Pub. 4 2013 Issue 4

www.wvbankers.org 20 West Virginia Banker D DoS attacks: smoke screens for fraud wire transfers A Distributed Denial of Service (DDoS) is an attack on a computer system by flood- ing it with so much traffic (usually from multiple compromised sources) that it is obliged to shut down. Now setting their sights on community banks, a new round of cyber-crimes is being reported in which bank sites or systems have been attacked or taken down as a diversion from their primary objective–stealing from accounts via fraudulent wire transfers and account takeovers. A recent cnet.com article reported that at least three U.S. banks have experienced fraudulent wire transfers while hackers deployed “low powered” DDoS attacks to- mask their theft. Furthermore, the attacks were not by “politically motivated groups” and appeared to be unrelated to earlier at- tacks on those of the mega institutions (i.e. JP Morgan, Chase, and Bank of America). Instead, they were “stealth, low-powered attacks,” not intended to “[knock] their website down for hours.” 1 No bank is too small of a target. Thieves can begin the attack by com- promising a bank employee’s computer through a phishing email or other means and then attack the bank website to create the diversion. A bank’s website does not need to be interactive to be utilized to deflect attention. Even temporarily taking down a bank’s phone or VoIP lines can be used as a smoke screen while perpetrators slip through the proverbial back door of a bank’s systems to successfully breach and take funds from customer accounts. Mobile device malware Malware is also exploiting vulnerabilities of mobile devices as virus protection on these devices is in its infancy. Because of the larger volume of app distributions, Android devices are more prone to vul- nerabilities than Apple, which also more strictly monitors and protects apps for their devices. It was noted in a recent ABA Webinar that there are 6,000 new pieces of malware directed at Android devices. Mitigation measures include recommend- ing that only approved apps are used. This applies to customers and to your bank’s employees, especially if they are using company-issued phones, laptops, tablets, etc. What can your bank do to minimize potential damage? According to The Financial Sector-Infor- mation Sharing and Analysis Center (FS- ISAC), incorporate layered security tech- niques to mitigate the risks. The following are suggested steps to consider implement- ing. Not all are necessarily appropriate for every institution or situation, nor do they guarantee total security against cyber-relat- ed crimes or attacks. Consider consulting cyber-security professionals and seek legal advice regarding your bank’s unique needs and concerns. Recommended procedures to implement at your bank • Be up-to-date with security patches and anti-virus software on all of your bank’s desktop/laptop machines and servers. Ensure that workstations utilize host-based IPS technology and/or application whitelisting to prevent the execution of unautho- rized programs. • Monitor for spikes in website traffic as these may indicate potential DDoS activity. Implement a plan to ensure that appropriate authorities handling wire transfers are notified Recently, there have been a number of bulletins and articles regarding cyber- attacks on financial institution websites and systems. Online attacks are increasing both in frequency and severity, growing from annoying disruptions to more sophisticated and destructive events as cyber criminals hone their skills. Community Banks– Potential Targets for DDoS Attacks Masking Fraudulent Wire Transfers By Patricia Williams