The Bankwatch

Tracking the consumer evolution of financial services

Archive for the ‘Security’ Category

China’s ambitions extend to crippling an enemy’s financial, military and communications capabilities

Military intelligence is not normally for this blog, there is an undercurrent in this new military front, that is directly aimed at Banks and financial services. No doubt our side is developing those same capabilities, but the prospect of being pawns, and the customer disruption prospect is real.  All the more reason, for Banks to develop multiple channels, and have a mobile strategy, that might be their main customer contact point in a crisis.

“China’s ambitions extend to crippling an enemy’s financial, military and communications capabilities early in a conflict”

The extent of the work in this area is astonishing, and this article provides the background.

China’s cyber army is preparing to march on America, says Pentagon – Times Online

The blueprint for such an assault, drawn up by two hackers working for the People’s Liberation Army (PLA), is part of an aggressive push by Beijing to achieve “electronic dominance” over each of its global rivals by 2050, particularly the US, Britain, Russia and South Korea.

The impact is real, as Estonia found out earlier this year.

In February a massive cyber attack on Estonia by Russian hackers demonstrated how potentially catastrophic a preemptive strike could be on a developed nation. Pro-Russian hackers attacked numerous sites to protest against the controversial removal in Estonia of a Russian memorial to victims of the Second World War. The attacks brought down government websites, a major bank and telephone networks.

Technorati Tags: ,

Written by Colin Henderson

September 8, 2007 at 11:31

HSBC investigates ‘out of band’ authentication for Web users

I applaud HSBC and Abbey National for not being lemmings on the European push to chip and pin for online banking.  Its actually not just Europe, with some Canadian examples I am familiar with thinking the same way. 

Finextra: HSBC investigates ‘out of band’ authentication for Web users

HSBC and Abbey have so far opted-out of the national banking industry push to supply online account holders with Chip and PIN-style home banking technology. Such systems are considered vulnerable to man-in-middle attacks and require the consumer to carry a personal card reader at all times.

Written by Colin Henderson

September 7, 2007 at 20:35

Unparalleled onslaught against online banking taking place

In what is described as an unparalleled onslaught against online banking, criminals are attacking Italian web sites, in an effort to steal online banking identities.

Trojan attacks are not new, but experts say the scale of the latest onslaught is unparalleled, as is its focus on established websites to steal banking identities.

“This is a paradigm shift. We can expect to see this kind of thing being replicated now for the next five or six months,” said David Perry, a director of another west coast web security firm, Trend Micro.

Source: Guardian

The attacks involve downloading a keylogger onto customers computers.

Using an attack tool kit available for £350 on the internet from Russia, the attackers implanted codes that download a “keylogger” onto the computer of anyone opening up those sites. The keylogger allows the hackers to monitor any activity on the infected machine

Technorati tags:

Written by Colin Henderson

July 1, 2007 at 08:01

Posted in Security

Lloyds breaks one of the taboos of Banking

Lloyds admits one of the secrets no-one wants to talk about. Most fraud and stealing occurs from employees and internal sources.

The bank has bought a new generation of super-smart computer software that will enable it to keep better tabs on its 67,000 staff. The computer program will monitor 75 million transactions a day by branch and call-centre staff in an attempt to identify suspicious patterns and nail the culprits.

Source: The Times

In particular, the matter of criminal gangs integrating into call centres is a fact of today, and Lloyds are choosing to go public with their efforts to combat those gangs.

In banks, insiders are responsible for 50-70 per cent of all fraud, according to research by Celent. Identity theft in particular is a growing menace.

Technorati tags:

Written by Colin Henderson

June 9, 2007 at 17:02

Posted in Security

Cyber war – Estonia shut down, including focus on Banks

Estonia is a highly evolved internet marketplace including Government services, tax filing and various forms of ecommerce.

A political situation involving the taking down of a Soviet statue, has resulted in mammoth cyber attacks, which sound like denial of service attacks against the Estonian internet infrastructure. The cause is allegedly inside Russia, who has denied involvement, but the results involved computers from around the world.

The Russian government has denied any involvement in the attacks, which came close to shutting down the country’s digital infrastructure, clogging the Web sites of the president, the prime minister, Parliament and other government agencies, staggering Estonia’s biggest bank and overwhelming the sites of several daily newspapers.

Source: NY Times

This situation has gathered interest from others as a potential window into future warfare and terrorism in this space.

Computer security experts from NATO, the European Union, the United States and Israel have since converged on Tallinn to offer help and to learn what they can about cyberwar in the digital age.

“This may well turn out to be a watershed in terms of widespread awareness of the vulnerability of modern society,” said Linton Wells II, the principal deputy assistant secretary of defense for networks and information integration at the Pentagon. “It has gotten the attention of a lot of people.”

Some information is avaialble on the nature of the attacks.

The bulk of the cyberassaults used a technique known as a distributed denial-of-service attack. By bombarding the country’s Web sites with data, attackers can clog not only the country’s servers, but also its routers and switches, the specialized devices that direct traffic on the network.

To magnify the assault, the hackers infiltrated computers around the world with software known as bots, and banded them together in networks to perform these incursions. The computers become unwitting foot soldiers, or “zombies,” in a cyberattack.

The attackers used a giant network of bots — perhaps as many as one million computers in places as far away as the United States and Vietnam — to amplify the impact of their assault. In a sign of their financial resources, there is evidence that they rented time on other so-called botnets.

The Banks were visible in the defence activities.

The attacks on Estonia’s systems are not over, but they have dropped in volume and intensity, and are aimed mainly at banks.

Mr. Aarelaid huddled with security chiefs at the banks, urging them to keep their services running. He was also under orders to protect an important government briefing site. Other sites, like that of the Estonian president, were sacrificed as low priorities.

Written by Colin Henderson

May 29, 2007 at 07:06

Posted in Security

A frightening new account attack

This attack method is frightenly simple. The bad guys ping account numbers until they are successful in making contact with a legitimate account. Upon successful identifaction of an account the bad guys can debit the account. This highlights an apparent flaw in the US ACH system.

the scammers appeared to be taking advantage of validation weaknesses among businesses using the automated clearinghouse (ACH) system, a private electronic payment network that links banks with one another via the Federal Reserve.

The network is used by banks to process large volumes of payroll, credit and debit card transactions, but it also facilitates direct payment of consumer bills such as mortgages, loans and utility bills, as well as business-to-business and federal, state and local tax payments.

Source: Washington Post

This came to light when a member of American Air Force personnel noticed his account was less than it should be,

More specifically, the account balance was $124.90 less than it should have been. A business named “Equity First” had made the debit. The toll-free number listed on the transaction led to dead ends — none of the options would allow Airman A to speak with a human. So he went online.

Source: Air Force Link

Read through the two links above; this is a new one to me, and although I am appalled at the implications here, when I put my mind into that of the criminal, I can see how easy it is. This could euqally easily happen with the Candian EFT (Electronic Funds Transfer) system. All that is required is to open a business account, and purchase EFT access. I assume the US circumstance is similar.

Written by Colin Henderson

May 19, 2007 at 21:49

Posted in Security

Two-factor authentication is not well understood

I worry about the perception created by HSBC and Abbey. Its assumed that two factor and tokens are synonymous.

The notion that HSBC and Abbey will become front-line targets for the fraudsters is supported by evidence presented in this paper, ‘Closing the phishing hole’, by Ross Anderson, professor of security engineering at Cambridge University.

Two factor requires that there is a second level of authentication, beyond, username and password. For sure I know Abbey have deployed Passmark- HSBC I am guessing, have, or something similar. Passmark uses the forensics of the customers computer as the 2nd factor. It works like a fingerprint, and is strong enough to be certain in identifying the customer. The bad guys know this.

On the other hand the technology exists to get past tokens.

My take – HSBC and Abbey National have made the right bet between customer inconvenience and bank risk.

Written by Colin Henderson

May 17, 2007 at 22:45

Posted in Security

%d bloggers like this: