Search the Community
Showing results for tags 'cybercriminals'.
-
The UK's banks are regularly being caught out by cybercriminals. Data from three sources indicates that spam, viruses and other malicious messages regularly emerge from machines sitting on banks' corporate networks. It is likely that the computers were compromised when bank staff and contractors were caught out by booby-trapped email attachments. They may also have visited sites seeded with code that infected their PCs. Some of those infected machines are also likely to have been enrolled in a botnet - a large network of hijacked computers that are used by cybercriminals to distribute spam and viruses, attack other websites or as a source of saleable personal data. But, say experts, banks are doing a better job than most at protecting their machines from malware. Sending junk The BBC found that in 2013 there were more than 20 incidents involving UK bank networks indicative of malicious activity. Similar, though lower, numbers were seen in 2012 and 2011. Some incidents involved addresses that have been sending junk for months but others were addresses seen sending spam for the first time. Continue reading the main story Botnet basicsFor its research project the BBC compiled a list of the internet address blocks used by a dozen of the UK's largest and best known financial institutions. Everything connected to the net needs one of these addresses, an IP address, to ensure data reaches its destination. Junk mail or spam is typically routed through a botnet because this helps spammers conceal its true origins and means it is delivered free. Tracing the source IP address of spam can be a guide to which machines have been compromised. The BBC asked those running spam databases to see if any bank IP address featured in that corpus of information. Further analysis revealed that some of the junk was benign in that it was the banks' own marketing messages arriving at email addresses set up to capture spam. In most of the other cases the spam was distributing malware, involved in phishing or "pump and dump" scams or sought to trick people into visiting dangerous sites. A separate dataset for 2012/13 shows fewer incidents year-on-year but revealed that seven corporate bank networks are regularly sending out junk, five are home to machines that are part of the well known Conficker botnet and eight are regular sources of malicious activity. In addition, sources inside UK banks told the BBC that they deal with up to a dozen incidents a month of employees' machines getting infected with malware. James Lyne, global head of security research at security firm Sophos, said evidence of a botnet on a bank network would be "exceptionally concerning". "It would give attackers a foothold that they can exploit," he said. The BBC was aided in its research project by an organisation that runs a huge collection of "spam traps" that log the sources of junk mail and also by researchers at Delft University of Technology, in the Netherlands, who study botnets. Anti-spam firm Cloudmark provided corroboration of some of the BBC's findings. Most junk mail is routed through a botnet in a bid to avoid net filters "There should be no spam coming out of these networks," said Prof Michel van Eeten from Delft who leads the team gathering data on botnets, adding that some of the bank networks studied had a "relatively consistent" problem with infections. He was also worried about the continuing presence of machines that were part of the Conficker botnet because the exploit used to create that network has been known about and fixable for five years. "If they are vulnerable to that you have to wonder what else they are vulnerable to," said Prof van Eeten. "This might show they can fall victim to a targeted attack more easily because those are much harder to avoid falling into." One example of the types of targeted attack finance firms have to deal with is malware that only springs to life when it spots that it has infected a machine sitting on a bank network. "It's a constant battle," said Matt Allen, director of financial crime at the British Bankers' Association, adding that the UK's banks had some of the strongest systems and controls in the world to defend themselves against cybercriminals. Continue reading the main story “Start Quote Complexity is the enemy of security†James Lyne Sophos "The criminal use of cyber-techniques is an integral part of financial crime offending," he said. Banks' defence mechanisms operated both within and between individual institutions, he said, and involved them pooling information about recent attacks, tactics and methods. "The challenge in this area is that as banks develop their controls in line with new criminal methodologies, new techniques will emerge," he said. "We're not complacent," said Mr Allen. "We know it's changing and evolving quickly." Most of the UK banks and building societies contacted by the BBC about its findings declined to comment. Most said they never talked publicly on security matters to avoid the accidental release of operational details. Those that did respond said the net addresses appearing to send out spam were on corporate networks isolated from the systems that handled customer data and online banking transactions. Bank check Statistics gathered by security firm OpenDNS suggest that up to 900 botnets are active in late 2013. These crime networks typically involve many tens of thousands of machines. The biggest count millions of PCs as victims.
About Us
We are glad you decided to stop by our website and servers. At Fearless Assassins Gaming Community (=F|A=) we strive to bring you the best gaming experience possible. With helpful admins, custom maps and good server regulars your gaming experience should be grand! We love to have fun by playing online games especially W:ET, Call of Duty Series, Counter Strike: Series, Minecraft, Insurgency, DOI, Sandstorm, RUST, Team Fortress Series & Battlefield Series and if you like to do same then join us! Here, you can make worldwide friends while enjoying the game. Anyone from any race and country speaking any language can join our Discord and gaming servers. We have clan members from US, Canada, Europe, Sri Lanka, India, Japan, Australia, Brazil, UK, Austria, Poland, Finland, Turkey, Russia, Germany and many other countries. It doesn't matter how much good you are in the game or how much good English you speak. We believe in making new friends from all over the world. If you want to have fun and want to make new friends join up our gaming servers and our VoIP servers any day and at any time. At =F|A= we are all players first and then admins when someone needs our help or support on server.