Hackers take aim at financial institutions

Hackers are increasingly targeting financial institutions, research published today has warned.
According to 'Computers, Networks and Theft: Part 2', a new report published by security company, Kaspersky Lab, attacks against such establishments in the first half of 2006 increased by 17 per cent compared with the last six months of 2005.

The findings of the report are bad news for the many financial organisations that in the middle of 2005 began implementing procedures to protect their clients from data theft. Initially, the measures – which included the introduction of two-part authentication, among others – appeared to be having an effect, as attacks dropped in Q3-4 2005 by 13 per cent on the previous six-month period. Despite this, attacks in the first half of 2006 rose by 17 per cent.

Since 2003, attacks have increased year-on-year by an average of 39 per cent, Kaspersky estimates.

Yury Mashevsky, virus analyst at Kaspersky Lab, said that it is becoming more common to detect spy programs written with the aid of insider collaboration: “For instance, there have been malicious programs created where malicious users have used internal logins and passwords from the organisation under attack, as well as knowledge of the internal database structure of a specific organisation. Withstanding an attack conducted using insider knowledge is extremely difficult, but it is possible.”

Also highlighted in the research is the rise in the number of malicious programs capable of attacking the users of several payment systems simultaneously. For example, Trojan-Spy.Win32.Banker.asq targets almost 50 financial systems and institutions at the same time, including Paypal, Caixabank, Postbank in Germany, and many other institutions around the world.

While financial institutions are an obvious target for cyber-criminals, the report found other less obvious organisations attracting unwanted attention from hackers. For example, Kaspersky Lab analysts detected malicious programs targeting the clients of tour firms and transport companies.

The full report can be accessed here.