Mobile Threats, Banking Malware Top SMB Security Worries

Paul Mah

An earlier report carried on InformationWeek highlighted how malware and mobile threats are expected to be key attack vectors against SMBs this year. While the original article was written in January, various developments since have only served to strengthen the argument.


Banking Malware


Michael Kaiser, executive director of the National Cyber Security Alliance delivered somber news this week on the malware front:

We've seen many cases now where by stealing the banking credentials of a small business, the cybercrooks have gone in and drained their bank account of $300,000 or $400,000 in one fell swoop.

Kaiser made this remark in reaction to a survey by Visa and the National Cyber Security Alliance that revealed that small business owners believe they are less of a target compared to enterprises.


Slide Show

Five Top Mobile Device Risks and How to Protect Your Business

In a specific case reported by InfoSecurity Magazine, a Kansas car dealership lost $63,000 to the infamous Zeus Trojan, which compromised the Windows PC of the financial controller. Following an initial "recon" where transaction history and account balances were accessed, fake payrolls were generated and money siphoned out in a lightning blitz the very next day. In addition, confirmation e-mails from the bank were also suppressed by the unknown hackers courtesy of their control over the commandeered workstation.


Security researcher Brian Krebs was critical about how transactions in the Kansas case relied on a workstation staying infection-free, placing the onus on the bank for having a more robust set of security measures. Krebs observed that mechanisms that rely on an uninfected system are "trivially vulnerable to compromise" when faced with newer, stealthier banking Trojans.


New Mobile Threats


Yet even as banks and businesses are still grappling with the implementation of more robust measures, some cyber criminals are already moving ahead and targeting two-factor authentication. Underscoring their increasing sophistication, the presence of the ZeuS Mitmo malware was spotted surfacing in Poland recently, which injects fraudulent fields into a Web page to quiz users on the model of their mobile phone and mobile number. A text message is then sent with a link to a customized malware for Symbian or BlackBerry smartphones.


An infected smartphone in this instance essentially allows the hackers to circumvent even two-factor security. As reported on SC Magazine:

This application monitors all incoming SMS messages and sends them to the number operator' of Zeus. The owner of the phone cannot see even notice that he got a new message.

In Conclusion


In a nutshell, SMBs need to distance themselves from the fallacious thinking that they are too small or insignificant for "big time" hackers. Given the multiple reported instances in which SMBs are divested of their money via fraudulent electronic transfers, it is clear that the reverse is true and SMBs are really the new targets of cyber criminals.


The appearance of Trojans on mobile platforms to defeat two-factor authentication is also a sign that cyber criminals are continually adopting new and advanced techniques. Given the sophistication of the opposition, SMBs opting to take a backseat on their computer security is like the proverbial child who plays with fire. Kaiser summed up the bottom line when he said: "The greatest threat to a company's cyber security is complacency."

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Add Comment      Leave a comment on this blog post
Feb 28, 2011 2:01 PM Gina Sheibley Gina Sheibley  says:

Great points in this article, Paul!  This is a big issue for SMBs. Criminals know that SMBs may have fewer safeguards in place to protect financial transactions and information, so they have become a prime target for cyber attacks. I work for Symantec and our recent report on Attack Toolkits and Malicious Websites found that these kits are becoming more accessible and easier to use, attracting traditional criminals even if they don't have any technical expertise. You can read more about it here: http://www.symantec.com/about/news/resources/press_kits/detail.jsp?pkid=attackkits.


Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.

Subscribe Daily Edge Newsletters

Sign up now and get the best business technology insights direct to your inbox.