Welcome!

Cloud Security Authors: Pat Romanski, Derek Weeks, Liz McMillan, Carmen Gonzalez, Aruna Ravichandran

Related Topics: Cloud Security, Java IoT, Linux Containers, Containers Expo Blog, @CloudExpo

Cloud Security: Blog Feed Post

So Where Do We Go from Here?

If you are who you say you are

I’ve been traveling the last few weeks shooting some videos for VMware PEX and RSA. When that happens, my browser tabs get crowded with the various stories I’m interested in but will read later. This time they all seemed to hover around Identity Theft. When I got home, in my awaiting physical mail was a letter from Target. I also returned something to a national hardware store and the cashier tried to crumple my credit-card-info-having receipt into a trash can. Kismet.

Let’s take a look…

The FTC recently announced that Identity Theft is the #1 complaint in 2013, for the 14th consecutive year. Is that a record? While down slightly from 2012, it still accounted for 14% of the 2 million overall complaints. This is down from 18% in 2012. Florida, followed by Georgia and California were the worst hit states for ID theft. The IRS has also named Identity Theft as their #1 Dirty Dozen Tax scam for 2014.

Speaking of California, 7.5 million of the over 110 million breached Target accounts were Californians. California is one of the few states that require disclosure when more than 500 accounts are compromised. The first year California required reports, 2012, there were 131 breaches reported…in 2013 that rose to 170. The other interesting thing about California breaches is that many target smaller companies. In 2012, half of the reported breaches came from companies with fewer than 2500 employees and almost a third were businesses with less than 250 employees. Being small and relatively unknown is no shield.

Also in Southern California, the Feds busted a couple guys running a Tijuana-based identity theft ring. These dudes broke into a U.S. based mortgage broker’s servers and siphoned off mortgage applications which included most of the borrower’s personal info: name, birthday, SSN, DL number, tax info, the works. They then used that info to open credit lines and, with the info they had, were able to change access to the people’s brokerage accounts. From there, transferring money to other accounts was a snap. From Dec 2012 thru June 2013 they stole personal data on 4200 individuals.

Javelin Strategy and Research released their annual 2014 Identity Fraud Study stating that in 2013, a new instance of identity fraud occurred every 2 seconds. 1 Mississippi, 2 Mississippi. Another. There was 13.1 million identity fraud victims on 2013. While the people number is going up, the actual money stolen, according to Javelin, in going down. They estimated that the total cost of identity fraud in 2013 to be around $18 billion, more than $3 billion less than 2012. 2004 holds the record at $48 billion. Attackers are now focusing on opening new accounts rather than piggy backing existing credit cards. Account take-over’s, particularly for utilities and mobile phones are the new free-bees. Most of the stolen info appears to be from corporate breaches and about 1/3 of those who receive a breach letter actually becomes a theft victim. Your debit card also seems more valuable than your social security number. 46% of consumers with breached debit cards became victims verses only 16% of breached SSNs.

And in an interesting twist, the top complaint against debt collectors is mistaken identity. Trying to collect a debt from the wrong person was by far, the most common complaint to the Consumer Financial Protection Bureau (CFPB). I know this all too well since over the last 3+ years, we’ve been getting debt collection calls looking for a certain person. We tell them that we’ve had our phone number for years and stop calling. Few months go by, the debt gets sold to another collector and we get calls again. It got so bad that this person’s own mother called to tell her son that the dad was in the hospital and probably wouldn’t make it. About 2 weeks later we got a call from another family member looking to talk about the father’s death. This guy was running from debt so much so, that his own mother couldn’t get a hold of him when dad was on his death bed. Now that’s bad.

So where do we go from here? Will we all need that personal chip installed on our left earlobe to verify identity? The payment terminal says, ‘Please listen for verification.’ Riff-raff will then be all like, ‘Oh, listen to this cool song,’ as they plug the bud into your ear only to suck the data off your PID chip. You didn’t hear? That’s our IPv6 Personal Identity Chip inserted into every newborn starting in 2025.

Oh, it will happen.

ps

Related:

 

Read the original blog entry...

More Stories By Peter Silva

Peter is an F5 evangelist for security, IoT, mobile and core. His background in theatre brings the slightly theatrical and fairly technical together to cover training, writing, speaking, along with overall product evangelism for F5. He's also produced over 350 videos and recorded over 50 audio whitepapers. After working in Professional Theatre for 10 years, Peter decided to change careers. Starting out with a small VAR selling Netopia routers and the Instant Internet box, he soon became one of the first six Internet Specialists for AT&T managing customers on the original ATT WorldNet network.

