Page 33 - Cyber Warnings
P. 33
How Banks, Other Businesses Can Avoid Becoming Cyber-Crime
Victims
Apparently, the heist couldn’t have been any simpler if it had been drawn up in the lunch line at
an elementary school cafeteria.
In February, Bangladesh’s central bank saw $81 million disappear out a virtual window. Now it’s
been revealed that, although the computer hackers used custom-made malware, they probably
didn’t need to work up a cyber sweat while pulling off their long-distance theft.
The bank had no firewalls to defend against intruders and its computers were linked to global-
financial networks through second-hand routers that cost $10.
“It’s stunning that a major institution would leave itself so defenseless in this day and age when
everyone should know that cyber criminals are waiting for you to let your guard down,” says
Gary S. Miliefsky, CEO of SnoopWall (www.snoopwall.com), a company that specializes in
cyber security.
But he says the episode can serve as a cautionary tale for other banks and any businesses that
want to protect themselves against today’s cyber versions of Bonnie and Clyde.
“Most companies have some vulnerability and it doesn’t take a sophisticated attack to cause a
security breach,” Miliefsky says. “Often on the hackers’ end of things, it just takes patience.”
For example, he says, a cyber criminal can gain access by sending a company an email with an
attachment called a Remote Access Trojan, or RAT, that looks like a normal file.
All it takes is for an unsuspecting employee to open that file and, voila, security is compromised.
That’s bad for companies, of course, but it’s also bad for consumers, whose bank account,
credit card and other private information is at risk.
Miliefsky says it’s important to go on the offensive. Among his recommendations:
• Employers need to train their staffs.
Those employees sitting at their computers each day are a company’s first line of defense. An
errant click on the wrong email is like unlocking the front door, so employees should be made
aware of the dangers and told what do about suspicious email.
• Companies should routinely update their defenses.
Outdated technology and outdated security software make a company’s computers vulnerable
33 Cyber Warnings E-Magazine – May 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
