As organisations around the world deploy stronger, multi-factor authentication, cyber criminals develop better ways to circumvent security measures, and more sophisticated means of attack.
So says Karel Rode, principal consultant at RSA, who adds that man-in-the-middle (MITM) and Trojan attacks are emerging as the newest ways for criminals to commit fraud and identity theft. He says MITM attacks involve the end-user visiting what seems to be a genuine Web site, but is actually a spoofed site.
Unnoticed behind the scenes, a cyber crook or 'man-in-the-middle' lurks, who feeds the data entered by the user, in real-time, to the genuine site of the business being attacked, validating the user, and performing a malicious transaction.
“If the user is prompted to provide additional authentication, the MITM server will pass the request to the user and validate itself.” He says these attacks appear authentic, even to sophisticated end-users.
Rode says in order to prevent these types of attacks, strong authentication, and devices such as e-tokens are simply not enough. “Adaptive authentication and transaction monitoring offer advanced protection against MITM attacks. All activities processed by these two systems are analysed for device characteristics and passed through the risk engine, which generates a score between nought and 1 000, based on pre-defined and profile-driven indicators.”
He says the higher the risk score, the greater the chance of the transaction being fraudulent. “When a potential threat is detected, the risk engine will either flag the activity for further review or recommend extra authentication.”
Companies that combine one-time password, or e-token authentication with transaction-level risk-based authentication, give the most comprehensive protection against MITM breaches.
“Strong authentication and ongoing user education have made it harder for cyber criminals to successfully fleece online users through phishing and other traditional attacks.
“Cyber crooks are getting cleverer and increasingly sophisticated, not only in their methods, but in their technologies. Security professionals agree that a layered security approach that combines external threat protection, login authentication as well as transaction monitoring is the best way to protect against attack.”
Related stories:
Have banks done their homework?
ATM malware could hit SA
Banking scammers up their game
Share