17 August 2017
visit www.avoka.com

SSL flaws exploited at Swedish banks - Reuters

27 August 2002  |  5289 views  |  0 SSL flaws exploited at Swedish banks - Reuters

A computer expert claims to have used recently-publicised flaws in Secure Sockets Layer technology to break into the computer systems of three large Swedish banks.

The Swedish hacking expert demonstrated to Reuters how to exploit weaknesses in SSL to crack the security systems at three of Sweden's big four banks in quick succession. He then concealed his tracks, says Reuters, making detection difficult afterward.

The consultant relied on a variation of a weakness in Microsoft's implementation of Secure Socket Layer (SSL), an industry standard for transmitting credit card numbers and account passwords via the Web.

The security gaps, which allow an attacker to bypass digital certification barriers, were first publicised by a San Francisco security consultant and privacy advocate two weeks ago.

The Swedish hacker says the failures in the bank's systems arose from poor implementation of SSL technology.

According to computer experts, many of the world's major financial institutions are similarly vulnerable because they rely on software using the industry-accepted SSL protocol.

Microsoft in Sweden denied that SSL could be breached in the way shown to Reuters, although the company has admitted that there are problems with the technology. All four major Swedish banks said they were not aware of any break-ins into their systems.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Internet security fears hinder IFAs

Internet security fears hinder IFAs

13 August 2002  |  3078 views  |  0 comments
Australian police probe Internet bank fraud

Australian police probe Internet bank fraud

22 July 2002  |  5216 views  |  0 comments
ING employee in Y500 million settlement fraud - Reuters

ING employee in Y500 million settlement fraud - Reuters

12 July 2002  |  3934 views  |  0 comments
DBS shifts blame for hacking to consumer PCs

DBS shifts blame for hacking to consumer PCs

11 July 2002  |  9095 views  |  0 comments
Hacker escapes with cash haul from DBS Bank online accounts - Reuters

Hacker escapes with cash haul from DBS Bank online accounts - Reuters

05 July 2002  |  8771 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.dorsum.euvisit www.worldpaymentsreport.comdownload the paper now

Who is commenting?

Top topics

Most viewed Most shared
DBS Bank launches online car selling marketplaceDBS Bank launches online car selling marke...
9947 views comments | 13 tweets | 11 linkedin
China preps central clearing house for mobile payments providersChina preps central clearing house for mob...
9919 views comments | 8 tweets | 15 linkedin
Monzo appoints Curve co-founder Foster-Carter COOMonzo appoints Curve co-founder Foster-Car...
8264 views comments | 1 tweets | 3 linkedin
hands typing furiouslyCompliance: Overcome the data deficit
7721 views 0 | 1 tweets | 8 linkedin
PayPal buys Swift Financial to boost working capital bizPayPal buys Swift Financial to boost worki...
7659 views comments | 13 tweets | 7 linkedin

Featured job

Find your next job