Gallery

Welcome to a spamless world?

Posted on 28 Jan 2009 at 16:05

This month, Davey Winder fantasises about killing spam, and pines for some security gadgets he probably won't get for Christmas.

Online retailers are only too aware of the problem of CNP fraud, especially since the success of Chip-and-PIN cards has driven the criminal element to seek easier credit card crime territory than the High Street. As I mentioned above, stolen card data is available for very low prices on the web underground market, and internet retailers are on the receiving end of much of the fraud that these are used to perpetrate. The new card is much the same size as a standard one, but looks very different thanks to a tiny display screen and the embedded keypad. It comes complete with an integrated battery, good for the three-year lifetime of the card, and with that one-time-only code generator of course. It's designed to replace the low-tech security of the CVV code that you'll find on the reverse of your credit cards, and which is requested whenever you buy goods online or over the telephone.

Hopefully, the PIN card will eliminate the need for the hugely annoying Verified by Visa scheme as well. Is it just me who seems to run into problems with this scheme almost every time I use it? From my password not being accepted, to the card-issuing bank refusing the transaction as a result of that password not being accepted (even after a new one has been issued using the standard online process). Anyway, the PIN card combines the physical with the secret: you have to be in possession of the actual card to be able to enter the code, and as long as only you know your PIN then only you and the card can generate a valid code to authenticate the transaction.

Hospital infection

File this one under sad but true: much as I hate to say it, the plain fact of the matter is that when you're admitted to many NHS hospitals these days you can almost expect to get a free gift by way of some virus infection or other, courtesy of poor hygiene, along the way. What you don't expect is for the hospital itself to succumb to a virus infection, but that's

exactly what seems to have happened to three famous London hospitals: St Bartholomew's, the Royal London and the London Chest, all part of the Barts and London Hospital Trust. According to a statement issued by the trust, a computer virus infected its networks and caused the major incident emergency procedures to kick in as the servers went down. Operating theatres and outpatient departments remained operational throughout, but ambulances were diverted to other hospitals, for example.

This just goes to show the value of having a contingency plan in your security equation, to cover your back when things do go wrong, and it applies just as well to a small business as it does a vast enterprise such as an NHS Trust. If your computer goes kaput and you haven't backed up your data and that data includes, say, your quarterly accounts, then you're drifting up the proverbial creek in a chicken-wire coracle without a paddle.

What this incident doesn't serve to illustrate is how to protect yourself properly in the first place, and quite frankly I'm shocked that an organisation such as this, with such a mission-critical function, should succumb to something as well-known as the Mytob worm, which my contacts tell me was the most likely to have infected the Barts network. Have these people not heard of antivirus software, nor the need to keep it properly updated?

Download a year of Davey Winder's Online Security columns by heading to our Free Downloads site