Targeted attacks represent the biggest IT security threat to companies, a senior Gartner analyst warned today. 

Vic Wheatman, managing vice president for Gartner US, told vnunet.com at the Gartner IT Security Summit in London that criminals are going after databases of customer names, addresses and dates of birth and then selling them on the open market. 

Cyber-crime has become so sophisticated that criminals do not even need to hack into corporate systems to steal information, according to Wheatman.

"The bad guys have got so smart they are able to sell valid credit card numbers and the authentication numbers before the credit card companies actually issue those numbers," he said.

"There is an algorithm associated with the validation number so you can sort of guess what the credit card number's going to be by looking at the credit card. American Express would be 3714 [for example].

"Then there is an algorithm associated with the rest of the number that becomes the validation number."

Identity theft is also becoming a big issue, although Wheatman warned that the level of reported incidents may not reflect the true numbers.

"There has been a lot of identity theft, or potential identify theft. Some people think they've been affected and maybe they were. They see something going on, but a lot of times they're wrong," he said.

"They see an account that they don't recognise but it may just be they did business with someone and they're using a different name to process the credit cards. But certainly there's been a lot of identity theft. It's become a big issue."