Now having his Telco background he moved to Verio to focus on access, IP security along with web hosting. After losing a deal to Exodus Communications (now Savvis) for technical reasons, the customer still wanted Peter as their local SE contact so Exodus made him an offer he couldn’t refuse. As only the third person hired in the Midwest, he helped Exodus grow from an executive suite to two enormous datacenters in the Chicago land area working with such customers as Ticketmaster, Rolling Stone, uBid, Orbitz, Best Buy and others.

Writer, speaker and Video Host, he's also been in such plays as The Glass Menagerie, All’s Well That Ends Well, Cinderella and others.

@ThingsExpo Stories
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, explored the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences between wh...
"Tintri was started in 2008 with the express purpose of building a storage appliance that is ideal for virtualized environments. We support a lot of different hypervisor platforms from VMware to OpenStack to Hyper-V," explained Dan Florea, Director of Product Management at Tintri, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
The security needs of IoT environments require a strong, proven approach to maintain security, trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vic...
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
Big Data, cloud, analytics, contextual information, wearable tech, sensors, mobility, and WebRTC: together, these advances have created a perfect storm of technologies that are disrupting and transforming classic communications models and ecosystems. In his session at @ThingsExpo, Erik Perotti, Senior Manager of New Ventures on Plantronics’ Innovation team, provided an overview of this technological shift, including associated business and consumer communications impacts, and opportunities it m...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, discussed the importance of WebRTC and how it enables companies to focus o...
Big Data engines are powering a lot of service businesses right now. Data is collected from users from wearable technologies, web behaviors, purchase behavior as well as several arbitrary data points we’d never think of. The demand for faster and bigger engines to crunch and serve up the data to services is growing exponentially. You see a LOT of correlation between “Cloud” and “Big Data” but on Big Data and “Hybrid,” where hybrid hosting is the sanest approach to the Big Data Infrastructure pro...
In his General Session at 16th Cloud Expo, David Shacochis, host of The Hybrid IT Files podcast and Vice President at CenturyLink, investigated three key trends of the “gigabit economy" though the story of a Fortune 500 communications company in transformation. Narrating how multi-modal hybrid IT, service automation, and agile delivery all intersect, he will cover the role of storytelling and empathy in achieving strategic alignment between the enterprise and its information technology.
Buzzword alert: Microservices and IoT at a DevOps conference? What could possibly go wrong? In this Power Panel at DevOps Summit, moderated by Jason Bloomberg, the leading expert on architecting agility for the enterprise and president of Intellyx, panelists peeled away the buzz and discuss the important architectural principles behind implementing IoT solutions for the enterprise. As remote IoT devices and sensors become increasingly intelligent, they become part of our distributed cloud enviro...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
"LinearHub provides smart video conferencing, which is the Roundee service, and we archive all the video conferences and we also provide the transcript," stated Sunghyuk Kim, CEO of LinearHub, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Things are changing so quickly in IoT that it would take a wizard to predict which ecosystem will gain the most traction. In order for IoT to reach its potential, smart devices must be able to work together. Today, there are a slew of interoperability standards being promoted by big names to make this happen: HomeKit, Brillo and Alljoyn. In his session at @ThingsExpo, Adam Justice, vice president and general manager of Grid Connect, will review what happens when smart devices don’t work togethe...
"There's a growing demand from users for things to be faster. When you think about all the transactions or interactions users will have with your product and everything that is between those transactions and interactions - what drives us at Catchpoint Systems is the idea to measure that and to analyze it," explained Leo Vasiliou, Director of Web Performance Engineering at Catchpoint Systems, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York Ci...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
Discover top technologies and tools all under one roof at April 24–28, 2017, at the Westin San Diego in San Diego, CA. Explore the Mobile Dev + Test and IoT Dev + Test Expo and enjoy all of these unique opportunities: The latest solutions, technologies, and tools in mobile or IoT software development and testing. Meet one-on-one with representatives from some of today's most innovative organizations
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in Embedded and IoT solutions, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 7-9, 2017, at the Javits Center in New York City, NY. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology, is a premier provider of advanced server Building Block Solutions® for Data Center, Cloud Computing, Enterprise IT, Hadoop/Big Data, HPC and E...
SYS-CON Events announced today that Linux Academy, the foremost online Linux and cloud training platform and community, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Linux Academy was founded on the belief that providing high-quality, in-depth training should be available at an affordable price. Industry leaders in quality training, provided services, and student certification passes, its goal is to c...
WebRTC is the future of browser-to-browser communications, and continues to make inroads into the traditional, difficult, plug-in web communications world. The 6th WebRTC Summit continues our tradition of delivering the latest and greatest presentations within the world of WebRTC. Topics include voice calling, video chat, P2P file sharing, and use cases that have already leveraged the power and convenience of WebRTC.