According to research firm Gartner, Inc., crimeware designed to takeover online banking accounts and steal money is now the most significant threat concerning US banks.1 Using criminal software toolkits like ZeuS and SpyEye, criminals are becoming increasingly effective at stealing bank login credentials or hijacking online banking sessions in real-time, taking millions from corporate and municipal bank accounts. In just one recent crime, still in progress, the FBI is searching for suspects based in China near the Chinese-Russian border believed to have stolen over $20 million from US-based online business bank accounts during March and April 2011.2
To explain how these attacks work, why anti-virus software, firewalls and other conventional countermeasures are not stopping them, and what can be done about it, IronKey Founder and Chairman David Jevans will address leaders in the financial services industry at the 2011 FS-ISAC, BITS Annual Summit. Jevans is also chairman of the Anti-Phishing Working Group (APWG). His session,“The Evolution of Cyber Crime: Anatomy of Online Banking Fraud,” takes place Tuesday May 3, 2011 from 10:30 am. to 11:30 am. at the Fairmont Turnberry Isle, Miami, Florida.
IronKey, the leader in securing data and online access, will also be demonstrating its Trusted Access for Banking solution at the FS-ISAC and BITS event in booth #27, ballroom #3, from May 2nd to the 4th.
About IronKey Trusted Access for Banking
IronKey’s Trusted Access solves a problem that until now has been out of the bank’s control – the vulnerability of the client's PC to financial malware attacks such as ZeuS and SpyEye. These crimeware toolkits combine keyboard loggers, man-in-the-browser, ‘backconnect’ Trojans, and DNS tampering attacks that go undetected by up-to-date anti-virus software, firewalls and other software-based security. In a period of 12 months, over 70,000 ZeuS variants were detected in the wild, with many, many more going undetected. Using these tools, criminals defeat sophisticated bank security controls including one-time passcode token authentication and dual user payment authorization. Trusted Access enables banks to protect their business clients, even if the client’s own computer is infested with the worst possible malware, by isolating their online access in a safe, bank-managed environment that is independent of the PC. The solution includes the Trusted Access USB security device, whichlaunches a protected, virtualized operating system and Web browser that only works with the IronKey Trusted Network and limits the user’s online access to bank-approved sites.
More information about IronKey's Trusted Access for Banking is available online.
“Protecting Online Banking Customers from Evolving Cyber Crime Threats” -- webcast explains the latest bank phishing attacks, the ZeuS Trojan and SpyEye, and why anti-virus software, firewalls and other conventional safeguards are not able to stop these attacks.
“Trusted Access Guided Demonstration” -- product demonstration and example attacks.
Ranked as the 14th best venture-funded company in The Wall Street Journal's "Next Big Thing 2011" survey, IronKey secures data and online access for individuals, enterprises, and governments. IronKey solutions (IronKey.com) protect remote workers from the threats of data loss, compromise of passwords, and computers infected by malicious software and crimeware. IronKey multi-function devices connect to a computer's USB port and are easy to manage with the IronKey management service. This allows users to securely carry sensitive corporate data, strongly authenticate to VPNs and corporate networks and isolate online banking customers from Advanced Persistent Threat attacks. IronKey customers include Fortune 500 companies, healthcare providers, financial institutions and government agencies around the world. Trusted Access for Banking has also won numerous awards such as ‘FutureNow 2010 Top 5’ from Bank Technology News.