Articles

RSS

Smaller corporations and banks with less sophisticated computer security systems than their bigger competitors are becoming the favoured targets of cyberthieves, according to the FBI.

Jeffrey Troy, head of the FBI's cybercrime section, told the Financial Times that hackers skimmed $40m from corporate bank accounts in the US in 2009, primarily targeting small and medium-sized businesses that were themselves the customers of smaller and medium-sized banks. He said spearphishing was the hackers' weapon of choice, with the victims' security systems frequently unable to recognise the software being used against them.

As a result, hackers were often able to revisit bank accounts they had already plundered. In one case, a client was suing its bank for allowing an unauthorised transfer of over $50,000 only six days after allowing an unauthorised transfer of $45,000 to the same Moscow bank.

"For a small to medium-sized enterprise, this is serious money," said Stuart Morris, Director of UK-based Tricerion Ltd, pioneer of the SafeLogin image-based mutual authentication system. "Larger companies may feel that losses on this scale are manageable, but for an SME a loss of nearly $100,000 in the space of a week could very well put it out of business.

"What makes it even uglier is that smaller banks can't afford to be as quick to compensate victims as larger competitors, so more and more cases are going to end up in the civil courts. That makes it expensive and messy for all concerned, and creates ill will between banks and their clients.

"And what makes it all the more tragic is that it's completely unnecessary. SafeLogin is proven to be particularly effective against spearphishing; and because it's both inexpensive and easy to install and use, it's the ideal solution for SMEs."

The FBI believes that attacks of this sort are only going to increase in 2010 if banks continued to have difficulty in authenticating genuine account holders, and Mr Morris commented: "With the global economy only just beginning to crawl out of recession, every cent is precious and needs the effective protection of a secure login system that spearphishers can't access."

About Tricerion Ltd.
Tricerion Ltd. has developed and registered patents worldwide for SafeLogin as a replacement for traditional passwords that have survived unchanged since the dawn of computers. SafeLogin offers strong mutual authentication using a patented triangulation procedure that overcomes all of today's major threats to the security of online login credentials. Truly innovative in design, SafeLogin leverages everything users and hackers currently know about logging in, achieving a revolution in authentication security that is simple to use with no user adoption obstacles or gadgets, and hence at a very low cost.

SOURCE: Smaller corporations