18 April 2014

Chris Pickles

Chris Pickles - Consultant

87 | posts 189,838 | views 15 | comments

Security, DoS attacks and magic tricks

21 January 2013  |  3821 views  |  0

It’s pretty frightening when I hear my colleagues who specialise in security services describe the kind of things that hackers get up to – maybe because I think that I’m pretty clever (38 years in IT, etc) but then something simple catches me out.

For example, on the Eurostar back from Paris last week an email popped up in my Blackberry from Visa, telling me that my card security had been breached and I should contact them immediately.  I remembered using my card in a ticket machine on the metro, so I very quickly clicked on the link to get things sorted out fast and saw that they wanted confirmation of my details.  ALL of my details.  In a moment of panic, the bad guys had almost had me.  Obviously the email wasn’t really from Visa – but it was a close call!

One of the tricks that hackers are using on banks now is hitting them with denial-of-service (DoS) attacks not just to jam up their systems but to distract the banks’ security staff from their real target.  They keep hitting multiple domains that a bank is running with DOS attacks so that more and more of a bank’s internal security team get dragged into fighting back. Meanwhile, the hackers breach another of the bank’s domain names and use that opening to defraud the bank and its clients while everyone in the bank is looking the other way.  Like the best magic tricks, they get you to look at one hand that is very busy while it’s really the other hand that’s doing the tricky stuff.

The hackers have caught on to some of the personnel problems that banks are facing today, as – in a do-it-yourself world - downsizing staff and IT budgets can mean downsizing security too.

TagsMobile & onlinePayments

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Latest posts from Chris

China joins the global LEI initiative

12 August 2013  |  2055 views  |  0  |  Recommends 0 TagsSecurityRisk & regulation

Venture Capital, Risk Management and the Dealing Room

13 June 2013  |  2257 views  |  0  |  Recommends 1 TagsSecurityRisk & regulation

Chicago - where the Big Data grows

25 March 2013  |  3497 views  |  3  |  Recommends 0 TagsTrade executionPost-trade & ops

25 years of the German Exchange

22 March 2013  |  2165 views  |  1  |  Recommends 0 TagsTrade executionPost-trade & ops

Vote for FIX for LEIs and CAT NMS

08 February 2013  |  2500 views  |  1  |  Recommends 0 TagsTrade executionPost-trade & ops
name

Chris Pickles

job title

Consultant

company name

Consultant

member since

2009

location

England

Summary profile See full profile »
I help organisations that work in the financial sector around the world to understand better how ...

Chris's expertise

What Chris reads
Chris writes about

Who is commenting on Chris's posts