Banks: Hackers Get More Aggressive in Attacking Customer Accounts
Annual FS-ISAC survey of banks shows average loss of $777,064
A survey of large financial institutions shows they faced more attacks by hackers to take over customer banking accounts last year than in the two previous years, and about a third of these attacks succeeded.
The total number of attacks to try and break in and transfer money out of hacked customer accounts was up to 314 over the course of 2011, according to the Financial Services Information Sharing and Analysis Center (FS-ISAC), which released findings of its survey of 95 financial institutions and five service providers. That's an increase from 87 attacks against bank accounts in 2009 and 239 in 2010.
FS-ISAC is the group that coordinates on security issues with the Department of Homeland Security. The survey was conducted by the American Bankers Association.
The actual dollar losses taken by the financial institutions last year was $777,064, down from a high of $3.12 million in 2010. Dollar loss for customers was $489,672 in 2011, as compared with $1.16 million in 2010.
Banks responding to the survey said they were beefing up defenses against account takeovers through customer education, more use of multi-factor authentication, and shutting down customers' online access to a commercial system once anomalous behavior is detected
Banks responding to the survey said they were beefing up defenses against account takeovers through customer education, more use of multi-factor authentication, and shutting down customers' online access to a commercial system once anomalous behavior is detected.
Increasingly, banks are extending strong authentication to their customers to prevent successful takeovers of accounts by hackers, whose strategy is often to use malware to take control of the computer of someone authorized to make payments or other high-dollar transfers related to corporate accounts.
These authentication methods can take many forms. United Bank & Trust, located in Ann Arbor, Mich., for instance, increased security for customers through a method that automatically phones the customer making an online funds transfer to verify the details about the transaction before it's actually executed.
Called PhoneFactor, this authentication method is now used for what the bank regards as high-risk transactions, says Marsha Whitehouse, vice president of treasury management at United Bank & Trust. This would ordinarily be associated with an individual authorized to make ACH or fund transfers via a corporate account. Through an automated process, PhoneFactor immediately places a phone call to verify details about the transaction request. Whitehouse says, "It improves security."
While the country’s software market’s growth turned out to be slower than expected during the second half of 2014 with a steady year on year growth of 10 percent, IDC predicts a steady momentum in the beginning of 2016.
Caught up in traffic snarls, Bangalore’s first responders race the devil to save lives. Here’s how Vigilante’s Emergency Vehicle Pre-emption system (EVP) stepped in to the rescue.
Here's what to keep in mind as near-field communications (NFC), the technology that allows Apple iPhone users to tap and pay, takes off. By the end of 2015, more than a billion phones will have the capability to use the wireless protocol to exchange data, and applications beyond payments will become common.
Despite a big push over the past few years to use encryption to combat security breaches, lack of expertise among developers and overly complex libraries have led to widespread implementation failures in business applications.