Russian Hack Attack Raises IID Eyebrows
A Christmas Day attack on a large Russian payment processor over there can indicate trouble on the way over here.
That's according to the fourth-quarter 2010 e-crime report just issued by Internet Identity (IID), a Tacoma, Wash.-provider of online security services to financial institutions and other e-commerce enterprises.
The company said cyber fraudsters hacked the Internet domain of ChronoPay on Dec. 25 and 26, a domain name server attack that re-directed users to a bogus site and collected approximately 800 credit card numbers from customers.
IID's president and chief technology officer, Rod Rasmussen, said that in addition to credit card and other account information, such attacks can net corporate e-mail, financial transactions and other sensitive data and result in serious loss of reputation and non-compliance penalties for the company involved if it occurred in the U.S.
"While we've been warning for years that DNS hijackings could result in financial disaster, we hadn't seen such a well-planned and successful attack of this nature until this incident," Rasmussen said.
The report also noted a holiday season spike in phishing attacks on e-commerce companies globally, up 13% from the previous quarter and 14% from the year-ago quarter.