Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cybercriminals shift focus to bank employees

Taylor Armerding | Sept. 21, 2012
Security experts say fighting financial breaches will take both training and technology

The potential damage from stolen credentials is obvious. With that information - especially if they have the credentials of more than one employee -- criminals can access the accounts of any customer. The FBI did not name any specific banks, but said that "small-to-medium sized banks or credit unions have been targeted in most of the reported incidents..."

However, the agency did say a few large banks have also been affected. In those cases, the criminals were able to conduct unauthorized wire transfers overseas. The FBI said the amounts have ranged between $400,000 and $900,000. And in at least one case, "the actor(s) raised the wire transfer limit on the customer's account to allow for a larger transfer."

But the damage goes beyond monetary. It is one thing for a customer to be hacked or fall for a malware scam, but Tubin said it was "totally different" for a financial institution itself to be compromised. "The damage to the reputation of a large institution could be devastating. That's the last thing a bank needs is to be compromised."

No matter how good the technology, the FBI recommends a number of basic precautions that financial enterprises should take. Among them: Remind employees not to open attachments or click on links in unsolicited emails; do not allow employees to access the Internet freely, or personal or work emails on the same computers used to initiate payments; do not allow employees to access administrative accounts from home computers or laptops connected to home networks; and ensure employees do not leave USB tokens in computers used to connect to payment systems.

Financial institutions should also monitor employee logins that occur outside of normal business hours; implement time-of-day login restrictions for the employee accounts with (access to payment systems; and restrict access to wire transfer limit settings, the FBI said.

Roger Thompson, chief emerging threats researcher at ICSA Labs, doesn't debate training vs. technology. He says both are critical: "The best way to do security is think Swiss cheese. Any given layer has lots of holes in it, but if you arrange your cheese slices in layers, they cover up each other's holes. In other words, no one layer has to be anywhere near perfect, provided there are enough layers."


Previous Page  1  2 

Sign up for Computerworld eNewsletters.