It’s getting to be a weekly occurrence – some big cybersecurity news that exposes the weak links in our infrastructure while raising new consumer fears about privacy and data breaches. The latest incident involves Atlanta residents mixed up in a $100 million insider trading scheme that involved hacked corporate documents. When it comes to consumer-based fraud, some possible solutions exist, but American companies seem to be dragging their feet. GPB’s Bradley George talks with science and technology reporter Renay San Miguel.

· Four Atlantans are among 9 people charged this week by federal authorities with what’s being called the biggest insider trading and cyberhacking fraud scheme ever seen. When you combine those criminal charges with some civil charges brought against other traders and businesses, we’re talking $100 million in illegal profits. What was the exact nature of the scam?

It was insider trading for the 21st century. In the old days, by which I mean the 1990s, if you were working inside a company and had inside knowledge of some big, confidential news, and wanted to illegally profit from it, you made some secret phone calls and sold or bought stock knowing that you would profit from whatever happened to that stock when the news broke. I covered an insider trading case in the late 90s when I was working for a business news network, and that one involved New York-based organized crime, with characters right out of Central Casting. In this case, the bad guys weren’t just unethical traders in the U.S. and overseas; they were hackers based in the Ukraine, the eastern European organized cybercriminals we hear so much about now, who broke into the networks of financial press release distributors Business Wire, PR NewsWire and MarketWired. They got access to news releases that were not ready for distribution, and that information was passed along to the traders who acted on that via shell companies, and got a cut of whatever profits their illegal trades made. In the case of the criminal indictments, these guys captured $30 million in illegal profits. In the civil cases you mentioned, it was $100 million.

·This is the first time that insider traders have teamed up with cybercrooks for this kind of fraud, according to U.S. attorneys. The fact that this went on for five years should raise some eyebrows, right?

It should. We’re talking more than 150,000 confidential press releases that were hacked between 2010 and this year. But it also shouldn’t be too much of a surprise since the feds and private security experts have been warning anyone who would listen that corporate networks and even government-run ones are vulnerable. Heck, we just had Secretary of State John Kerry admit during a TV interview this week that Russian and Chinese hackers were probably reading his emails. The evidence is kind of piling up that corporations and governments are constantly under attack from hackers working for organized crime and certain governments. The Obama administration is trying to come up with some strategies for playing offense and defense, but it always seems as if events are overtaking those efforts. You know, there’s a novel that just came out called Ghost Fleet that imagines the next world war as one that has a big cybersecurity and hacking component, with the Chinese and Russians as the bad guys. If we’re not careful, it could soon read more like nonfiction than fiction.

·That’s cybersecurity on the big national and corporate stage, but for us consumers, it’s always the threat of credit card fraud, which is now costing this country about $8-point-6 billion dollars a year. There is one technology-based solution involving what’s actually inside your cards, but certain deadlines to implement that technology aren’t being met yet.

And that’s according to a recent report from TSYS, a Columbus, Georgia-based card processing company. It involves chip and pin technology, where an embedded microprocessor holds the financial data that is now obtained through the magnetic stripe on the back of your credit card. That chip, plus a personal identification code that has to be input when you use the card, are supposed to provide an extra layer of protection, because the chip issues a one-time-only encrypted code for your payment information. Chip and pin cards became the standard in Europe and Canada four years ago, and they’ve seen a decrease in card fraud there, as much as a 75 percent drop in the U.K. After the credit card based cyberhacks that hit Target and Home Depot in the past two years, the U.S. payments industry has been given until October of this year by both Visa and MasterCard to make the switch, both with banks issuing cards and with retailers installing special readers and payment stations that can read the chip and pin cards. But TSYS says as of August, only 60 percent of such point-of-sale locations will be ready.

Tags: sci-tech now, hacking, TSYS