Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity | 
 enlarge | Authors: Byron Acohido, Jon Swartz
Publisher: Union Square Press
Category: Book
List Price: $19.95
Buy New: $10.50
You Save: $9.45 (47%)
New (27) Used (19) Collectible (1) from $7.95
Avg. Customer Rating:  15 reviews
Sales Rank: 278723
Media: Hardcover
Number Of Items: 1
Pages: 304
Shipping Weight (lbs): 1.4
Dimensions (in): 9.1 x 6.2 x 1.2
ISBN: 140275695X
Dewey Decimal Number: 364
EAN: 9781402756955
ASIN: 140275695X
Publication Date: April 1, 2008
Availability: Usually ships in 1-2 business days
|
| Editorial Reviews:
Product Description
“If you bank or manage your stocks online, you have to read this book. Cyberspace is making all sorts of things possible. Unfortunately, among them are fraud, theft, and espionage—all of which can directly impact you.”--Richard Clarke, noted counterterrorism expert and bestselling author of Against All Enemies
A white-collar true-crime story, Zero Day Threat is a powerful investigative expose on bank and lending policies that actually facilitate ID theft and fraud. USA Today reporters Acohido and Swartz reveal the many ways that established corporations and technology giants (including Bank of America, Microsoft, and Google) have fixated on the Internet to maximize their profits, heedless of increased risks to customers. While examining the exploding range of hidden Internet hazards, they reveal the ways in which cyber crooks nab identity data--such as Dumpster diving for bountiful paper trash that offers account user names, passwords and Social Security numbers--and then exploit that information through channels opened up by careless corporate policies.
Using real-life examples of those who have endured the nightmare of a stolen identity, Zero Day Threat organizes its narrative around three central archetypes: - The Exploiters: The drug addicts, scam artists, and crime lords who carry out the gritty aspects of data theft and financial fraud;
- The Enablers: The credit card companies, banks, and credit bureaus who broker data;
- The Expediters: The technology experts running the gamut from good guys like Bill Gates to the devious virus writers and database hackers always on the alert for fresh flaws.
Intended not merely to alarm, but to illuminate, Zero Day Threat exposes how lawbreakers do their dirty work, and how corporations help them do it.
|
| Customer Reviews: Read 10 more reviews...
 Shows why identity theft is so easy to do August 27, 2008
9 out of 9 found this review helpful
Zero Day Threat: the Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity is an interesting and eye-opening look at how banks and credit card companies make ID theft and fraud rather elementary. But with all that, this book must be read in the larger context of how today's society deals with, and is often oblivious to risk. When is comes to risk, American society tolerates tens of thousands of drunk-driving deaths, gives millions in federal tobacco subsidies, and is oblivious about near-epidemics such as heart disease, obesity, and diabetes. With all that, it is doubtful that the myriad horror stories Zero Day Threat details will persuade Congress or the other players to do anything to curtail the problem with identity theft and internet fraud.
The internet and web have indeed revolutionized society, and there is hardly an industry that has not been positively affected by the net. On the down side, the net is the new conduit for criminals. For example, in the few years before the web became ubiquitous, U.S. and international law enforcement nearly had a noose around the child pornography industry and brought it to a near standstill. After the web, authorities have given up hope that child pornography can ever be contained.
Similarly, white-collar crime and fraud has been exacerbated by the net. Zero Day Threat details the various loopholes that criminals use to carry out their attacks and crimes. Each of the book's 18 chapters is divided into 3 section, exploiters -- which details how the crime lords and their teams carry out the crimes, enablers -- which details the history and current practices of credit card companies, banks, credit bureaus, and data brokers, and expediters -- which recounts how technology and technologies enable these crimes. I found that the breaking up of the chapters into such triplets is occasionally confusing, and you are left wondering what story you are in.
The book is based on the premise that the payment industry, namely the credit card companies, banks, credit bureaus and data brokers have created an infrastructure that is pliable, nearly endlessly extendable, but paper-thin when it comes to security. The system is built for ease of access, ease of granting credit, but without a robust security infrastructure or privacy controls.
Consider that the PCI Security Standards Council was not created until late 2004, and that will give you an idea how security is anathema to the industry. The outgrowth of PCI is the PCI Data Security Standard which is the first uniformly created set of comprehensive security requirements for enhancing payment account data security. While the industry debates the efficacy of PCI, attackers are busy at work running innumerable fraudulent schemes.
