The Federal Financial Institutions Examination Council (FFIEC) has issued a directive for all banks to improve their monitoring of ATM fraud and distributed-denial-of-service (DDoS) cyber-attacks. The warning was directed mainly toward small to mid-sized banks that tend to use web-based ATM control panels and have limited servers to handle large amounts of web traffic.
U.S. businesses are regularly under attack and breached by hackers. One method of emptying a bank account is through a means known as Unlimited Operations. This method involves hackers gaining access to bank accounts. Once able to reset a pin number and circumvent banking security protocols, the hacker can electronically transfer large sums of money to a secondary location. Another means of cyber-attack is to increase the daily withdrawal limit and allow cash advances to be made in another part of the world by proxies. This can be done by changing the customer access to another part of the world. A third means of attaining funds is to create fake prepaid debit cards with large limits.
The second FFIEC concern addressed DDoS attacks in which large streams of Internet traffic come at once to a website, causing it to slow down or crash. The FFIEC is requiring banks to institute programs that identify and prioritize risks to their critical systems, and to better monitor web traffic. Financial institutions breached by hackers face a loss of reputation among the public.
Banks told to improve against fraud and cyber-attacks by the FFIEC are expected to review their current security measures and improve monitoring of their computer networks and ATM machines against fraud and DDoS. Implementing the recommended changes costs time and money. Small to mid-sized banks have few polices established to detect DDoS attacks. Their servers tend to be few and unable to handle heavy traffic on a regular basis. Larger banks have multiple server farms and software to monitor security, intrusion, and network event software across their vast networks.
Employees at all banks were cautioned to delete unfamiliar emails. Opening either an email attachment or clicking on a link could install malicious software throughout the bank’s network, granting hackers access to ATM machines, customer information, and other sensitive areas. With the right permissions, hackers can change daily ATM cash limits and create fraudulent credit cards with new PINs for third parties to access accounts.
The FFIEC issued further guidelines for banks to review and improve their networks. All banks should update their antivirus software. Log-on attempts to any part of the network must lock after a limited number of attempts. User and network passwords must be changed on a regular basis. Detection and collection information on DDoS attacks needs to be forwarded to the FFIEC and other banks. Even if the firewall fails, the information of how the hackers accessed the bank needs to be shared to prevent other institutions from suffering a similar fate. Banks told to improve against fraud and cyber-attacks against ATM fraud and DDoS attacks are faced with upgrading their current systems and reviewing security protocols which will involve a large investment by banks.
By Brian T. Yates