Saudi Arabia approves cooperation agreement with US for the use of outer space for peaceful purposes    Quality of Life Program CEO highlights Saudi urban transformations at UN-Habitat conference in Cairo    AlHisn Big Time Studios unveiled to transform film and TV production in Riyadh    Saudi Aramco's Q3 net income falls 15.5% to SR103 billion amid a jump in annual cash flows    Almarai wins 'Best Corporate Sukuk' at Asset Triple A Islamic Finance Awards    Top climber falls to death after rare Himalayan feat    US voters flying home in time for election    Drones and snipers on standby to protect Arizona vote-counters    India's Modi condemns violence after Canada temple incident    Harris and Trump make final push in must-win Pennsylvania    Mitrovic's hat-trick leads Al Hilal to 3-0 victory over Esteghlal    Al Ahli extends perfect start with 5-1 victory over Al Shorta    Saudi crown prince, Tunisian president review bilateral relations in phone call    SFDA Chief visits premier biotechnology and medical firms in China    Al-Khereiji: Collective action in combating terrorism is a must for achieving stability and prosperity    Quincy Jones, titan of US music, dies aged 91    Neymar expected to join Al Hilal squad for AFC clash against Esteghlal, says coach Jesus    Al Qadsiah secure 2-0 victory over Al Ettifaq in first Eastern Derby since 2021    Hidden sugars in Asia's baby food spark concerns    HONOR unveils pre-order of the stunning HONOR MagicBook Art 14 Featuring an ultra-slim design, HONOR Eye Comfort Display and AI Cross-OS WorkStation    India puts blockbuster Pakistani film on hold    The Vikings and the Islamic world    Filipino pilgrim's incredible evolution from an enemy of Islam to its staunch advocate    Muted Eid celebrations for millions of Nigerian Muslims    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Banks seek cybershelter with ‘ethical hackers'
ROSS KERBER & MARIA ASPAN
Published in The Saudi Gazette on 19 - 06 - 2011

PROFESSIONAL hacker Nicholas Percoco received an unusual request from a major financial institution this week: How can you help us avoid becoming the next Citigroup Inc?
Amid a wave of cyber attacks on Citi, the International Monetary Fund and other institutions, Percoco and his team at security firm Trustwave Holdings Inc. are fielding more and more calls from banks wanting to stress-test their online defenses.
Trustwave is increasingly being hired for so-called ethical hacking of banking systems to hunt for weaknesses, he said. It is also selling more data loss prevention software, which can freeze a computer network before an intruder can extract sensitive information.
“It's not a new technology, but in the wake of these data losses there's more interest,” Percoco, senior vice president at the Chicago-based firm, told Reuters. Trustwave has filed for an initial public offering of stock.
Some cyber experts fear many financial institutions have inadequate defenses, due to distractions during the financial crisis and after that led them to ignore IT systems as they dealt with more pressing issues, allowing hackers to scale bank firewalls or find other ways to cause mischief, from viewing confidential checking account images online to physically strolling into unsecured data centers. “We'll call the CIO (chief information officer) and tell them, ‘We're standing in the middle of your data center. Do you want to come get us?'” he said.
Still, there are signs of progress. Financial institutions are now keeping a closer eye on their databases and making more use of one-time transaction passwords to customers' mobile phones. Bank of America Corp, for example, has a SafePass service started in 2008. Two-thirds of US banks plan to raise spending on fraud-detection and authentication systems in 2011, including all 14 of those with more than $75 billion in deposits, according to a Gartner Research poll of 76 banks.
“This is an arms race,” said Bill Conner, chief executive of Dallas-based security company Entrust, which sold $35 million worth of security software to financial institutions last year, up 50 percent from 2009. “The risks are out there, the regulators are breathing heavy on this. Now the financial institutions are going to have to spend,” Conner said.
The question is how quickly can this spending make a difference. Banks have always been targeted by cyber criminals but have so far avoided the worst breaches as hackers focused on softer targets, such as stealing credit and debit card data from retailers.
But banks got wake-up calls this month, when the attacks on the IMF and Citi, the third-largest US bank, came to light. Security specialists say Citi suffered the largest direct hit on a financial institution to date.
As stewards of the payment system, banks face an extra burden to keep the confidence of their customers.
Many financial institutions are starting to bulk up security around their treasury services divisions, which can process trillions of dollars daily for large corporate clients, according to the American Bankers Association.
But now a new push toward mobile payments by big banks, from BofA to Wells Fargo, has some cyber experts worried.
On average, only 8 cents of every dollar that banks spend on IT infrastructure goes toward sustaining and securing that infrastructure, according to Tom Kellermann, chief technology officer at AirPatrol Corp in Maryland and a member of the Obama Administration's Commission on Cyber Security.
Bank security chiefs “are always playing second fiddle to the folks that are saying, ‘Let's create the wonderful wireless Web portals with access to financial services through our mobile phones,” he told Reuters Insider. “Most security wonks would say ‘That's a really, really bad idea.'”
“I think there's been an over-emphasis in security on perimeter defenses, on the walls and moats of castles, and not enough attention is being paid on remote access and website security,” he added.
The threats go beyond retail banking. Among the financial system's most vulnerable points are the clearinghouses that act as central counterparties to all traders, security experts speaking at a Reuters-hosted cyberterrorism panel said on Thursday.
Mark Clancy, chief information security officer at the Depository Trust & Clearing Corporation, agreed Friday that clearinghouses are especially attractive targets to hackers — not because their defenses are weaker than other financial institutions but because they house so much concentrated data.
“If you wanted to destroy financial operations, those are the kinds of places you look because they are aggregation points ... they're just more interesting to that kind of bad guy,” he told Reuters.
He said the DTCC's spending on cyber security has “really in the last 12 months ratcheted” up.
Market operators are also vulnerable. Hackers breached Nasdaq OMX Group's systems this year, leaving “suspicious files” on the exchange's servers and sparking an investigation involving the FBI..


Clic here to read the story from its source.