Breaches hit both big and small banks. For example, hackers have stolen the login credentials for more than 8,300 customers of a small New York bank after breaching its security and accessing a server that hosted its online banking system. The intrusion at Suffolk County National Bank (SCNB) happened over a six-day period that started on November 18, according to a release issued January 11. It was discovered on December 24 during an internal security review. In all, credentials of 8,378 online accounts were pilfered, a number that represents less than 10 percent of SCNB’s total.
Fraud through illegal use of credit cards also continues as a security worry.
Card fraud costs the U.S. card payments industry an estimated $8.6 billion per year, according to a report released on January 13 by Aite Group. Though this sum is small compared with the $2.1 trillion in total yearly U.S. card volume, this area remains troubling for the industry. Fighting card fraud effectively involves triage and telepathy — picking appropriate battles to fight while anticipating fraudsters’ next steps based on the rapidly evolving technological landscape, Aite’s analysts say. Card technologies in the United States are unlikely to be universally upgraded anytime soon due to prohibitively high implementation costs and the loss of signature interchange. Given the relative speed and cost efficiency for deployment, the most practical method of mitigating card fraud currently would be based around end-to-end encryption, they say.
Information on ID management and bank security is on the Security Magazine Web site at www.securitymagazine.com – use the keyword search function.