About Thawte

• Contact Us
• Worldwide Sites
• Why Thawte

A series of corporate security breaches have been sweeping the country lately, leaving tens of millions of customers' credit card information exposed. The attacks have garnered significant media attention because they involve trusted companies reputed to have strong security measures in place to protect privileged customer information. The fact that these companies fell victim to attack points to the increasing vulnerability of supposedly secure data.

According to CNN, the person behind the largest of the breaches - which left 40 million customers' credit cards exposed - is a Russian teenage boy. A security firm called IntelCrawler identified the boy as the creator of the code behind the malware used in the attack. IntelCrawler reported that after creating the code, the boy uploaded it for other hackers to use. Andrew Komarov, the company's CEO, posed as a hacker and chatted to the alleged code creator. In the exchange, the teen told Komarov that he's selling the malware to interested buyers for $2,000. A listing for the malware on a hackers' forum advertises it as being written on C++ and geared toward easily - and, more importantly for hackers, quietly - grabbing credit card information. 

"More BlackPOS infections, as well as new breaches can appear very soon," Komarov said. "Retailers and security community should be prepared for them."

Data is only getting more vulnerable
These security breaches suggest a larger problem with cybersecurity. David Burg, another cybersecurity expert, told NPR that data thieves are becoming more sophisticated as their platforms for attack are broadening.

"What you have is an attack surface that keeps increasing in size and complexity, making it very hard to secure," Burg said. 

One of the reasons such attacks are hard to identify is that they often originate in the black market - a sphere frequented by hackers, and therefore heavily guarded. NPR reported that such malware is often used by organized crime syndicates, which stand to reap profits by slowly chewing away at a company's network. Instead of an immediate attack, the malicious person or group will often linger in the company's network for months, waiting for an opportune moment to deploy malware. 

When a retailer is breached, the loss can be "incalculable," professional services executive Tom Kellermann told NPR. In addition to the expected hit the breached retailers will take in the stock market, they'll also rack up legal fees as they face a litany of class action lawsuits. One of the breached companies is already facing almost 70 lawsuits stemming from their attack, according to The Wall Street Journal. These lawsuits come from both customers and banks. 

Being proactive through encryption
When you run a business, building trust with clients is imperative for any organization. If your business can earn the trust of its clients, they  they'll come back for more. Getting an SSL certificate can help cement that trust by encrypting your information and protecting it from third-party interference. And in the wake of revelations about NSA spying, the need for encrypting everything has taken center stage.

In a recent talk at the City University of New York, cybersecurity expert Bruce Schneier told the assembled crowd that organizations and individuals can't take security for granted. One solution, he said, is to encrypt everything or risk "an Internet that is vulnerable to all attackers."

With an SSL certificate, data in transit becomes unreadable to all but the intended recipient. When big companies are falling victim to a boy working out of his bedroom, you can never be too careful.

Make sure that your important data is protected in transit with an SSL certificate today. 

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950