Quantcast

Utah businesses told thieves stealing data at will

Published September 23, 2010 8:51 am

Crime • Sophisticated operations defeat defenses protecting credit card information.
This is an archived article that was published on sltrib.com in 2010, and information in the article may be outdated. It is provided only for personal research purposes and may not be reprinted.

In the area of cybercrime, it's the criminals who are winning.

That was the message Wednesday to a group of business representatives gathered in West Valley City to exchange information about criminal activity, including the exploding rise in the harvesting of credit card and other data used to steal money from consumers and businesses.

Organized crime enterprises, mostly from foreign countries, have the time and the money to defeat nearly every protection businesses have put in place on credit card transactions, said Chris Mark, an executive vice president at ProPay, a Lehi company that provides payment services to businesses.

"The criminals are absolutely ripping us to shreds," said Mark, one of the featured speakers at an FBI-sponsored meeting at the Maverik Center. "We're not even slowing them down."

The standards and regulations for merchants accepting credit cards often are easily defeated by sophisticated criminals often working out of Eastern Europe, who employ skillful hackers, he said. Criminal investigations and lawsuits are time-consuming and often ineffective.

"We're losing the battle," Mark said. "That's the reality of it."

Credit cards and other data are openly for sale on the Internet, he said. One site even guaranteed its products. "If you bought cards and they didn't work, they'd overnight new ones to you."

Mark spoke to a meeting of the local chapter of InfraGard, an FBI program that began in Cleveland in 1996 and spread nationwide. Under InfraGard, businesses meet with federal and local agencies to share information about criminals or terror threats.

Mark's dire warnings prompted Jim McTighe, the FBI special agent in charge of the Salt Lake City office, to say: "Frankly, I think my days of online banking are over."

Local business representatives at Wednesday's session were told that one solution would be for merchants to contract with specialized companies to process credit card information and guard that data. Even those companies remain under constant cyberattack.

Michael Kennedy, president of the Utah InfraGard chapter, said he witnessed an extortion attempt at ProPay, where he formerly was director of information technology. A Baltics-based criminal organization demanded $10,000 to protect the company from an attack, he said in an interview.

The company went to the FBI and received information about those behind the attack, which was ultimately unsuccessful. Kennedy, now a consultant, said the experience led him to join InfraGard.

"Somebody else who was a member of InfraGard would see details" of that attack," Kennedy said. "They wouldn't see it's ProPay being impacted, but they would see this target is in this particular area, and if you happen to have an e-commerce type of business structure, you're at risk."

About 400 businesses in Utah are members of InfraGard.

tharvey@sltrib.com

To get help

O For more information or to join InfraGard, go to http://www.infragard.net.