13 December 2017
visit www.aciworldwide.com

SSL flaws exploited at Swedish banks - Reuters

27 August 2002  |  5419 views  |  0 SSL flaws exploited at Swedish banks - Reuters

A computer expert claims to have used recently-publicised flaws in Secure Sockets Layer technology to break into the computer systems of three large Swedish banks.

The Swedish hacking expert demonstrated to Reuters how to exploit weaknesses in SSL to crack the security systems at three of Sweden's big four banks in quick succession. He then concealed his tracks, says Reuters, making detection difficult afterward.

The consultant relied on a variation of a weakness in Microsoft's implementation of Secure Socket Layer (SSL), an industry standard for transmitting credit card numbers and account passwords via the Web.

The security gaps, which allow an attacker to bypass digital certification barriers, were first publicised by a San Francisco security consultant and privacy advocate two weeks ago.

The Swedish hacker says the failures in the bank's systems arose from poor implementation of SSL technology.

According to computer experts, many of the world's major financial institutions are similarly vulnerable because they rely on software using the industry-accepted SSL protocol.

Microsoft in Sweden denied that SSL could be breached in the way shown to Reuters, although the company has admitted that there are problems with the technology. All four major Swedish banks said they were not aware of any break-ins into their systems.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Internet security fears hinder IFAs

Internet security fears hinder IFAs

13 August 2002  |  3132 views  |  0 comments
Australian police probe Internet bank fraud

Australian police probe Internet bank fraud

22 July 2002  |  5272 views  |  0 comments
ING employee in Y500 million settlement fraud - Reuters

ING employee in Y500 million settlement fraud - Reuters

12 July 2002  |  4007 views  |  0 comments
DBS shifts blame for hacking to consumer PCs

DBS shifts blame for hacking to consumer PCs

11 July 2002  |  9215 views  |  0 comments
Hacker escapes with cash haul from DBS Bank online accounts - Reuters

Hacker escapes with cash haul from DBS Bank online accounts - Reuters

05 July 2002  |  8981 views  |  0 comments

Related blogs

Create a blog about this story (membership required)
visit www.aciworldwide.comvisit www.solutions.lexisnexis.comvisit www.atos.net

Top topics

Most viewed Most shared
Saxo Bank's 'Outrageous Prediction': Bitcoin to peak at $60k next year before spectacular crashSaxo Bank's 'Outrageous Prediction': Bitco...
12157 views comments | 7 tweets | 7 linkedin
Deutsche Bank paper hails 'huge' blockchain potentialDeutsche Bank paper hails 'huge' blockchai...
9340 views comments | 16 tweets | 22 linkedin
PSD2: Laying the regulatory foundation for a new age in paymentsPSD2: Laying the regulatory foundation for...
7955 views comments | 17 tweets | 35 linkedin
Santander UK poaches Barclays innovation chief Michael HarteSantander UK poaches Barclays innovation c...
7342 views comments | 8 tweets | 17 linkedin
Alior Bank to use Open API platform and accelerator to create fintech marketplaceAlior Bank to use Open API platform and ac...
7182 views comments | 20 tweets | 11 linkedin

Featured job

Competitive base, double ote, benefits
London, UK

Find your next job