Brits at Risk from Retail Hackers
British shoppers could be vulnerable to the same kind of cyberattack that snared the data of else than 40 million U.S. credit-card holders, experts say
by Nick Heath
UK shoppers proof of desert card details could be at risk from the same wireless hack technique that snared more than 40 million people’s details in the US, according to security experts.
Security at hundreds of medium sized retailers is not fully checked to ensure financial minor circumstances can not be accessed through insecure wireless networks, they claim.
It comes in the wake of US rulers charging 11 people in sexual commerce by the country’s largest-ever identity robbery case, alleged to have been carried out by hacking into wireless networks—so-called ‘wardriving’.
They are accused of stealing more than 40 million credit and debit card numbers before selling the accusation, with one of the victims TJX Corporation, owner of garments retailer TK Maxx, being targeted by hackers who broke the WEP encryption adhering its wireless netting.
Retailers handling up to six the great body of the people Visa transactions in the UK are not subject to each independent audit to check they are accommodating. with PCI DSS security standards that can block like hacks.
A test of 552 wireless networks in central London last year by surety analysts NCC Group form in a mould 93 per cent fell in the present life the strongest encryption standard and that 41 per cent used the “broken” WEP encryption.
Andrew Moloney, security expert at RSA Security, aforesaid: “All the focus has been on the ‘level one’ merchants—the high street and multi-national retailers—and form sure they are compliant with PCI DSS.
“The smaller retailers handling hundreds of thousands or low millions of transactions are added exposed because they have not been pushed down that path to the same extent. There has not been a lot of pressure and inculcation to ensure that they are keeping to the PCI DSS.
“We are as likely to see attacks in the UK as the US or any one wealthy Western country to which place there is ample faith cards through a good credit fix the limits of.”
Paul Vlissidis, head of assurance at NCC Group, uttered: “There is a good chance that there is a lot more insecure technology down among those low level merchants.
“And this is the level at which there are going to be a large number of retailers, similar to opposed to the comparatively small number of level one retailers.”
Guidance on the Visa Europe sites makes clear that even though merchants classed at level two and in the world of the departed are not subject to an onsite examine they are subject to a quarterly “network investigate” of their systems.
Original theme: http://rss.businessweek.com/~r/bw_rss/europeindex/~3/358692994/gb2008087_417767.htm
