[IS&T Security-FYI] SFYI Newsletter, December 3, 2013

Tue Dec 3 12:45:49 EST 2013

In this issue:

1. EVENT: Laptop Tagging & Registration, Wednesday Dec. 4

2. Webinar: Advanced Persistent Threat

3. Why Debit Cards Are Riskier

----------------------------------------------------------------------------------

1. EVENT: Laptop Tagging & Registration, Wednesday Dec. 4

----------------------------------------------------------------------------------

This Wednesday, there is an opportunity to register and tag your laptop:

Where: Stata Student Street (Bldg. 32, Ground level)

When: December 4, 11:00 am - 12:30 pm

Cost: $10 cash only or MIT Cash Object

Just as you might register a bike with the police, you can also register your laptop. Information Services & Technology partners with MIT Police to provide STOP tags for laptops. The tag is affixed to the device, has a unique number, and is registered with a world-wide database.

Sgt. Cheryl Vossmer of the MIT Police says that although a STOP tag is not software that can track a device via GPS or other means, it has been very effective at providing a way for lost or stolen laptops to be returned to their rightful owners.

Read laptop recovery stories here<https://www.stoptheft.com/>.

Learn more about laptop registration at MIT<http://kb.mit.edu/confluence/display/istcontrib/MIT+Police+Laptop+Tagging+and+Registration>.

-----------------------------------------------------

2. Webinar: Advanced Persistent Threat

-----------------------------------------------------

You may have heard of the term “advanced persistent threat” or APT. As wikipedia states<http://en.wikipedia.org/wiki/Advanced_persistent_threat>, “it usually refers to a group, such as a government, with both the capacity and the intent to effectively target a specific entity.” It has evolved our view of cyber intrusions to realize there are people behind actions. The better we understand those people, the better we can prepare and protect ourselves.

APT is a widely used, and widely misunderstood term. Most security professionals have a strong opinion of APT. Here is an article about it in the MIT Technology Review<http://www.technologyreview.com/news/424310/prepare-for-the-advanced-persistent-threat/>.

On Thursday, December 5th, the Center for Internet Security is presenting two security experts in their National Webcast Initiative series, to help us better understand APT, learn what it is, and what it isn’t. The webcast will explore the difference between APT and cyber crime, what the APT adversaries are targeting, and the use of social components for intrusion. To register for free, visit the National Webcast Initiative<http://msisac.cisecurity.org/webcast/2013-12/>.

------------------------------------------

3. Why Debit Cards Are Riskier

------------------------------------------

The recent IS&T article "Tips for Shopping Safely Online<http://ist.mit.edu/news/shop_safe_online>" mentions that using a debit card is riskier for shopping than using a credit card. A colleague wondered how much of this was true, so I decided to do a little bit of research. These are some reasons why:

  *   Payments made with credit cards are charged to the lender, who takes the risk and covers you for fraud. You can make a dispute claim and have the charge removed from your account. You simply decline the charges and don't have to pay the bill. Debit cards are tied directly to a bank account, so payment is almost instant and charges are billed to you, the client, rather than the intermediary credit lender. Disputing a charge can take weeks to clean up, in the meantime leaving less funds in your account than you thought you had.
  *   ATMs, where you withdraw cash from your bank account, are the perfect target for thieves. Outdoor ATMs are especially susceptible: the thieves install a skimming device that reads the magnetic strip on the back of the card, thereby stealing your financial information. Gas station payment machines are another place thieves install skimmers.
  *   Stores are also targets for thieves. In 2009 Heartland Payment Systems<http://www.darkreading.com/attacks-breaches/heartland-struggles-to-measure-extent-of/212901810> discovered thieves had been stealing financial data right from the check-out card payment machines at 175,000 of their merchants, and several years later Michael's was hit<http://online.wsj.com/news/articles/SB10001424052748703730804576319033369439712> in a similar manner.

Of course, using a credit card comes with its own risks, such as interest rates and late fees. You can run up too much debt if you're not careful. But for those of you who are financially responsible, credit cards can also earn you miles or other bonus points and rewards.

View more information about the differences between debit and credit cards at bankrate.com<http://www.bankrate.com/finance/checking/risky-places-swipe-debit-card-1.aspx> and this article on the NY Times<http://www.nytimes.com/2009/01/06/your-money/credit-and-debit-cards/primercards.html>.

=================================================================================

Read all Security FYI Newsletter articles and submit comments online at http://securityfyi.wordpress.com/.

=================================================================================

Monique Yeaton
IT Security Communications Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20131203/382afe20/attachment.htm