Everyone is Supposed to be Infected in Banks, Advised by ENISA
Infosecurity-magazine.com published a report on July 5, 2012 quoting ENISA's recommendation stating Banks should assume that all customers' PCs are infected and should institute security measures.
McAfee and Guardian Analytics published latest online banking scam 'Operation high Roller' resulting ENISA's warning stating online banking systems relying dangerously on security system of PCs.
McAfee and Guardian Analytics exposed Operation High Roller and added some new twists to the existing banking fraud malware like Zeus. Spy Eye and Ice IX. ENISA released warning that the new malware is highly automated, sophisticated and targeting wealthy customers. These malevolent elements facilitate the crooks make deceptive transactions from the victim's accounts to their possession and then mules from abroad.
Infosecurity-magazine.com published a report on July 5,2012 stating the comment of Udo Hambrecht, Executive Director of ENISA, which contains old saying "criminals go where the money is" today means "bank robbers go online".
ENISA statistics reveal that only 40% of PCs are infected with Zeus. ENISA considers that it can be prohibited if financial institutions presume that all the PCs of their customers are infected with a malevolent element which will prompt them to implement mechanisms that protect PCs from such attacks.
According to ENISA, banks should have faith on reliable channels or devices to verify with the user with the value and purpose of certain transactions.
It is highly renowned that two factors identification can be effortlessly bypassed with the launch of a man-in-the-middle or man-in-the-browser attack on transaction.
According to ENISA, a strong cooperation is required to take down global command centers. The cyber attack was carried out using command and control servers dynamically located across the globe e.g. fast flux bot nets and bullet proof hosting providers. Criminals use these tricks to make law enforcement more complicated. Hence, strong global cooperation both in terms of prevention and response is required.
Banks have by now started executing more sophisticated security mechanisms, but the fact that 'Operation High Roller' was so flourishing in so many parts of the world indicates that there is still a lot of work to be done.
Finally ENISA concluded that preventing cyber attacks is important but it is also necessary to prepare for any attacks whenever happen.
» SPAMfighter News - 13-07-2012