Inside Job How Banks Are Getting Hacked And What They Can Do

Inside Job How Banks Are Getting Hacked And What They Can Do Make Money Online Queries? Struggling To Get Traffic To Your Blog? Sign Up On (HBB) Forum Now!Inside Job: How Banks Are Getting Hacked And What They Can DoUpdated On 10/01/2016Author : HBB Guest AuthorTopic : Featured SecurityShort URL : http://hbb.me/1Ob40X3 CONNECT WITH HBB ON SOCIAL MEDIA Follow @HellBoundBlogThe same engines or machines that generate spam â€" bots â€" are now sending those bots into banks to scour for ways inside the vault. Spam, the obnoxious stuff that everyone expects to be filtered out by junk mail filters, has become the Trojan horse of choice among cyber criminals. The BBC recently conducted a research project looking at the internet address blocks used by 12 of Britains most well-known and well-established financial institutions. In the course of their research, they discovered that in 2013 alone, there were more than 20 incidents within British banking networks involving malicious activity, despite banks having some of the strongest defenses against c yber-attacks (Source: http://www.bbc.co.uk/news/business-25336448).How Cyber Crooks are Cracking the VaultInside sources say that banking employee machines are routinely infected by malware. Multiple sources indicate that viruses, spam and other malicious messages regularly appear on banks corporate networks, most likely as a result of an employee or contractor encountering a bogus and booby-trapped email attachment, visiting an infected site, and (most likely) being enrolled in a botnet (a dragnet of hijacked computers used to mine a corporations computer systems). OpenDNS recently gathered statistics that suggest as many as 900 botnets were active in late 2013. The damage that can be wreaked through botnet breaches has many experts deeply concerned given that, … as banks develop their controls in line with new criminal methodologies, new techniques will emerge.READBeware Of Social Engineering AttacksWhat Can Banks Do?Banks are at the center of data security concerns. The informa tion they gather intersects legal boundaries, intellectual property, and government regulations. To keep abreast of every potential security threat or virus is a virtually insurmountable feat, but, through data encryption â€" at rest and in the cloud â€" banking institutions could create a stronger security program than they may be currently using.Studies show that institutions from finance to healthcare have high amounts of BYOD usage and often lack sufficiently strident data security policies for accessing data outside of corporate networks. Government-grade (FIPS 140-2 validated) data encryption solutions are recommended for all devices used to access and store data, be they BYOD (laptops, smartphones, tablets), as well as devices managed through an enterprises network (i.e., desktop computers). If the worst-case scenario should unfold, and a portable device carrying personally identifiable information (PII) is lost or stolen, data encryption via SEDs, for example, protects the e ncryption key by deleting it each time it is accessed, not storing it in the OS or network, and encrypting the encryption key independently â€" whether or not the company network is able to access it.