Inside Job?

Heartland Payment Systems said Tuesday that hackers had compromised its computer systems and gained access to customer information related to the roughly 100 million transactions the company processes each month. Although the number of customer records that was compromised hasn't been disclosed yet, this breach is likely to give TJX, who exposed more than 45 million customer credit card numbers to hackers beginning in 2005, a run for its money as the largest breach of credit card data to-date.

The breach, the early signs of which Visa and Mastercard may have identified back in late 2008, was perpetrated using what investigators describe as highly sophiscated malware that specifically targeted Heartland. Since the means by which cyber criminals mounted this attack remain to be seen, it will be interesting to find out if the person or persons responsible were insiders, specifically out to get Heartland, or whether they were working as part of a larger effort.

Although there's no evidence yet this was an inside job, insider threats always pose a serious risk. Never has this risk been more acute than under the current economic conditions. When large groups of employees are fearful about layoffs and other hardships, employers often need to take stock of how they might be exposed if an employee with an axe to grind decided to leave something behind when they leave the company.

A few months ago, the Fortify Security Research Group (SRG) developed a custom rulepack specifically designed to help code auditors look for insider threats in Java web applications. The rulepack is available through Fortify Exchange, which is part of the Premium Content area of the Fortify Customer Portal. Currently, we're testing the rulepack with a group of interested customers to fine tune its detection capabilities and target a broader range of potential attack vectors.

Technorati Tags: insider threat breach credit card data