The 21st Century Trojan War – Protecting Corporate Online Banking from Next-Generation Malware
Financial Services Technology magazine has published my new article, “The 21st Century Trojan War”. In it I talk about the new corporate banking trojan threats, and how the cyber-underground is advancing their attacks against the financial services infrastructure by infiltrating the computers of finance professionals inside corporations and government agencies.
“In 2009, organized cyber crime rings began to shift away from massive phishing attacks against consumer banking users, and instead target bigger fish – corporate banking users. The cybercriminals use advanced malicious software (malware) to attack the computers of finance professionals in companies and government agencies. If a computer that is used to access a commercial online banking services becomes infected, the attackers can effectively take over the corporate financial accounts in real time by hijacking active banking sessions, and issue commands for funds transfers.
Symantec detected over 70,000 variants of the Zeus Trojan in 2009.
Documented losses to corporate banking customers from fraudulent wire transfers initiated in the USA by next-generation malware on corporate computers have ranged from $10,000 to over $1,000,000 per incident. Much of this money was successfully transferred to ‘money mule’ accounts overseas, and was never recovered. It is far more lucrative for cyber criminals to make numerous $9000 transfers from a single corporate bank account, than to try to hijack thousands of consumer-based accounts and make small money transfers. It is also reasonable to expect that online corporate banking fraud will track historical online consumer banking fraud patterns, and will grow dramatically over the next several years.”
Read the rest of the article at: Financial Services Technology Magazine.
May 8th, 2010 at 9:19 pm
Dave, back some time ago in your blog this will be about . Well its not a reality , its here the low life “KNUCKLEHEADS MISFITS” never give up .
Because the actual losses for breaches of corporate online banking security are large, it is easy to focus on those as the tangible risk to financial institutions. But the reality is that there are larger risks and costs to financial institutions. If a corporate customer experiences a loss due to malware, they are likely to blame their bank, claiming that the bank does not have adequate security protections. In fact, recent months have seen numerous lawsuits being filed by companies that have suffered losses. Some of these lawsuits have been publicized in the media, and are drawing attention to the problem.
Well the end result is the attorneys have to prove that the bank was indeed at fault , GOOD LUCK ! My suggestion is everyone wake up , the bad guy doesn’t need a weapon to rob you just a computer . So secure a computer and a IRONKEY and antivirus/malware products to your choosing and for god sakes don’t let your kids surf and just maybe things will work .