Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Identity and Authentication Services

How to Defeat the Two-factor Authentication-Killing Malware

Created: 05 Apr 2012 • Updated: 08 Aug 2012 • 1 comment
Marty Jost's picture
+2 4 Votes
Login to vote

A recent BBC article has shed further light on the fact that not all online security companies or products are created equal. According to the article, hackers have found a way around some banks’ two-factor authentication security devices and have gained access to customer accounts.

The article describes these attacks as “Man-in-the-Browser” attacks, where malware resides in the web browser on a person’s device and gets between the user and the website, changing what is seen by the user and altering their account information and finances without their knowledge.

The types of malware that are used in these attacks are specifically designed to avoid signature-based detection mechanisms so that some virus protection software will find it. This situation is terrifying to both users and banks, especially considering their multi-factor authentication becomes basically null and void when this malware attacks. Suddenly the thick iron wall of protection becomes little more than a sheet of paper trying to stop an attacking malware tank.

So what are banks, or any other business that relies on multi-factor authentication to do? Can this kind of Man-in-the-Browser attack be prevented? We’re happy to say that yes, this type of attack can be prevented and stopped.

First, users should have up-to-date security on their PCs, smartphones and tablets. Having appropriate protection will help guard against viruses and malware latching on to a person’s device. Second, there are currently a number of products offered by Symantec that can protect against this attack, even if the malware has successfully penetrated a machine or browser. Symantec saw this kind of malware threat emerging years ago and worked to build in new advanced detection mechanisms like Insight and SONAR to specifically confront this type of targeted malware.

While getting users to purchase or download this security is out of the control of a bank or business, it should definitely be suggested for partners and employees. When users, partners and employees take an active role in the security of their information, much progress can be made in protecting that data.

Businesses and banks should use Symantec’s strong authentication solutions such as VIP  or Managed PKI products with some kind of additional hardware-assisted technology to defend against attacks of this nature. Essentially, this approach additionally protects user credentials by shielding them from the rest of the system so the malware can’t see it. Using these products will help make sure that even if a user, partner or employee has failed to update their security, or install any at all, their information can be protected when they access it online.

Banks and businesses will be most effective at thwarting this and other attacks and threats by combining VIP and PKI products with fraud detection, behavior based authentication, two-factor authentication and Insight Anti-Malware Intelligence.

By putting into effect these security measures, banks and businesses can rest assured they won’t find themselves the center of the next article about a successful malware attack.

Comments 1 CommentJump to latest comment

Ian_C.'s picture

users should have up-to-date security on their PCs, smartphones and tablets

That was the best part of the article. That you think of more than just the computer / PC, but any other device that is used for this type of activity.

Please mark the post that best solves your problem as the answer to this thread.
+1
Login to vote