Financial malware proliferation prompts banks to take action

“All of the authentication can be compromised, so you have to provide additional layers of security”, says IronKey's Bocek
“All of the authentication can be compromised, so you have to provide additional layers of security”, says IronKey's Bocek

To combat these increasing risks, the Federal Financial Institutions Examination Council (FFIEC), a US government interagency body, last year updated its security guidelines to improve customer authentication, layered security, and other controls.

Old Second Bank in Chicago decided to turn to IronKey’s Trusted Access security product to counteract the growing threat posed by financial malware and to comply with the FFIEC guidelines.

“With all of the fraud we are hearing about in the industry, we wanted to do something proactively to protect our clients’ money and personal information and enhance the strength of our services to the business community”, said Keith Gottschalk, chief operating officer at Old Second National.

IronKey Trusted Access, an online account takeover, identity theft and payments fraud prevention service, provides a secure web session, so even if the computer is infected, criminals cannot get banking information, Gottschalk told Infosecurity.

Trusted Access’s first layer protects the customers on their computer because that is where malware like Zeus and SpyEye attacks, explained Kevin Bocek, vice president of marketing for IronKey.

The criminals “attack the web browser and the operating system and insert fake content and hijack browsing sessions. So when the user logs off, the criminals take the session”, Bocek said.

“While to the user it looks like they are using just another Windows application side-by-side with other apps, it is actually a virtualized operating system hardened to NSA [National Security Agency] specifications. Inside of that is a secure browser that is controlled by a cloud-based policy that the bank sets, which only allows the users to go to approved sites”, Bocek said.

Because the product is virtualized, it is a read-only environment. This prevents malware from tampering with the devices, he added.

IronKey also operates a trusted network, which is a dedicated and secure network that encrypts all traffic as it comes from customers and goes to banks. Bocek stressed that even if banks are using technology like SSL criminals can still spy on users and attack network infrastructure.

“All of the authentication can be compromised, so you have to provide additional layers of security”, Bocek said.

What’s Hot on Infosecurity Magazine?