Cybercrime defence spending in Asia Pacific looks set to rise as attacks increase
With the cost of cybercrime tools falling and use of digital and mobile technologies proliferating, financial institutions that are inadequately protected could well end up paying a heavy price. June 13, 2013 | Carol WheatcroftMicrosoft, working with major financial institutions and US Federal Bureau of Investigations, recently took down more than 1,000 botnets controlled by the Citadel banking Trojan. According to some reports, the Citadel Trojan has cost banks more than $500 million in losses over the past year and a half. Banking Trojans operate by infecting web browsers and – after lying dormant – spring into life when the infected browser accesses an online bank account. At this point, the Trojan captures the login information and passes it to a controller while the computer is often drafted into a botnet; botnets are internet-connected computers whose defences have been breached and control ceded to a third party. Controllers then use the captured information for nefarious activities. A report published by security software specialists Symantec recently examined eight of the most popular and sophisticated financial Trojans which are installed on user’s computers and specifically target user accounts. Extracting configurations of the Trojans revealed over 600 institutions which have been targeted, of which 95% were from the financial sector. Reputable banks in countries with the highest GDPs are most frequently targeted, with banks in new target markets in the Middle East and Asia also increasingly coming under attack; financial institutions in UAE, Saudi Arabia, Hong Kong, and Japan have all come under recent attack by Trojans. The report noted that the expanded reach is being facilitated by the underground services economy i.e. fraudsters, becoming more organised and acting like a service industry. Everything from bots and intelligent configurations to localised distribution channels are being bought and sold. Attackers are no longer just participating in financial fraud; some are dedicated to tool creati... Please login to read the complete article. If you already have an account, you can login now or subscribe/register.
Categories: Operational Risk & Security, Technology & OperationsOperationalRiskSecurity,technology, Operational Risk & Security,Technology & Operations, Keywords:Symantec, RSA, TrustWave, SpiderLabs, Microsoft, Citadel Trojan, Botnet Symantec, RSA, TrustWave, SpiderLabs, Microsoft, Citadel Trojan, Botnet
|