The Real Lesson From CardSystems

The sad truth about the CardSystems debacle is that it wasn’t unusual, at least in the delay and obfuscation over reporting it. An AP report in yesterday’s HoustonChronicle says

Most businesses do not report cyber attacks to law enforcement authorities, fearing the disclosure would harm their image and benefit rivals, FBI Director Robert Mueller said Tuesday.

Mueller’s comments were based on an annual survey conducted by the FBI and the private Computer Security Institute that found just 20 percent of businesses reported computer intrusions last year, a figure that has held steady for several years.

The reasons cited most often for keeping the incidents quiet were loss of business to competitors and potential damage to a company’s image.

In other words, don’t tell anyone and you’re fine. The old security through secrecy thang. Hopefully CardSystems will make people aware that’s just not going to cut it anymore.

11. August 2005 by jeremy
Categories: Malware, Phishing, Security | Tags: , , , , , , | Comments Off on The Real Lesson From CardSystems