Last month, criminals used new strains of malware to steal £20 million from UK banking customers, highlighting the dangers of such viruses in a very high-profile way. The use of Dridex malware to infect customer machines, steal login credentials and subsequently steal significant sums from customer accounts shows how these incidents can directly impact end-users. As these types of attack become increasingly common, traditional defences need to be rethought, as concerns amplify over whether they can protect users sufficiently.
Evolving techniques
As a malware strain, Dridex is fairly well known and, as such, is reasonably easy to detect. Other strains, such as Dyre and Tinba, are significantly more difficult to detect. In addition, with source code for many malware types being released to the hacking community, we are now seeing upsurges in strains that had previously been mitigated. These are modified versions of the original with potentially differing signatures that will defeat traditional signature based solutions.
Mitigating malware
How then have financial organisations sought to deal with these types of risks? Many have invested in sophisticated anti-fraud systems that track transactions and use complex analysis to identify potentially fraudulent activity. This is all well and good, but does not consider defence against compromise of the endpoint device. Many financial organisations have solutions for this too, but in general these require client software to be installed on the end user device. This presents a problem, as customer take-up of these components is usually low. Despite the banks not mandating that these software components must be used, there have been high profile cases where the customers have been penalised for neglecting to use them. This demonstrates that there is often a gap in the protection being provided.
It’s all about the app
Whilst the threat landscape is relentlessly evolving, the recommendations remain relatively constant: apply as much security as possible. In the case of modern malware attacks, however, making security measures as easy to apply as possible, and not relying solely on the customer, hold the keys to improving the situation.
Paul Dignan is systems engineer at F5 Networks
Are you a security pro? Try our quiz!
Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…
Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…
Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…
Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…
Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…
Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…