannaford case (his company had been retained by a party involved in the breach). But he noted that Cybertrust has found with a number of very recent compromises that attackers have seized control over the very terminals that control cash registers or point-of-sale systems within a retail store, or the server through which all registers connect to pass transaction data out across the Internet to the store's payment processor."

Whether it's the cause or not, I think Encrypted LANs (NICs with Crypto ASICs) should be the standard practice and not an exception. The above story is also probably just another push towards a Dynamic Credit Card Model.

Regarding "Al Qaeda's top cyber terrorist 23 year old Younes Tsouli". According to the Washington Post article, he was basically a web admin who "stole via phishing scams and the distribution of Trojan horses". The wording leads me to believe that he didn't even write the Trojan apps, but instead just used off-the-shelf code.

As for "The game has changed!... Imagine the psychological impact...Imagine the damage to a corporation's brand". I have to disagree. Theft has funded criminal organizations & murder since before civilization, how is this any different? Unless somebody gets a bill for a suicide bombing, or a specific entity was intentionally financing terrorism... people probably won't even notice. Heck, the 9/11 plotters utilized basic U.S. banking services, and with the exception of United Airlines (who are still in business) I don't recall any other brands.

"Al Qaeda funded the hijackers in the United States by three primary and unexceptional means: (1) wire or bank-to-bank transfers from overseas to the United States, (2) the physical transportation of cash or traveler’s checks into the United States, and (3) the use of debit or credit cards to access funds held in foreign financial institutions. Once here, all the hijackers used the U.S. banking system to store their funds and facilitate their transactions."

"Appendix A: The Financing of the 9/11 Plot"
http://www.9-11commission.gov/staff_statements/911_TerrFin_App.pdf

Then again I'm probably wrong. :-)

Posted by: Camp at April 8, 2008 12:59 PM

Nice, demophilus....

Posted by: Christian at April 8, 2008 12:56 PM

I guess that explains all those charges on my account for Semtex, track suits, and shower shoes.

Posted by: demophilus at April 8, 2008 12:41 PM