CIO Today

CIO Today Network Sites:   Top Tech News  |   CIO Today   |   Mobile Tech Today   |   Data Storage Today
Daily Briefing for Technology's Top Decision-Makers
Thursday, April 24th 
Next Generation Data Center Is Here!
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Trending Topics:   Security Heartbleed Big Data Cloud Computing Windows XP Data Centers OS X Mavericks
Home
Enterprise Software
Enterprise Hardware
Big Data
Network Security
Cloud Computing
CRM Systems
Data Storage
Operating Systems
Communications
CIO Issues
Mobile Tech
Chips & Processors
World Wide Web
Business Briefing
After Hours
Press Releases
 
Free Newsletters
Top CIO News
 
Mobile Tech Today
 

Network Security

Banks on High Alert After Cyber Attacks

Banks on High Alert After Cyber Attacks
September 20, 2012 2:12PM

Bookmark and Share
"For banks and most organizations, the unfortunate reality is that if targeted, they will most likely be breached," security researcher Chris Petersen. "The question then becomes how capable and quickly can the breach be detected, contained, and eventually eradicated." Bank of America and JP Morgan Chase have both suffered possible DDoS attacks.

Your Next Generation Data Center Is Here! Vblock™ Systems: the world's most advanced converged infrastructure are built on the Cisco Unified Computing System with Intel® Xeon® processors. Vblock™ Systems deliver extraordinary time to market, ROI and TCO, and flexibility to meet your continually changing demands with 5X faster deployment, 96% less downtime, and 1/2 the cost. Click here to learn more.

The Financial Services Information Sharing and Analysis Center has raised its cyber threat levels to "high" this week after several financial institutions -- including titans Bank of America and JP Morgan Chase -- fell victim to intermittent Web site outages.

"Issues of concern include the recent credible intelligence regarding the potential for [Distributed Denial of Service] and other cyber attacks against financial institutions," the group said on its Web site. "Additionally, Microsoft is aware of targeted attacks via active exploitation of a zero-day remote code execution vulnerability in Internet Explorer."

Microsoft has issued a quick fix for the IE flaw and plans to issue a full patch on Friday. Meanwhile, Bank of America said its Web site was back up and running normally. Chase.com appeared to be up and running as of the time of this writing.

Hardening Browsers

We turned to Bill Morrow, CEO of Quarri Technologies, to get his take on some of the fallout from the IE zero-day flaw. He told us the latest IE bug is an exploit that allows a Web site -- malicious or compromised -- to download and execute arbitrary code to the end user. He also pointed to the incident as evidence that endpoints today still remain afterthoughts in the security landscape.

"While Microsoft works on a patch for this new bug, industry experts are suggesting that users install new software and/or reconfigure network browser settings," Morrow said. "While the right idea in theory, in reality there is a high probability that many end users wouldn't perform the necessary mitigation or configuration steps to stop the attack."

Beyond the immediate issue with IE, Morrow also noted that the incident is yet another example of enterprise Web applications being at the mercy of the end user's skills at being a security administrator.

"To minimize their exposure to malware, it is critical for organizations to provide and enforce the use of a secure, hardened browser session to protect their most sensitive information and prevent unauthorized use and replication of confidential data," Morrow said.

Aggressive Cyber Criminals Rising

We also asked Chris Petersen, CTO of LogRhythm, for his take on the incident. He told us the latest security headline is a reminder of the increasing aggressiveness of cyber criminals.

"This aggressiveness combined with browser-based vulnerabilities like the one recently announced by Microsoft IE pose a real challenge to banks," Petersen said. "Targeted spear-phishing campaigns have a very high success rate and help cyber criminals easily bypass bank firewalls."

From his research, zero-day attacks are increasingly bypassing point security solutions designed to protect online banking Web sites. To defend against these advanced threats coming from multiple vectors, he said, banks should adopt a posture of continuous and automated analysis across all internal network and system activity to recognize abnormal and concerning behavior.

"For banks and most organizations, the unfortunate reality is that if targeted, they will most likely be breached," Petersen said. "The question then becomes how capable and quickly can the breach be detected, contained, and eventually eradicated."

Tell Us What You Think
Comment:

Name:



 Network Security
1. Fund Seeks To Head Off Heartbleeds
2. Lessons from Verizon's Threat Report
3. Verizon Report Exposes Cyberthreats
4. How Are Web Sites Post-Heartbleed?
5. White House Updating Privacy Policy




 Most Popular Articles
1. BlackBerry Drops T-Mobile After Nasty Spat
2. Cisco, IBM Launch Internet of Things Consortium
3. Salesforce CRM Gets Industry Specific for Internet of Customers
4. Intel Bets on Cloudera for Big Data Analytics
5. SAP HANA Data Warehouse App Gets Faster Analytics

Have an informed opinion on this story?
Send a Letter to the Editor.
We want to know what you think.
Send us your Feedback.

 Related Topics  Latest News & Special Reports

  IBM Targets Big Data with Power8 Line
  Opera Coast Offers Safari Alternative
  FCC Defends Internet Traffic Proposal
  Fund Seeks To Head Off Heartbleeds
  Salesforce Developing App SOS Button

 Technology Marketplace
Business Intelligence
Get real-time, cloud-based information services with Neustar.
 
Cloud Computing
Next Generation Data Center Is Here! Vblock™ Systems from VCE
 
Contact Centers
HP delivers the future of the contact center with HP Qfiniti 10.
 
Data Storage
Next Generation Data Center Is Here! Vblock™ Systems from VCE
Barium Ferrite (BaFe) is the future of tape.
2.5" Enterprise-class SATA & SAS SSDs for server & storage applications
 
Enterprise Hardware
Barium Ferrite (BaFe) is the future of tape.
2.5" Enterprise-class SATA & SAS SSDs for server & storage applications
 
Hardware
Protect your network with APC Smart-UPS battery backup
 
Network Security
Protect your network with APC Smart-UPS battery backup
 

Network Security Spotlight
Tech Giants Fund Initiative To Prevent Future Heartbleeds
Can more funding prevent Heartbleed vulnerabilities in future open-source software? A new Core Infrastructure Initiative at the Linux Foundation is attempting to find out.
 
What Verizon's Data Breach Report Can Teach Enterprises
It’s probably not a jaw-dropper, but cyberespionage is officially on the rise. And the use of stolen or misused credentials is still the leading way the bad guys gain access to corporate information.
 
Top Cyberthreats Exposed by Verizon Report
Beyond Heartbleed, there are cyberthreats vying to take down enterprise networks, corrupt smartphones, and wreak havoc on businesses. Verizon is exposing these threats in a new report.
 
Navigation
CIO Today
Home/Top News | Enterprise Software | Enterprise Hardware | Big Data | Network Security | Cloud Computing | CRM Systems
Data Storage | Operating Systems | Communications | CIO Issues | Mobile Tech | Chips & Processors | World Wide Web
Business Briefing | After Hours | Press Releases
Also visit these Enterprise Technology Sites
Top Tech News | CIO Today | Mobile Tech Today | Data Storage Today

Services:
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About CIO Today Network | How To Contact Us | Article Reprints | Services for PR Pros (In partnership with NewsFactor) | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 CIO Today. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.