So what is my humble opinion? Next generation Online Banking Trojans (OBT's) will emerge which will paralyze the online banking industry. Bank Technology News Editor's Rebecca Sausner was not far off when she proclaimed that online banking is dead. It's dead as we know it. Which is typing in username's and passwords.
In 2009 we saw Conficker, Zeus, Clampi and URLZone. Nobody seems to know what Conficker's purpose is, Zeus is immune to up-to-date anti-virus programs, analysts say the only way to avoid "getting the Clampi" is to use separate machines for browsing and online banking and URLZone siphons money from online banking accounts and then rewrites the html code to make it appear that your balance is still in order.
So what would happen if the bad guys combined the best features of these banking trojans to create a brand new next generation OBT. 2010's biggest security threat...and the end of typing in financial information into boxes in browsers...
Look at what happened in 2009. Besides the fact that malware now infects about 60% of the worlds PC's, accepted two-factor authentication techniques, such as One-Time-Password's (OTP's) have been deemed inadequate.
The good news is that there are millions of these OTP generating fobs that need replacing and HomeATM provides the only genuine two factor authentication device to be PCI 2.x certified. Again, what you have (card) and what you know (PIN) is genuine 2FA...and is still the most trusted method used by financial institutions to dispense cash from ATM's. One of the lines I used a lot this year was "Someone's going to swipe your card data...shouldn't it be you?" Well...shouldn't it?
The rise of the Conficker worm and rogue antivirus scams were of the biggest security trends of 2009. What's in store for 2010?
"It's going to get worse," says Patrik Runald, senior manager of security and research at Websense, who argues there has not yet been a year when things got better in terms of security and the wider internet. Criminals have been mastering botnets, phishing scams and fake antivirus software sales, and 2010 will bring new waves of attacks that exploit fresh targets. Specifically, smartphones such as the Apple iPhone and those based on Google's Android operating system will be in attackers' line of sight for 2010, Runald says.
While a handful of malware attacks have surfaced of late against 'jailbroken' iPhones (ones whose owners have deliberately disabled Apple controls), it's only the beginning...
Continue Reading
