, 2006-05-04
Scott Granneman's latest column looks at recent security examples where people have been fooled in increasingly innovative ways: from keyloggers used in a massive bank heist and new Trojans that encrypt data and request ransom money, to real financial rip-offs that extend out from online virtual gaming worlds like World of Warcraft.
Expand all |
Post comment
But am I the only one who thinks Sumitomo Mitsui still doesn't get it? Their response to this attack is to make a change that makes one particular attack mode slightly harder.
The more fundamental issue is that they have a system from which it is possible to steal hundreds of millions of dollars, and any security analysis must therefore take into account the extreme risk that that poses. Clearly criminals might be willing to use almost any mode of attack, from sophisticated technical methods like TEMPEST monitoring through to kidnapping workers' families or storming the place with automatic weapons. So it should be like Fort Knox, with comprehensive, thoroughly analysed security in depth. Instead, they've just set the place up like a regular office.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/401/33587#33587