Online business financial transactions are the target of a series of rapidly spreading trojan attacks. The trojans are reported to be spread through compromised websites or email links and are designed to capture login information to financial websites. Once the data is obtained, the logins are used to transfer funds to mule accounts using banks' automated clearinghouse systems. The trojans are described as being ubiquitous and easily able to slide through security programs.
You probably heard about the theft of over $400,000 from the Bullitt County government which was reported last month by Fox 41 news. We know also of Kentucky businesses which have been victimized. There are a two specific articles I want to draw your attention to. The first is the USAToday article over the weekend which discusses recent computer attacks. This article does a good job summarizing the general mode of attack and describing the severity of the rapidly spreading threat. The second is "The Growing Threat to Business Banking Online" by Washington Post blogger Brian Krebs. This article is full of specific examples and details about the lack of protection businesses have.
Of course, the threat of attack itself is ominous. What's worse, though, is the lack of protection most companies have if they are the target of an attack . If your company is unlucky enough to suffer a direct loss because of a virus or trojan, don't count on your bank or insurance company to save you. Your insurance may not cover internet theft. Such losses are generally not included in standard business insurance policies. Furthermore, the bank may also refuse to compensate your loss. Since the transfer requests were authenticated with valid logins, banks have denied responsibility in some cases. Brian Kreb's article indicates that the banks are not obligated to compensate businesses for losses because businesses are not granted the same consumer protection that private banking clients have. Sure, you can sue to try to recover the funds. That will surely be expensive and time consuming.
Obviously, following well known security recommendations now is a must. The strict recommendation is to conduct online banking on an isolated computer which is not used for browsing the internet or email. Many companies will find that recommendation hard or impossible to follow. At a minimum:
- keep your security and other software up-to-date;
- eliminate non-business related internet traffic on your billing computers/network;
- check with your insurance agent regarding your internet theft coverage;
- consider upgrading your software;
- check your banking and charge account balances frequently and review charges carefully;
- evaluate and mitigate security holes in your network.
The time has never been better for a security audit of your system.
If you need assistance implementing these recommendations, please contact CisCom's helpdesk at (502) 253-4525 x1.