Last month, criminals used new strains of malware to steal £20 million from UK banking customers, highlighting the dangers of such viruses in a very high-profile way. The use of Dridex malware to infect customer machines, steal login credentials and subsequently steal significant sums from customer accounts shows how these incidents can directly impact end-users. As these types of attack become increasingly common, traditional defences need to be rethought, as concerns amplify over whether they can protect users sufficiently.
Evolving techniques
As a malware strain, Dridex is fairly well known and, as such, is reasonably easy to detect. Other strains, such as Dyre and Tinba, are significantly more difficult to detect. In addition, with source code for many malware types being released to the hacking community, we are now seeing upsurges in strains that had previously been mitigated. These are modified versions of the original with potentially differing signatures that will defeat traditional signature based solutions.
Mitigating malware
How then have financial organisations sought to deal with these types of risks? Many have invested in sophisticated anti-fraud systems that track transactions and use complex analysis to identify potentially fraudulent activity. This is all well and good, but does not consider defence against compromise of the endpoint device. Many financial organisations have solutions for this too, but in general these require client software to be installed on the end user device. This presents a problem, as customer take-up of these components is usually low. Despite the banks not mandating that these software components must be used, there have been high profile cases where the customers have been penalised for neglecting to use them. This demonstrates that there is often a gap in the protection being provided.
It’s all about the app
Whilst the threat landscape is relentlessly evolving, the recommendations remain relatively constant: apply as much security as possible. In the case of modern malware attacks, however, making security measures as easy to apply as possible, and not relying solely on the customer, hold the keys to improving the situation.
Paul Dignan is systems engineer at F5 Networks
Are you a security pro? Try our quiz!
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…