Thinking About Security ROI From The Thief's Perspective

Retail IT execs have always been very good at making risk-based security budget decisions. They know how to calculate the probability of a certain attack method being used against them, its chances for success and the likely cost to the chain if it succeeds. And they know how to use that information as a way to negotiate with the CFO's people to justify security investments. Security return-on-investment (ROI) arguments are old hat when dealing with black hats and bean counters.

But what about looking at the security ROI challenge from the cyberthief's perspective? That means examining the techniques and seeing which delivers the best value for the profit-oriented criminal. A good example of this approach is differential power analysis (DPA) and Chip-and-PIN payment cards.

DPA, which essentially examines microprocessor power level changes and tries to figure out authorization codes from the subtle power changes, has been found to be effective against Chip-and-PIN cards, especially older ones. But the cost—in terms of equipment, time and specialized skill—to capture one card's data is too high to make it profitable, given that most profitable card data theft operations need to steal more than a million cards.

In other words, it's not necessarily enough to determine whether you're at risk of a successful attack. You also need to project whether it's profitable enough for a professional thief to bother with.

One cryptographer, who works for a major retailer's security operation, summarized his view of the challenge (anonymously, of course).

"DPA is a known attack vector, and researchers have demonstrated its validity in the lab. That means a well-funded criminal group could duplicate the attack. But today DPA works on one chip at a time, and it requires laboratory equipment and a very skilled researcher a long time to successfully recover a key. It's not an attack that can be done with a skimmer in the back of a restaurant," the retail security cryptographer said. "So the problem is, what value can be derived from an attack on a specific card? What secret keys can be recovered? If it's just the account holder's private key at risk, the criminals won't be able to afford an attack. If you stole my wallet, I'll report the theft long before you could recover my key. Even if you automated the attack and analysis, and shrunk the gear to a single laptop, it still takes many thousands of iterations to recover the data, and those iterations take time. It's not an instant-break method."

In short, why would a self-respecting cyberthief bother? "Today, I see much more practical attacks on the EMV protocols than on the chips. The offline reader spoofing and man-in-the-middle attacks are already demonstrated attacks on the current EMV systems. Fraudulent readers or spy cameras could still skim PINs in the anticipation of stealing the physical cards," said the cryptographer. "Malware could infect POS terminals to redirect payments to criminal third parties. And there's still the loophole of legacy mag-stripes on current smartcards being exploited in non-smartcard locations."

Ahhh, but security ROI matters are rarely so black and white. Benjamin Jun, VP of technology at Cryptography Research, argues that the DPA target has morphed, making the ROI equation much more complex.

In a recent change, almost all Chip-and-PIN cards today (Jun estimates it at "more than 95 percent") have built-in countermeasures to make the thief's ROI even more challenging, truly making the card attacks quite useless and impractical. But it's an entirely different story for the card terminal, where countermeasures are very scarce, and Jun couldn't (wouldn't?) name a single terminal vendor whose systems are protected against DPA attacks.

Jun sees the terminal as a much more dangerous entry point than the card, and for two distinct reasons. First, access to the terminal will discover many cards in a day, although not nearly the numbers that a cyberthief ring would need. But the second reason addresses that issue: terminal access is an excellent way to access the backend database on the central servers. And that, as cyberthief ringleader Albert Gonzalez knows well, is the Holy Grail of card data.

"DPA is effective because you're eavesdropping silicon as it actually works," Jun said, adding that terminal access can allow the thief "to masquerade as the terminal and then eavesdrop on communication with the server, which could be used as an infiltration point. Then you can vacuum clean card information as it's communicated to the server."

Getting the access to the power levels is often not difficult; finding and opening a shopping mall's phone closet can be straightforward, especially if the thieves bother renting the proper uniforms.

How many retailers are even demanding terminals be protected against DPA attacks, let alone feature adequate countermeasures? Until terminal vendors start routinely seeing such demands on retail requests for proposals (RFPs), this problem will likely only be addressed after some major breaches. Thus far, none have been reported.

Is it better to wait for those breaches or start modifying your standard terminal RFPs?