Wednesday, January 17, 2007
Banks face growing threat of inside identity
Banks face growing threat of inside identity theft
While banks are confident they can deal with phishing attacks by constantly warning customers of the dangers, they are now getting increasingly concerned about the physical theft of confidential client data by insiders or impostors. Widespread outsourcing of data management and other services has exposed some weaknesses and made it harder to prevent identity theft by insiders. In what many regard as the biggest wake-up call in recent memory for financial institutions, thieves disguised as cleaning staff last year narrowly failed to steal the equivalent of more than $400 million from the London branch of Sumitomo Mitsui. They installed programs to record keystrokes on computers that were used to handle international wire transfers of money. After analyzing user identifications and passwords recorded by the keylogging programs, they used the information to make a huge money transfer to an Israeli bank but were foiled at the last minute when police were tipped off. Banks are starting to respond to the threat by combining teams working on physical and information technology security, which have traditionally been separate functions, said Potter. Source: http://www.eweek.com/article2/0,1895,2062804,00.asp
While banks are confident they can deal with phishing attacks by constantly warning customers of the dangers, they are now getting increasingly concerned about the physical theft of confidential client data by insiders or impostors. Widespread outsourcing of data management and other services has exposed some weaknesses and made it harder to prevent identity theft by insiders. In what many regard as the biggest wake-up call in recent memory for financial institutions, thieves disguised as cleaning staff last year narrowly failed to steal the equivalent of more than $400 million from the London branch of Sumitomo Mitsui. They installed programs to record keystrokes on computers that were used to handle international wire transfers of money. After analyzing user identifications and passwords recorded by the keylogging programs, they used the information to make a huge money transfer to an Israeli bank but were foiled at the last minute when police were tipped off. Banks are starting to respond to the threat by combining teams working on physical and information technology security, which have traditionally been separate functions, said Potter. Source: http://www.eweek.com/article2/0,1895,2062804,00.asp
# posted by raveneye @ 11:52 AM 
