1 / 24

AVeS Cyber Security Confidence in your Digital Information

Lex Informatica – SA Cyberlaw / ICT conference – 2014. AVeS Cyber Security Confidence in your Digital Information. ONLINE A N D M OBILE BANKI N G THR E A TS. Charl Ueckermann Managing Director AVeS Cyber Security. 2014/09/25. Agenda. Welcome AVeS Overview

halee-rocha
Download Presentation

AVeS Cyber Security Confidence in your Digital Information

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Lex Informatica – SA Cyberlaw / ICT conference – 2014 AVeS Cyber SecurityConfidence in your Digital Information ONLINEAND MOBILE BANKINGTHREATS Charl Ueckermann ManagingDirector AVeS CyberSecurity 2014/09/25

  2. Agenda • Welcome • AVeS Overview • Online and Mobile Banking Threats • Questions

  3. AVeS Overview • Since 1997 • 500+ clients in Southern Africa • Focus on Professional Services • Reducing Risk – IT Security • Improving Efficiency – Advanced Microsoft Infrastructure • Improving Consistency – Corporate Governance (ISO Std’s) • Increasing Revenue – CRM • Product Support (the building blocks)

  4. Online and Mobile Banking Threats Online payments are popular but unsecure 98% of respondents regularly use online banking , online shopping or e- payment services 59% of users have concerns about banking fraud online 69% of people fear for the safety of their personal data (including banking credentials) Kaspersky Lab and B2B International Study - 8,605 respondents,19 countries http://media.kaspersky.com/pdf/Kaspersky_Lab_B2C_Summary_2013_final_EN.pdf

  5. Which type of data loss is the most critical for Internet users? Passwords, account details Personal email messages Banking details 37% TOTAL 60% TOTAL 58% TOTAL HarrisInteractiveKaspersky DigitalConsumers InternetSecurityNeeds-Topline Report,2012

  6. Attacking the Bank vs Attacking the User • Before criminals used to crack the banks • But it’s too expensive, complicated and risky • Now they fraud users to steal money from them • And unfortunately they are very successful in doing that

  7. Today Cyber Criminals sell user credentials on a Menu

  8. Problems users encounter whilst online 36% of malware incidents resulted in financial loss Did you incur any financial costs as a result of a virus / malware infection? Bankingtrojansworldwide Problemsusers encounterwhileonline Zeus Carberp 36% YES SpyEye 64% NO Shiz Sinowal Other More than 25% of consumers have experienced a malware incident during last 12 months Source:Kaspersky Lab,September2013

  9. …..”And you thought you were safe!” Online banking site: login, password Online banking site: login, password Carberp Authorization: CVV2 Authorization: CVV2 Zeus One time passwords: SMS, Token, printed receipts, TAN generators Carberp, SpyEye, Zeus for mobile, Lurk Onetimepasswords: SMS,Token, printedreceipts,TANgenerators Transaction approval: cell phone SpyEye Readmoredetailsin “Stayingsafe fromvirtualrobbers” http://www.securelist.com/en/analysis/204792304/Staying_safe_from_virtual_robbers

  10. Malicious programs use the following techniques • Keylogging • Screenshot Capturing • Modifying the hosts file • Intrusion into a running browser process (Web Injections) • Mobile Phones Intrusions

  11. How the Cyber Fraud cycle works

  12. ZEUS — Main Features • Most widespread online banking trojan out there • ZeuS tracks which keys the user presses — virtual or physical (keyloging, screenshooting) • ZeuS uses web injections — Man in the Browser attacks • ZeuS is capable of bypassing the most advanced bank security system, bypassing 2-factor authentication systems • Spreads through social engineering and drive-by downloads

  13. How Zeus works • The user enters their one-time password • Fake notification and prompts to receive the "new list", users enter their current TAN-codes • ZeuS using web injection methods. • All login details that are entered are sent to the cybercriminals

  14. CARBERP: Bank client software + Keys • Data theft technologies: • Injection in the web browser • Interception of payment data • Fake notice/ popups

  15. CARBERP: Bank client software interceptor Intercepted data (CVV/CVC, PIN etc.) The information Carberp requests on the modified main page of an online banking system (shown in red boxes)

  16. SPYEYE: Bypass by means of social engineering User is requested to refund money User enters one time passwords for making transaction… and transfers his own money to cybercriminals User sees fake Warning window on banking page User sees fake information about transaction to his account “One of your recent transactions was completed by mistake. You have received some funds that were designated to another recipient. Please refund the money back as soon as possible. Thank you!”

  17. SPYEYE: Spying via Webcam Everythingyousay onthephonearerecordedbycybercriminals

  18. LURK: Distribution and working TOKEN Bypass: Blocks the workstation when the token inside Remote access to the workstation for cybercriminals LURK

  19. Mobile Threats ZitMo ZeusintheMobile Onetimepasswords: SMS SpitMo SpyEyeintheMobile CitMo Carberp intheMobile

  20. Mobile Threats • How it works • By means of social engineering user is advised to download the app from an online store • The app is malicious, once it’s installed it steals one time SMS authentication passwords

  21. Conclusion • Financial malware is getting more targeted • New protection measures introduced by banks are quickly cracked/bypassed • Targeted attacks are getting widespread and almost becoming a routine • There is a lot of space for vulnerability exploitation Effective SECURITY SOFTWARE isamust

  22. The Way forward • Banking Industry to take more responsibility • Mobile SDK protection • Endpoint Protection – different form std AV • Banking Server Global monitoring • Cyber Fraud Awareness – keep going • Patch Management 70% of solution

  23. Thank You Questions

More Related