|
There have been a number of high-profile cases recently of cyber criminals breaking into the bank accounts of small and mid-sized businesses and stealing what amounts to million of dollars. The most damaging part of this increase in criminal activity is the fact that in many cases the funds are not protected by the bank.
In response, the SANS Technology Institute, a security training and research organization, recently challenged its members to come up with the most effective solution for protecting a businesses’ financial assets from attack. Microsoft may not like the answer. Their No. 1 recommendation is for a company to stop using Windows for banking transactions and instead use a “read-only bootable alternative media (ROBAM)” environment.
So what does that mean exactly? Well, first let’s take a step back and look at the underlying problems. In a report on the subject, SANS notes that most cyber criminal-related bank frauds begin with a phishing email targeted at a company’s comptroller or other staff member in charge of finances. After the employee’s computer is compromised, malware is hidden in the Windows operating system and used to eavesdrop on the user’s activity, including gleaning passwords for online banking.
“Once the attackers have the required information, they begin to steal money with fraudulent transactions in amounts below $10,000. These smaller amounts fly under the laundering detection mechanisms in the US Bank Secrecy Act. In many cases, repeated transactions have added up to hundreds of thousands of dollars lost by individual organizations,” the 75-page report notes.
There is no single answer to protecting a company’s information assets and SANS recommends taking a holistic approach to security. It also methodically went through a number of security methods for protecting financial assets, including software and network-based security and internal policies, and highlighted the pros and cons of each.
In the end though, it concluded that perhaps the single best method currently available is to use a separate hardened OS (operating system) for financial transactions – or the ROBAM method.
With ROBAM, a user is provided with a compact disc or USB flash drive with a bootable operating system. A bootable CD is the most recommended method, because unlike a USB flash drive, it cannot be altered. The bootable system would be configured with only the services and applications required to perform financial transactions.
The bootable CD would be configured not to access the local hard drive, so that even if the computer is compromised, it could not activate the malicious software. Once banking transactions are completed, the computer would be shut down and can be rebooted on Windows and used for normal operations.
There is no requirement for a second computer for users and the operating systems to perform this duty are readily available, such as Linux-based Ubuntu.
“Given the advantages of the ROBAM technique, this option provides an essentially free way for small and medium businesses to increase the security of their financial transactions and is the primary recommended option,” the report concludes.
Only registered users can write comments.
Please login or register. |
