Not many people know that our bank ATMs often use the same software we use on our computers - that is Microsoft Windows, giving hackers the same access as they would have to our computers. Photo/FILE
By Kui Kinyanjui,
Something curious has been happening at a leading local bank, and could be spreading to the entire banking sector.
This week, it emerged that customers at the bank (which cannot be named for confidentiality reasons) have unwittingly been giving away details about their accounts to an unknown group of hackers.
Customers who visited one ATM within the bank’s network would transact as normal, withdrawing or depositing cash through the ATMs.
What they did not know is that they were supposedly leaving behind an electronic trail that provided criminals with enough details to remotely empty their accounts or perform transactions on their behalf.
Most of the affected customers were left baffled when they next visited their ATMs and discovered that their accounts had been wiped clean, supposedly by them the last time they visited the ATM.
More worryingly, one customer told Business Daily that while his account was left untouched, his card details were used in a foreign country for an online purchase.
That this comes just weeks after yet another local bank invested in new technology to protect its customers from card fraud should not be taken in isolation.
Something is wrong, and we are not being told the truth by those erstwhile custodians of our hard earned cash.
Sources within Kenya’s ICT security industry tell us that we have been left severely exposed as a result of the arrival of international fibre optic links, which supposedly give international hackers free rein to probe inside our most sensitive installations.
That incidents such as those highlighted above can happen reveals that our financial institutions are not taking the threat seriously.
To quote local security analysts––for every one local bank that has adequate security in place to protect its customers funds, there are twelve more who do not.
If the analysts are to be believed, not enough Kenyan companies are asking themselves: Are we safe?
Gartner analyst John Pescatore says that the biggest threat to any company right now is the botnet, a malicious software program that allows hackers a window into your hardware through which they can capture sensitive information.
“It’s really a major, major problem, and this is where user PC’s get compromised by visiting a legitimate website that itself had been compromised to download some software. That user PC happily goes back to work and talks back to the botnet command control centre which downloads a very targeted attack,” said Mr Pescatore.
Gartner says that it owns several case studies that reveal 30-35 per cent of PC’s have bad clients installed and can be used to capture passwords and look for databases and so on.
Not many people know that many of our banks ATMs often use the same software we use on our computers – that is Microsoft Windows, giving the international or local hacker the same access as they would have to our computers.
But the fact that information security has dictated the content of three out of six subjects of this column this year should serve as a signal that something is seriously amiss.
Source: Business Daily Africa
Comentários