The authors paint an honest appraisal of the lack of security in the industry and have their facts in order, although an occasional hyperbole does creep in, for instance when the authors repeatedly state that the hackers in question went weeks without sleep. But a huge error is where they state in chapter 11 that PCI is controversial, with some merchants complaining that it is too costly to implement. There is nothing controversial about PCI, and the security controls it requires are sorely needed. While merchants express their discontent about security and its associated costs, attackers steal from underneath them. The quicker the merchants get that they needed security, the quicker the attacks will stop. But as the book shows, that will not happen anytime soon.
Part of the reason why identity theft will not go away anytime soon is similar to the problem in the air traffic control industry, as detailed in Terminal Chaos: Why U.S. Air Travel Is Broken and How to Fix It. There are too many players in the game, all of which focus on their own interests, and no one wants to take responsibility for the problem. The fact that the Social Security number (SSN) is still used as a key personal identifier, combined with the ease at which an individual 's SSN can be obtained and misused should be enough to give anyone pause.
The primary purpose of a SSN has been to track individuals for taxation purposes. But in the last decade, the SSN has become a de facto national identification number. When established in the 1930s, the Social Security Administration meant for the SSN to be used as a way to track a person's earnings for Social Security benefits. Despite its narrowly intended purpose, the SSN is now used more for non-Social Security purposes, than for the reason it was created. Today, SSNs are used for identity verification, and are the de facto identifier for the credit and financial services industry. With SSNs being aggregated by the millions, they are the fodder for the stories in the book.
Book such as Silent Spring, which helped launch the environmental movement, and The Jungle, which exposed the corruption of the American meatpacking industry, were watershed books that changed America. While Zero Day Threat is not in the same category as either of these books, it is highly unlikely that the level of outrage it will create will be much, nor the indignation significant. Because as bad as identity theft is, and as much grief as it causes, there are far too many politicians, powerful companies, lobbyists and more that are in the way of any change.
Nonetheless, Zero Day is a most interesting look at the many players that work together to facilitate the countless identity theft rings. The book is an absorbing look at the many international players and their enablers involved. While identity theft is not going away anytime soon, Zero Day Threat details the problem, and shows what you can do to ensure that you are not a victim.
An excellent book highlighting the "dark side" of IT August 15, 2008
3 out of 3 found this review helpful
This book is an excellent quick read, with stories and information that will draw you in until you finish the book, and then scare the pants off you to the point that you never want to make another online purchase again.
The authors break each chapter up into three unique pieces which cover the topic for that chapter from three different angles. Being in the IT security field I am always interested to here compelling true stores on security breaches and security incidents. These stories were by no means a letdown to those interests. I was completely astonished to find how integrated the identity theft trade was with methamphetamine use and abuse. In addition, the book also does an excellent job of detailing out how banks and credit reporting agencies do and/or don't work with you if your identity does happen to become stolen.
I would highly recommend this book to every information security professional; online shopper; individual interested in the roots of phishing, computer viruses, and identity theft; and anyone responsible for the well being of a business, organization and/or its employees.
Zero Day Threat June 10, 2008
6 out of 6 found this review helpful
Excellent book re: the international scope of identity theft. From thief to enabler, the authors follow the chain of criminals from start to finish. You'll never feel as secure as you did before you read this book.
A practical road mad to safe computing June 5, 2008
4 out of 4 found this review helpful
I highly recommend Zero Day Threat by Pulitzer Prize winner Byron Acohido and Jon Swartz. This is a must read for anyone who currently uses or contemplates using the internet. Ignoring the information in this exceptional book is like journeying to a foreign land without speaking the language or carrying a GPS. The risk may be as great as walking down a dark alley with all your earthly goods exposed to any predators waiting for an easy target. The book is interesting, informative and full of good advice. Not only will you understand why the internet has become a huge risk - you will learn how the organizations that you thought would protect you actually put you at risk! The book is loaded with practical recommendations that you can put into use right now that will help you practice safe computing and guard your identity and credit. Don't close the barn door after the crooks have escaped with your horse. Read this book now and avoid spending hundreds of hours, frustration and your money to fix a problem you could avoid. Better safe than sorry - and this is just the insurance you need.
Informative May 16, 2008
2 out of 4 found this review helpful
The book has good facts on latest threats on cyberspace.
I admire the author's plot setting in how he tried to combine a real
life scenarios from a informative story line.
As a point of improvement, it would be great if he invested more on a more exciting story, so that an avid reader wont get sleepy in the middle of the book.
|
|
|
