Service of “Trusted Third Party”, specializing in the topic of cyber security was raised on Friday, the pressure holders of deposits in banks, and of course a Bank Manager. Reported because the servers, at least some banks przesączyło malicious software that could “extort” and to transmit to the server some data. Don’t know what, and whether such related to Bank customers (personal, address, financial). Rather, we are talking about data that would allow the leakage of money from our accounts. Interestingly, the “gateway” to entry into the banking servers had to be… the website of the Committee for Financial Supervision, that is, the “company”, which mon itors safety standards throughout the banking industry. The FSC office already, however, confirmed by my colleagues with Cashless.pl that “discovered there was an attempt of foreign intervention in the information system that supports the web site.” And the page was disabled (apparently at the request of police experts from cybercrime).
see also: the Bank will help the customers to fight of intruders
see also: you Go to a Bank via a smartphone, and there… is dangerous
see also: Internet extortionist stole customer data Bank. Precedent?
How zadziałali hackers?
I looked into the situation and… something things. From what they privately tell me friends, being close the whole “Scam” that is really on the KNF website someone has made a nest virus. Theoretically, could reach everyone who has logged in to the website KNF (and not just the bankers), but the virus was not placed on the main page, but the section which interested mainly employees of banks. Everyone who przeklikał after that section was “częstowany” malicious programs (perhaps placed on some of the fake page “bound” part of the website KNF, but not necessarily). This software as a spy had been tasked to send data – it is not known which of the selected computers, presumably associated with the organizers of “shares”. And, of course, to spread the network of banking computers to get as close as possible to places where they are stored confidential data money and clients. The software seems to have been “tailored” specifically to meet the needs of Polish users, and so, most of our local hackers are behind this (although it is not known whether there are hobbistycznie, or as someone’s mercenaries).
cover it?
This attack is called in the language of specialists in the field of information technology “watering-hall” (Billabong) and a bit of phishing, the victim which we enter by their own negligence. But in the case of phishing thieves do send us a fake page links, running the Bank’s services, to find out your login details (or infect us with a virus śledzącymi that you enter on the keyboard to enter logins and passwords), in this case, you just put a virus on the KNF website and they hoped that it professionals offices did not notice him. Bank employees involuntarily – by the way, the usual click on the page the KNF itself is shot. Some of my informants say that in total, so the virus got on the computers of the business employees of the four banks. Others say that the malware has been “seen” at most banks (maybe most of them were discovered and shot down by “input”). Can be information about the four affected bank s are made for the fact that there noticed any activity of the virus. Apparently, on Thursday evening, the Association of Polish Banks was found the spectrum from the security of several banks and has identified a plan of action.
our data and money safe?
Money soon, of course, Yes, because it’s a virus on the nature of the spy set to wykradanie data. For attempts to steal from the Bank money using a different type of malware, and is likely to help it bribed employees of banks working on forsowaniu dam safety. And if they don’t want to cooperate, it is preparing virus “, made under customers” of the banks. Even if this time it was different, and someone wanted to steal money from us with the banking server, and so the Bank zrefunduje. The Union of Polish Banks officially assured that the money of Bank customers are safe. With regard to data about our names, addresses, payments and balances, there is no absolute certainty that nothing important I didn’t tell them (“loss” are only estimated, and information systems banks the search to viruses), but also employees of companies which help the banks in maintaining security say that it would be a huge confluence of adverse c ircumstances to this type of virus has stolen some important data.
Why? Infected user needs to log in for the database that contains confidential information, and “transfer” its the virus or cause the device to transmit data to the computer from the thief. According to my interlocutors so many things could go wrong, that something had happened.
first, among employees who “treated” virus posted on the website of the KNF, they would have to be those who actually have access to databases with sensitive information (such as people in banks, in practice it is a little).
second, the computer of the employee should be poorly protected (already a typical anti-virus protection web browser must unhook some strange scenarios that invoke enhanced data flow “in the world” and other protection, the so-called end stations, banks).
third, the servers themselves Bank also generally have solid safety, and it is hard to imagine that there were no security alerts along with a copy of the data).
see also: Big data flow from the database of social insurance. Is there to be afraid of?
Information discrediting KNF?
Looks like we, the customers, have no reason for great concern. Of course, all of this-the first unofficial information, burdened with the risk of being wrong. It is not known how the malicious software was installed on the computers of Bank employees, but between the presence of the virus, which is something it passes to thieves (for example, what type on the keyboard), and to copy the contents of databases on customers and their money-a big difference. Not to mention the “copying” of client money.
It was rather an attempt espionage action on the principle: “we will introduce will be able always where come the bankers, look who’s caught, and what will come of this”. If the banks have a well made protection principles and control access to sensitive data – should leave very little.
worst of all, the source of the virus is the Committee for Financial Supervision. From the published service “Trusted Third Party” should log that the script entered by hackers on the website KNF sat there from October 2016. How is it possible that not worked protection, integrity monitoring? If the KNF party was hosted in an external company in which safety standards were not as high as it should be? As the release of information will update the text.
safety Rules Samcika
Here is a Decalogue of actions on my side, and that – regardless of how the Bank monitors and updates its information system has influence.
the Password for the account, I try from time to time to change (some banks in which I have an account, this change also recommend), and it’s always obvious, is quite difficult “obczajenia” password, different from the one that I use for purchases in the Website, the entrance to clouds and other things in Internet, for example, opening e-mail.
obviously, I’m invested in the program, and I will never go to the Bank with not his computer. Not sure how protected, and if someone doesn’t put him on a key-loggera, that is, the virus to save everything enter on the keyboard.
the cell Phone, which come passwords, SMS, reasonably sterile, and therefore, there was million of applications and games that may require some time, some updates. Three times think before zatwierdzę the phone any update.
In those banks where this is possible, I have insurance service SMS message confirming each transaction (I can quickly react if something was in the account).
Not thrown away, also without reading the electronic statement of account, always browse them in search of suspicious transactions.
Well, always read carefully the SMS authorization confirming compliance with the amounts and account numbers, and so, after verifying that I approved the relevant transaction.
yeah, and I bought the information that someone is in any Bank or large loan company request a loan on my topic. So I was quickly able to react, if I was the victim of identity theft.
No comments:
Post a Comment