Skip to main content

Big US Banks Under Active Attack, Napolitano Warns

Big US Banks Under Active Attack, Napolitano Warns



The shutdown of New York's financial sector caused by Hurricane Sandy is a stark reminder of how much tumult a human-generated disruption also could cause, said Avivah Litan, security analyst at Gartner. "The fact that the stock market had to close for two days because of a hurricane should be a wake-up call that we are largely unprepared for a major cyberwar."


Considering Live Chat For Your Company?
Which live chat solution is right for you? Find out now with the new Live Chat Comparison 2012 Report. Download the free report.

Hackers are actively attacking some of the largest banks in the nation, U.S. Homeland Security Secretary Janet Napolitano warned this week.

Napolitano declined to go into detail about the types of breaches or what kind of information -- if any -- had been taken. She brought up her concern about attacks on U.S. financial institutions at a cybersecurity event.

The federal government is aware of the vulnerability of U.S. stock exchanges and other financial institutions, as well as infrastructure and utilities. Napolitano stressed the importance of enacting federal guidelines to protect against cyberwar.

Banks including Wells Fargo, Bank of America and JP Morgan Chase were hit this fall with distributed denial of service attacks. Hackers were also able to empty US$400,000 from a Citibank account in Burlington, Wash., earlier this year. Cybercriminals are increasingly using targeted attacks to go after unassuming consumers and employees, said Michael Murray, managing partner of MAD Security.

"The majority of the attacks right now involve targeted phishing and malware attacks -- where the most common attack vector a few years ago was Web applications, the most common attack vector today comes through our people," Murray told TechNewsWorld. "Spear phishing through email, social media and even IM has been used to cause a large number of breaches in the last two years."

Stepping Up Preparation

The shutdown of New York's financial sector caused by Hurricane Sandy is a stark reminder of how much tumult a human-generated disruption also could cause, said Avivah Litan, security analyst at Gartner.

"The fact that the stock market had to close for two days because of a hurricane should be a wake-up call that we are largely unprepared for a major cyberwar," Litan told TechNewsWorld. "There should be more effective business continuity plans. These are noticeably absent."

Relatively speaking, though, Web applications and security systems at financial institutions do have greater protection in place than those in other industries -- mostly because they need it the most, said Murray.

"In my experience, banks are actually some of the best-defended organizations -- due to the regulations we've put on financial institutions, they've invested more heavily in information security controls than most other segments of the economy," he observed. "Unfortunately, banks are also the most heavily targeted segment of the economy because, as the old bank robber Willie Sutton said, they're where the money is."

President Obama has made cybersecurity a priority, Napolitano noted in her address. She stressed the importance of maintaining that type of attitude in Congress going forward.

With so many laws already in place, though, the more important priority needs to be enforcing them, said Litan.

"There is probably enough regulation already, but regulators need to be smarter in how they examine banks' preparedness for these massive hacker attacks," she said. "I don't see proactive leadership from the government -- but I don't think we need new laws to get that from them. We just need them to execute on the powers they already have."
Focus on User

Part of the emphasis on enforcement must be raising consumer awareness about cyberattacks beyond the current level of public knowledge, stressed Murray, but the best protection lies within the financial institution.

"The best way to protect is simple: focus on the behavior of our [bank employee] users," he said. "I'm not talking about traditional awareness programs that just educate users. We need to put behavior-change efforts in place within the organization to make it easier for our users to spot these attacks, more likely that they report them, and to better protect their organizations. We haven't done a good job of that as an industry yet."

As hackers use the system to grow more cunning, workers must be aware of and ready to follow security guidelines so a tricky cybercriminal can't get the best of the system, said Litan.

"The attacks and unavailability of online systems opens the door for social engineering of bank staff by the hackers -- for example, call center staff who are overwhelmed with call volume when websites are down -- and the protections are only as good as the weakest link," she pointed out. "Hackers can socially engineer their way into successfully executing an illegitimate wire transfer by manipulating and fooling a sympathetic call center agent."

Comments

Post a Comment

Popular posts from this blog

How has lockdown impacted Indian farmers?

How has lockdown impacted Indian farmers?             Generally compare to other sectors it's not major impacted by our Indian farmers but we acceptable minor impacts. Here we separate major two farming cultures one is mono farming culture another one poly farming culture. Mono farming :             The major impacts from our Indian farmer for monoculture. Here I have briefly explained what are the things we had faced our local farmers. Here I explain two different crops type: Daily crops : * We harvest more than 100-kilo grams daily crops like brinjal but we unable to sell those in local markets. * We are unable to reach urban markets. * We don't have enough transport facilities. * We unable buy require fertilizer and other complements * In the early stage we are facing manpower shortage but later it's not an issue. * We unable to do value-added products. * Waste is very high for somedays Se...
Post a Comment
Read more

How is a startup possible in farming and agriculture?

                 In this question we have two options, The first one is natural farming and another one is chemical farming. Both are the way to start an agriculture startup. Before we jump into the topic we have to look at more important things like Financial, Yield, quality of food and Marketing these are the very challenge we face. Chemical Farming 1. Capital & financial   * an agriculture startup we must have to invest for own land but chemical farming not require to buy an own land because chemical farming land does not produce yield more than 10 years so best you can acquire rental land.  * We have to buy cultivate equipment and machinery for chemical farming. In this case, we have two options       1. More necessity things are bought own equipment         2. Fewer necessities things go for a rental.   * Make a sufficient fund for runnin...
Post a Comment
Read more

How will agriculture evolve

Agriculture will evolve the following types in the future. 1. Natural Farming 2. Nutrition Orient Farming 3. Fertilize Orient Farming 4. Terrace garden Farming 1. Natural Farming Now, most of people aware and important of natural food. We are consuming a lot of foods that were packed, preservatives and Jung, these items came from various places in the world so it's added lot of chemicals to avoid food waste. These things we could consume regularly till now. almost we are facing so many diseases in our day to life. So people are avoiding unhealthy food to use that is the reason we are switchover natural farming. The natural farming foods are very expensive nowadays but in the future may be it will reduce the prices. When this will happen If more people involve natural farming. 2. Nutrition Orient Farming It's like the way of doing the Hydroponic farming process system but the thing is only nutrition leaf harvesting. In this leaf contain all the nutrition, If y...
Post a Comment
Read more