According to Gartner’s Avivah Litan, even two-factor authentication systems can’t stop today’s cyber thieves. Over the past few months, banks around the world that rely on one-time-password authentication systems have been compromised by man-in-the-middle attacks, despite having two-factor security in place.
Thomas Claburn of InformationWeek writes in his article, “Strong Authentication Not Strong Enough,” that fraudsters are now using call forwarding to bypass security measures. By persuading telecom carriers to forward user phone calls to the thief’s cell phones, they are stealing money and user account information. Banks that don’t have any additional defenses to stop unauthorized access to their systems can be highly susceptible to such attacks.
These man-in-the-middle attacks use software or hardware to intercept network traffic while keeping the sender or receiver completely oblivious of where their information is coming or going. In fact, the malware can use anti-forensic capabilities to re-write account balances in the user’s browser, making the user believe their account has sufficient funds when in fact it’s empty.
Despite all the sophistication of these attacks, it still relies upon infection of the endpoint with malware as the critical component of the attack. If you can stop unauthorized software from running on an endpoint, you stop these types of attacks.
Litan added that these particular attacks on financial institutions have involved the Zeus Trojan, which is currently the Internet’s No. 1 family of botnets. But that’s for another blog.