Why Kaspersky's Bank Robbery Report Should Scare Us All - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
Why Kaspersky’s Bank Robbery Report Should Scare Us All
Threaded  |  Newest First  |  Oldest First
impactnow
100%
0%
impactnow,
User Rank: Author
2/19/2015 | 11:35:14 AM
Keeping up with the Hackers

Susan yes very scary and it makes the point for multiple levels of authorization required when money is moves in large quantities and tracking of actions as related to money movement. The vulnerabilities still exist in so many places its type for cyber security to start catching up with the hackers.

Susan_Nunziata
100%
0%
Susan_Nunziata,
User Rank: Strategist
2/19/2015 | 10:44:31 PM
Re: Keeping up with the Hackers
@impactnow: What will finally have to happen for corporations to invest where they need to? How big do the breaches have to get? How much damage has to be done to individuals? Or will this keep on escalating endlessly?
impactnow
50%
50%
impactnow,
User Rank: Author
2/25/2015 | 11:41:44 AM
Re: Keeping up with the Hackers

Susan I completely agree. It's getting to a point that people expect breaches it's very sad. I hate to over regulate but I think if fines were levied against companies for security breaches that were a result of their negligence it might speed up security efforts at some organizations.

Susan_Nunziata
100%
0%
Susan_Nunziata,
User Rank: Strategist
2/19/2015 | 10:23:02 PM
Re: Fun with security
@Stratustician: What perplexes me most is how corporations of such size and scope can have such a hard time keeping one step ahead of bad actors. I suspect, more than anything, that the problem is one of deciding where to invest $$--in security & trainng, or in stockholder pockets. Until the equation shifts and breaches become so crippling that they affect stockholder dividends, I suspect we'll just see attacks like this becoming so commonplace they won't even scare us anymore.
Susan_Nunziata
100%
0%
Susan_Nunziata,
User Rank: Strategist
2/19/2015 | 10:25:56 PM
Re: Fun with security
@macker490: So what's the deal then? Is it just more cost effective for corporations to allow themselves to get hacked like this than to invest in the resources required to protect themselves? Are they so well covered by insurance policies, and making so much $$, that even this level of money walking out the door is small change to them?
Susan_Nunziata
100%
0%
Susan_Nunziata,
User Rank: Strategist
2/19/2015 | 10:32:22 PM
Re: Why Kaspersky's Bank Robbery Report Should Scare Us All
@Zerox203: As the Anthem breach also showed, it all comes down to how these organizations make money. Anthem didn't encrypt its data because it wasn't required to do so by law. The cost, or inconvenicence, of encryption was enough of a deterrent for them, because they faced no hefty fines if they didn't do it. Like banks, health insurance providers are for-profit organizations whose main goal is to keep their shareholders happy.

That said, you make a good point about playing the odds and finding the right balance between investing in prevention and leaving yourself open to a breach. In the case of what the Kaspersky report revealed, though, it's hard to believe that patch updating would have impacted the bototm line of the banks involved. It seems a bigger issue -- not enough employees in IT? sloppy governance -- than just an accouting problem.
Susan_Nunziata
100%
0%
Susan_Nunziata,
User Rank: Strategist
2/19/2015 | 10:41:39 PM
Re: Brian Krebs
@bwjustice: Thank you for noticing that error, it's been corrected. I am clearly living proof of how sloppy humans can be, especially when working in haste and multi-tasking. If Mr. Krebs happens to have read this, I hope he accepts my apology!

I'll be picking up SPAM Nation for my weekend reading list. And if you never hear from me again, you'll know why.

:)
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
2/20/2015 | 6:27:28 PM
Stalking the intruder
Yes, this example of sly and persistent intrusion is alarming. I think we need behavior analytics that learn from routine system ops and recognize an activity that is out of line. Once it spots such a thing, it raises an alarm or shuts it down. I also agree with TerryB. Security was such a concern on the IBM mainframe when it first came out that the MVS operating system, when asked by an application process to do something, would query, Who is  your owner? If no clear answer came back, it killed the process. With Windows, it's more like welcome the next visitor, check his credentials later.


2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

News
Remote Work Tops SF, NYC for Most High-Paying Job Openings
Jessica Davis, Senior Editor, Enterprise Apps,  7/20/2021
Slideshows
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Commentary
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
Register for InformationWeek Newsletters
Video
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll