LogBlog

« Cloud Computing and Log Management | Main | Top 10 Security Predictions for 2010 »

Citibank, Cyber-Goons and SEM

By Lex van den Berghe, LogLogic Customer Evangelist

The Wall Street Journal today broke news with a story detailing an FBI probe into the possible theft of tens of millions of dollars from Citigroup by a Russian gang of cyber-crooks. But what strikes me as odd and controversial isn’t the theft itself or even the growing trend of this kind of crime, but that Citibank and the "government source" are at odds.

What gives? Are we looking at a bit of irresponsible, shoot-from-the-hip reporting by the Wall Street Journal or something else? This story is clearly a big deal – I mean, we’re talking about *tens of millions* of dollars…and the FBI has allegedly gotten involved.

There’s no denying that priority and urgency continues to escalate as cyber-crime transitions from science fiction to hard reality and cyber-crime has become top-of-mind with consumers of all demographics.

According to the WSJ story, the Citibank attack was initially detected over the summer, but reports seem to indicate that the attack may have actually occurred a year earlier. So, how is it that all that cash went <poof!> and we haven’t heard about it until now. Or even stranger, what’s behind Citigroup’s claim that the thefts never occurred and the WSJ’s report is not true. Joe Petro, managing director of Citigroup's Security and Investigative services, said, "We had no breach of the system and there were no losses, no customer losses, no bank losses." He added later: "Any allegation that the FBI is working a case at Citigroup involving tens of millions of losses is just not true." One important thing to note is that Mr. Petro is not in PR, but rather part of Citi’s security arm. This gives his assertions more credibility. (Sorry PR folks).

I’m no conspiracy theorist by nature, but something definitely smells fishy here.

Folks…the truth is out there. And finding it ain’t rocket science. LogLogic’s log management and security event management tools literally record everything as it happens in even the most complex IT environment, leaving a convenient breadcrumb trail behind that anyone can follow. This breadcrumb trail includes every key stroke, file movement, login, breach, etc…like DNA left behind at the scene of a crime. Deploying these tools in your business IT environment is equivalent to installing one of those black boxes, or flight recorders that they put in every airplane.

As a consumer, I’m always relieved to hear that institutions like Citi bear the burden of absorbing financial losses resulting from these sorts of cyber-crimes, and those of us whose accounts have been cleaned out, usually do get our money back. But that’s not enough. I want these cyber-scumbags to pay for their crimes and more important, I want future cybercriminals to think twice before they choose the dark path. If every institution out there that we trust to guard our money or personal information start using the right tools to safeguard these commodities, things might be a bit different.

Posted December 22, 2009 in Security | Permalink

Post a comment

(If you haven’t left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won’t appear on the entry. Thanks for waiting.)

Visit loglogic.com

I ♥ Logs

Subscribe to this blog’s feed RSS

March 2010
Sun Mon Tue Wed Thu Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      
Categories
Archives
Blogroll
Blogroll
Compliance
Good Reading
LogLogic
LogLogic Partners
Sites We Watch