Prevent Banking Trojan Attacks with a Managed IT Provider

By |2019-03-12T11:39:10-05:00March 19th, 2019|

Threats litter the cybersecurity landscape, and they’re not going away anytime soon. From personal computer hacks to enterprise level wrecking ball attacks, simply having a firewall or an anti-virus program in place isn’t enough to keep your data safe.

It takes extensive training at all levels of an organization to appropriately prepare your employees to spot threats. While the training is not complex, testing and clarifying on a regular basis are crucial to creating an environment where spotting suspicious messages is second-nature.

As a financial institution, you are responsible for protecting the information collected on your patrons. Ever heard of banking Trojans? They’re just one of the very real, very devastating threats to your cybersecurity and data protection. For more details, check out this infographic.

Let’s walk through how this virus could crush your establishment.

What’s a Trojan Virus?

Much like the Trojan horse, the Greeks snuck through the gates of Troy, this virus piggybacks its way in through a legitimate source, downloads to your device without your knowledge, and lurks there waiting to capture personal information. In the case of banks, this kind of infiltration can be devastating.

Trojan hackers are smart. They’ll implement QakBots, which are specific kinds of malware that are designed to target financial institutions or whaling tactics when they think there’s a chance of success.

Whaling means going after an individual in an organization who has a lot of power (or in the case of hacking: access). However, Trojans aren’t always just about getting money. Sometimes this tactic is a small piece of a much larger attack.

So How Do They Get In?

Like other types of malware, the best source of entry for any hacker is your employees. Whether hackers use social engineering, mal-advertising, or phishing tactics, human error is a simple, yet effective way to gain access to your bank’s internal network.

Exploit kits and macro-malware are other tactics that require a bit heavier lifting on the hacker’s part but are incredibly effective.

Exploit Kits
These kits hide in websites and scan users for system vulnerabilities in their operating devices. Missed a patch update? This kit will recognize your vulnerability and quickly invite itself and the virus it houses into your PC. We recommend updating your bank’s operating systems and patching your programs when prompted.

Macro Malware
These sneaky fellas hide by copycatting programming language commonly found in widely known, well-trusted software programs so they’re missed by detection software.

 

So How Do Trojans Take Your Bank’s Money?

They typically steal information which is sent to the hacker who then steals money. There are a few ways this can happen:

Keystroke Tracker
These record what you type and send that information to the hacker to use, allowing them access to your bank’s network.

Malicious Redirects
This sinister method takes legitimate sites your employees think they’re using and sends them to a duplicate, nearly-identical fake site instead that requires personal information (think Amazon, eBay, other sites employees may visit at work, etc). When information is entered, hackers use it to try to enter into your bank’s network.

Document Scanners
These programs look for files on your company devices that likely have credential information stored. It steals these files and sends them back to the hacker to peruse until they gain unfettered access.

Screen Capture/Record
This does exactly what it sounds like: without your knowledge, it records what’s happening on your computer screens and sends that information to the hacker.

How Do You Spot Them?

The trouble with Trojans is that they don’t always wreak noticeable havoc the minute they get in. They can lurk in your system for long periods of time until they’ve amassed as much information as they could possibly want, and they’re smart about how they do it.

Trojans can avoid detection by:

  1. Changing code. This makes them harder to recognize when file scanners from anti-virus programs run a search on your PC.
  2. Attaching hidden malicious code to images. This makes a seemingly harmless file a host for the Trojan while evading the detection of anti-virus software.
  3. Using rootkits. Perhaps the most insidious type of malware a computer can get, a rootkit hides itself in your computer while stealing information. It’s undetectable from anti-virus and other scanning software making it nearly impossible to catch.

How can you tell you’ve been infected? This is tricky. The symptoms range from:

  • Slow performance
  • Slow internet
  • Settings that won’t save
  • No symptoms at all

It’s crucial to have a team who knows what to look for and how often to check based on the sensitivity of information your business contains.

How to Protect Your Institution

There are a few simple things your team can start doing today:

  • Update software and systems
  • Start training employees to spot suspicious content from websites to email and social engineering messages
  • Install and regularly run anti-virus and other security systems
  • Require employees to use safe browsers
  • Consider traffic filters to find hidden malware

Even if you have a phenomenal internal IT team, it’s wise to consider partnering with a Managed IT Service provider for things like cybersecurity and regulatory compliance. Managed service teams have a wealth of knowledge, spanning several levels of experience and expertise to provide guidance and backup when the world of IT becomes more complex.

Know what to ask when searching for the right partner. The full power of a team on your side when you need it can’t be beat.

 

 

Subscribe to our blog