According to Attorney General Michael Mukasey, no number can be given to quantify the amount of losses. And yet, the attacks were apparently simple:
[US Attorney] Sullivan said the alleged thieves weren’t computer geniuses, just opportunists who used a technique called “wardriving,” which involved cruising through different areas with a laptop and looking for accessible wireless Internet signals. Once they located a vulnerable network, they installed so-called “sniffer programs” that captured credit and debit card numbers as they moved through a retailer’s processing networks.
The information was stored on two servers in Ukraine and Latvia — one with more than 25 million credit and debit card numbers and another with more than 16 million numbers, Sullivan said.
Homeland Security Secretary Chertoff is quoted in the article stating that an identity is “each individual’s greatest asset”. He alleged this “demonstrated the weaknesses of cybersecurity in the US”.
I guess he is not paid to speculate about other countries, but surely this is a world=wide weakness. Perhaps he is referring to the investigation tactics used in the US and some particular issues:
Gonzalez was a U.S. Secret Service informant who helped the agency take over a Web site being used to transmit stolen identifiers and stolen credit card numbers, U.S. Secret Service Director Mark Sullivan said at the news conference.
“That was the first time ever that a computer system was wiretapped,” he said.
But he said the Secret Service later found out that Gonzalez had also been feeding criminals information about ongoing investigations — even warning off at least one person.
“Obviously, we weren’t happy that a person working for us as an informant was double-dealing,” Mark Sullivan said.
Well, at least they caught him.