Beating cyber criminals

ENABLED by the sharing culture on social media — and with ever more sophisticated malicious software known as malware at their disposal — cyber criminals have become far more adept at crafting attacks and targeting individuals and organisations.

Tue, 25 Jun, 2013 - 01:00

James Silver

Phishing emails purporting to be from friends, often reflecting our interests — perhaps gleaned from social media sites — or from trusted organisations such as your bank or government bodies — encourage us to click on infected links or attachments containing malware. (A recent example was disguised as a security warning from Microsoft’s digital crimes unit.) We have a level of trust in certain organisations and criminals exploit it.

Typically, these so-called “man-in-the-middle” attacks install colourfully named Trojans (pieces of malware, essentially) such as Zeus, SpyEye or Citadel on computers, which have the effect of compromising, for example, online banking transactions. “Everything you then do on your compromised laptop is subverted through a hacking site which means when you [communicate] with your bank, you are going through a man in the middle. Initially, man-in-the-middle attacks were passwords used in authentication — the criminal would wait until you had finished to start using the credentials they’d just gathered. This is why banks brought in one-time passwords or codes,” says Garry Sidaway, director of security strategy at Integralis.

“But more recent malware will perform a man-in-the-middle attack to obtain the user’s session (a session is created after a user logs in successfully and the browser and the bank’s website use this to continue the interaction) and fake the logout requests. Once the user thinks they’ve logged out, the attacker can make payments using the existing session without the victim seeing any changes to their balance until the next time they log on. This is partly why banks have rolled out card readers to help prevent payments to new payees.”