Businesses aren't doing enough to defend their systems against hackers, like the five men charged Thursday by the Justice Department with conspiring to steal data from corporate databases over a seven-year period, according to a San Diego State MIS professor. The Justice Department characterized the alleged criminal enterprise as the largest of its kind to be prosecuted in the United States.

The defendants, four Russians and a Ukrainian, are said to have stolen more than 160 million card numbers and to have inflicted hundreds of millions of dollars in financial harm to more than a dozen major companies. No audit of said costs or detailed breakdown was provided.

The indictment says that the men used a variety of hacking techniques, including SQL injection attacks, to place malware on networks, thereby obtaining login credentials and credit card numbers, known as "dumps," for sale. It also says that the men used network sniffer programs to capture credit card transaction data in real-time from payment networks. Read full story on InformationWeek


Post a comment to the original version of this story on InformationWeek