Jump to content

Recommended Posts

Posted (edited)

The UK's banks are regularly being caught out by cybercriminals.

 

 

 

Data from three sources indicates that spam, viruses and other malicious messages regularly emerge from machines sitting on banks' corporate networks.

It is likely that the computers were compromised when bank staff and contractors were caught out by booby-trapped email attachments.

They may also have visited sites seeded with code that infected their PCs.

Some of those infected machines are also likely to have been enrolled in a botnet - a large network of hijacked computers that are used by cybercriminals to distribute spam and viruses, attack other websites or as a source of saleable personal data.

But, say experts, banks are doing a better job than most at protecting their machines from malware.

Sending junk

The BBC found that in 2013 there were more than 20 incidents involving UK bank networks indicative of malicious activity. Similar, though lower, numbers were seen in 2012 and 2011. Some incidents involved addresses that have been sending junk for months but others were addresses seen sending spam for the first time.

Continue reading the main story Botnet basics

For its research project the BBC compiled a list of the internet address blocks used by a dozen of the UK's largest and best known financial institutions.

Everything connected to the net needs one of these addresses, an IP address, to ensure data reaches its destination.

Junk mail or spam is typically routed through a botnet because this helps spammers conceal its true origins and means it is delivered free.

Tracing the source IP address of spam can be a guide to which machines have been compromised.

The BBC asked those running spam databases to see if any bank IP address featured in that corpus of information.

Further analysis revealed that some of the junk was benign in that it was the banks' own marketing messages arriving at email addresses set up to capture spam. In most of the other cases the spam was distributing malware, involved in phishing or "pump and dump" scams or sought to trick people into visiting dangerous sites.

A separate dataset for 2012/13 shows fewer incidents year-on-year but revealed that seven corporate bank networks are regularly sending out junk, five are home to machines that are part of the well known Conficker botnet and eight are regular sources of malicious activity.

In addition, sources inside UK banks told the BBC that they deal with up to a dozen incidents a month of employees' machines getting infected with malware.

James Lyne, global head of security research at security firm Sophos, said evidence of a botnet on a bank network would be "exceptionally concerning".

"It would give attackers a foothold that they can exploit," he said.

The BBC was aided in its research project by an organisation that runs a huge collection of "spam traps" that log the sources of junk mail and also by researchers at Delft University of Technology, in the Netherlands, who study botnets. Anti-spam firm Cloudmark provided corroboration of some of the BBC's findings.

_66636827_90247154.jpgMost junk mail is routed through a botnet in a bid to avoid net filters

"There should be no spam coming out of these networks," said Prof Michel van Eeten from Delft who leads the team gathering data on botnets, adding that some of the bank networks studied had a "relatively consistent" problem with infections.

He was also worried about the continuing presence of machines that were part of the Conficker botnet because the exploit used to create that network has been known about and fixable for five years.

"If they are vulnerable to that you have to wonder what else they are vulnerable to," said Prof van Eeten. "This might show they can fall victim to a targeted attack more easily because those are much harder to avoid falling into."

One example of the types of targeted attack finance firms have to deal with is malware that only springs to life when it spots that it has infected a machine sitting on a bank network.

"It's a constant battle," said Matt Allen, director of financial crime at the British Bankers' Association, adding that the UK's banks had some of the strongest systems and controls in the world to defend themselves against cybercriminals.

Continue reading the main story “Start Quote

Complexity is the enemy of securityâ€

James Lyne Sophos

"The criminal use of cyber-techniques is an integral part of financial crime offending," he said.

Banks' defence mechanisms operated both within and between individual institutions, he said, and involved them pooling information about recent attacks, tactics and methods.

"The challenge in this area is that as banks develop their controls in line with new criminal methodologies, new techniques will emerge," he said.

"We're not complacent," said Mr Allen. "We know it's changing and evolving quickly."

Most of the UK banks and building societies contacted by the BBC about its findings declined to comment. Most said they never talked publicly on security matters to avoid the accidental release of operational details.

Those that did respond said the net addresses appearing to send out spam were on corporate networks isolated from the systems that handled customer data and online banking transactions.

Bank check

Statistics gathered by security firm OpenDNS suggest that up to 900 botnets are active in late 2013. These crime networks typically involve many tens of thousands of machines. The biggest count millions of PCs as victims.

Edited by edmonddarius91@gmail.com
Posted

Source? I highly doubt that bank computers don't have antivirus or firewalls..

Posted (edited)

Ah ok.. BBC will never be listened to by anyone ever again anyway lol.. Pedofest.

Edited by Chuckun
Posted

Ah ok.. BBC will never be listened to by anyone ever again anyway lol.. Pedofest.

 

Read The Sun, do we? :P

Posted

Read The Sun, do we? :P

 

Eurgh The Sun is even lower than the BBC and The Daily Mail put together lol.  No, I source my news independently :P

Posted

Eurgh The Sun is even lower than the BBC and The Daily Mail put together lol.  No, I source my news independently :P

 

At the local corner shop they lay newspapers out on the counter. I've learnt to just skim it and get the general idea of what's in the news today. I gave up actually caring many years ago.

Posted

At the local corner shop they lay newspapers out on the counter. I've learnt to just skim it and get the general idea of what's in the news today. I gave up actually caring many years ago.

 

This.  If anything particularly interests me I take it with a pinch of salt and read various takes on it if I can't immediately see the real big picture >_<

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.