21 October 2017
Register now

SSL flaws exploited at Swedish banks - Reuters

27 August 2002  |  5374 views  |  0 SSL flaws exploited at Swedish banks - Reuters

A computer expert claims to have used recently-publicised flaws in Secure Sockets Layer technology to break into the computer systems of three large Swedish banks.

The Swedish hacking expert demonstrated to Reuters how to exploit weaknesses in SSL to crack the security systems at three of Sweden's big four banks in quick succession. He then concealed his tracks, says Reuters, making detection difficult afterward.

The consultant relied on a variation of a weakness in Microsoft's implementation of Secure Socket Layer (SSL), an industry standard for transmitting credit card numbers and account passwords via the Web.

The security gaps, which allow an attacker to bypass digital certification barriers, were first publicised by a San Francisco security consultant and privacy advocate two weeks ago.

The Swedish hacker says the failures in the bank's systems arose from poor implementation of SSL technology.

According to computer experts, many of the world's major financial institutions are similarly vulnerable because they rely on software using the industry-accepted SSL protocol.

Microsoft in Sweden denied that SSL could be breached in the way shown to Reuters, although the company has admitted that there are problems with the technology. All four major Swedish banks said they were not aware of any break-ins into their systems.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Internet security fears hinder IFAs

Internet security fears hinder IFAs

13 August 2002  |  3116 views  |  0 comments
Australian police probe Internet bank fraud

Australian police probe Internet bank fraud

22 July 2002  |  5260 views  |  0 comments
ING employee in Y500 million settlement fraud - Reuters

ING employee in Y500 million settlement fraud - Reuters

12 July 2002  |  3988 views  |  0 comments
DBS shifts blame for hacking to consumer PCs

DBS shifts blame for hacking to consumer PCs

11 July 2002  |  9170 views  |  0 comments
Hacker escapes with cash haul from DBS Bank online accounts - Reuters

Hacker escapes with cash haul from DBS Bank online accounts - Reuters

05 July 2002  |  8835 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.fivedegrees.nlvisit www.innotribe.comRegister now

Top topics

Most viewed Most shared
HSBC partners Bud for open banking trialHSBC partners Bud for open banking trial
8679 views comments | 21 tweets | 26 linkedin
satelliteGates Foundation backs Ripple collaboratio...
8600 views comments | 13 tweets | 10 linkedin
IBM uses blockchain to improve cross-border payments processingIBM uses blockchain to improve cross-borde...
7694 views comments | 9 tweets | 17 linkedin
Sibos 2017: API or the highwaySibos 2017: API or the highway
7157 views comments | 10 tweets | 22 linkedin
Eight banks form joint venture to launch blockchain trade platformEight banks form joint venture to launch b...
6765 views comments | 14 tweets | 23 linkedin

Featured job

Competitive base, commission, benefits
London, UK

Find your next job