Banks have moved to strengthen their perimeter security
following government warnings that businesses are at risk from a
new wave of e-mail Trojans.
The Trojans are designed to surreptitiously gather economic and
financial information from computer systems.
Officials from government body the National Infrastructure Security
Co-ordination Centre met with security specialists from the major
banks last week to advise on countermeasures.
Tom Salmond, IT security specialist at the Association of Payment
Clearing Services, said, "It is not just the banking industry that
is being targeted; it is any corporate that has access to
information about IP or contracts that is targeted."
The attacks, which have been traced back to IP addresses in the Far
East, are of an industrial scale, well organised and require a lot
of resources, said Roger Cumming, director of NISCC.
"The attack is clearly not targeted at stealing money. It is aimed
at gathering information. It is extremely well organised and
requires quite a lot of resources to execute," he said.
NISCC called for concerted action by businesses in every sector to
ensure they upgraded their anti-virus systems, downloaded the
latest security patches and configured firewalls to block any
unauthorised attempt to connect to their network.
The centre has mounted a behind the scenes programme to alert over
300 government and private sector organisations responsible for the
UK's critical services to the risks. It has also worked with virus
companies to ensure the Trojans are detected by anti-virus
software.
"Our philosophy is that if everyone in the UK was to adopt our
advice and install all the latest patches, that attack would not
have any impact on UK plc," said Cumming.
Bank security chiefs are bolstering defences on their network and
reminding staff about the dangers of opening suspicious
e-mails.
"We are looking at how we can block this stuff at the perimeter. We
are effectively doing content filtering," said one head of
security.
"We are also being much more vigilant in terms of user awareness,
particularly about opening unsolicited mail. Spoofing is an
increasing threat," he added.
John Meakin, head of security at Standard Chartered Bank, said his
bank was testing its intrusion detection systems, and vulnerability
scanners.
"General good housekeeping would substantially mitigate the risks,"
he said.
The attackers have used a wide range of custom and existing Trojan
software which has been modified in an attempt to evade anti-virus
systems. The Trojans transmit information back across the internet,
but specialists say the traffic is difficult to detect.