News Column

Banks on red alert over advanced fee-fraud threat –Palo Alto Networks

July 28, 2014


Nigerian banks and other corporate organisations globally have been put on red alert over new and advanced internet scammers operating within the country.

Palo Alto Networks, internet security consultants which hinted about the scam warned of new risk to businesses from relative malware "novices", as internet scammers from Nigeria have changed their tactics and are now more likely to be targeting businesses with information-stealing malware.

This is coming as the Central Bank of Nigeria (CBN) disclosed that the nation's banks lost N40 billion to cyber crimes in 2013 alone.

Chief Information Security Officer, CBN, Mr. Taiwo Longe, made the disclosure at the first National Cyber Security Forum in Lagos organised by the Office of the National Security Adviser.

Speaking on the topic, "Ensuring Information Security Assurance through Policy Framework," Longe said cyber security has become an issue the central bank was taking with all seriousness and thoroughness, especially in the cashless economy regime.

He said the cashless scheme would go live nationwide next month, adding that CBN was not unaware of the need to collaborate with various stakeholders to ensure that banks and other players in the financial services sector ensured maximum information security.

According to him, information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data takes, whether electronic, print or otherwise.

Longe said, "financial institutions, hospitals, telecommunication corporations and private businesses, among others, amass a great deal of confidential information about their customers, employees, products, research findings and financial status.

He explained that the market value of global cyber crime had reached $288 billion.

Longe said the rising wave of cyber crime globally was alarming "and it is on that basis that the United Nations released the damning figures recently."

However, Palo Alto's new 419 Evolution report reveals that although experts in social engineering with their infamous advance-fee fraud scams, Nigerian cyber criminals are novices when it comes to launching malware campaigns.

The vendor's newly created Unit 42 threat intelligence arm detailed one such campaign, Silver Spaniel, aimed at its Taiwanese and South Korean customers.

The malware in question, NetWire, is a Remote Administration Tool (RAT) readily available on underground forums.

Typically it's hidden in an email attachment, with the attackers opting thus far not to exploit any software vulnerabilities but instead relying on social engineering to trick users into installing the RAT.

The attackers apparently configure each RAT to connect to a No-IP dynamic DNS domain and use a VPN to hide their IP address. Popular crypter tool, DataScrambler, is also used to help evade detection by many AV tools, the report said.

"Silver Spaniel actors' objective appears to be stealing passwords and other data they can use to further compromise their victim," it continued. "Thus far we have not observed any secondary payloads installed or any lateral movement between systems but cannot rule out this activity," the report claimed.

"It's clear that their efforts are still a work in progress, given the 'tactics, techniques and procedures' used are relatively unsophisticated. For example, several attackers have been spotted by Palo Alto because they exposed their IP address," the report claimed.

For more stories covering the world of technology, please see HispanicBusiness' Tech Channel

Source: Sun, The (Nigeria)

Story Tools Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters