Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Vulnerability auditing could have avoided Swedish bank crime.

Fortify : 05 February, 2008  (Technical Article)
Internal hacking in Swedish financial institute highlights the need for software controls to detect cases of employee based security attacks.
Fortify Software says the arrest of seven people in connection with an electronic fraud at Swedbank, a major Swedish bank, last week, highlights the need for vulnerability auditing within financial services companies.

'The arrest of the seven in connection with their alleged installation of remote devices in the bank office - and connected to the bank's computer system - reveals the serious fraud potential that internal hacks of this type pose. Circumventing internal controls can cause tremendous problems as recently shown in the case of Societe Generale,' said Brian Chess, Fortify's founder and chief scientist.

'What this proves is that, even with the best IT security in place, there still needs to be application and systems vulnerability audits carried out on a regular basis, in order to prevent internal attacks of this nature,' he added.

Chess' comments come as Swedish police have revealed that the remote access fraud was only averted at the last minute when a bank employee removed the power to the system concerned.

'The remote access device was discovered under a desk in the Knivsta bank office last August and, if the fraud had gone ahead, the bank would have lost several millions of Swedish Krona - hundreds of thousands of dollars - in the blink of an eye,' he said.

'What's terrifying about this fraud is that police sources are quoted as saying that the technology used by the thieves was standard equipment from regular IT sources. Bottom line? IT could happen again at any bank that does not carry out regular vulnerability assessment audits on its systems,' he added.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo