Are You Closing the Door on Financial Trojans?
Come on, really, are folks still amazed by the notion that attackers are using DDoS attacks as a mere distraction from more lucrative malicious activities executed on banks? Well, according to various reports the answer is yes, especially if you consider banks have been slow to adopt strong security and are implementing ineffective custom security measures that leave gaps for sophisticated malware to effectively exploit. In the most recent study titled, “ State of the Financial Trojan 20131” it was revealed that the number of financial Trojans grew 3 times in just the first 3 quarters of last year. The top 8 attacks included those that use a combination of techniques such as MITB, web injects, proxy, certificates, localization, automatic transaction services, and more. Although Trojans have been around for 10 years, the study claims that many security implementations adopted by financial institutions are inadequate at defending against the modern financial Trojan. Why is this? I am curious to know, given the history, costs of attacks to businesses and technologies available. It seems as though many institutions are lagging in implementing solutions or continuously evolving their security strategy.
Continuously updating and improving upon your security strategy is even more important given, rise in attacks targeting mobile device users. Online banking , smart phones and the drive towards mobility has paved the way to Trojans attacks that target mobile device users. Using social media, attackers can trick users into unsuspectingly installing mobile Trojan plugins on their devices. The malware can then hijack sessions, forward any transaction codes received by the device to the attacker, and even suppress text messages from the user. According to the report, some attackers have posted fraudulent one-time password generator applications for mobile devices on third-party app markets. All of this helps to give the attackers the information they need to defraud the victim.
Cyber criminals will forever give security experts challenge to step up their tactics and sophistication in protecting against fraud, but I must agree with the report in that as long as institutions persist with weak security measures fraud will continue to be a lucrative enterprise. It is important that organizations susceptible to financial Trojans work with 3rd parties having expertise in addressing security concerns common to online banking, web applications and mobility, and also be open about the risks and continue to educate their customers about the security issues that they encounter. Most importantly Banks must continue to build upon their security strategy with multi-layered protections that includes web-fraud protection, scalable WAF technologies, datacenter security and solutions that fill the gaps in the security infrastructure.
1"State of the Financial Trojan 2013," Symantec December 2013