Banks: Hackers Get More Aggressive in Attacking Customer Accounts
Annual FS-ISAC survey of banks shows average loss of $777,064
A survey of large financial institutions shows they faced more attacks by hackers to take over customer banking accounts last year than in the two previous years, and about a third of these attacks succeeded.
The total number of attacks to try and break in and transfer money out of hacked customer accounts was up to 314 over the course of 2011, according to the Financial Services Information Sharing and Analysis Center (FS-ISAC), which released findings of its survey of 95 financial institutions and five service providers. That's an increase from 87 attacks against bank accounts in 2009 and 239 in 2010.
FS-ISAC is the group that coordinates on security issues with the Department of Homeland Security. The survey was conducted by the American Bankers Association.
The actual dollar losses taken by the financial institutions last year was $777,064, down from a high of $3.12 million in 2010. Dollar loss for customers was $489,672 in 2011, as compared with $1.16 million in 2010.
Banks responding to the survey said they were beefing up defenses against account takeovers through customer education, more use of multi-factor authentication, and shutting down customers' online access to a commercial system once anomalous behavior is detected
Banks responding to the survey said they were beefing up defenses against account takeovers through customer education, more use of multi-factor authentication, and shutting down customers' online access to a commercial system once anomalous behavior is detected.
Increasingly, banks are extending strong authentication to their customers to prevent successful takeovers of accounts by hackers, whose strategy is often to use malware to take control of the computer of someone authorized to make payments or other high-dollar transfers related to corporate accounts.
These authentication methods can take many forms. United Bank & Trust, located in Ann Arbor, Mich., for instance, increased security for customers through a method that automatically phones the customer making an online funds transfer to verify the details about the transaction before it's actually executed.
Called PhoneFactor, this authentication method is now used for what the bank regards as high-risk transactions, says Marsha Whitehouse, vice president of treasury management at United Bank & Trust. This would ordinarily be associated with an individual authorized to make ACH or fund transfers via a corporate account. Through an automated process, PhoneFactor immediately places a phone call to verify details about the transaction request. Whitehouse says, "It improves security."
IDC expects government projects and re-entry of older players will drive the growth in tablet market in 2015.
- A Zinnov Study predicts that the adoption of cloud technologies will drive the growth of the Indian domestic IT market, which will touch $67 billion by 2020.
The Supreme Court reserved its verdict on a slew of petitions challenging the validity of Section 66A of the IT Act.
Location sharing may not grab your attention like a post on Facebook or Twitter, but it's a darn useful utility for keeping track of family members and friends. Microsoft's Squad Watch wants to be that app for Windows Phone, but at this stage, it's not.