FBI warns financial institutions are being highly targeted by fraudsters

By , Network World |  Security, cybercrime, FBI

" Ensure that workstations utilize host-based IPS technology and/or application whitelisting to prevent the execution of unauthorized programs.

" Monitor employee logins that occur outside of normal business hours.

" Consider implementing time-of-day login restrictions for the employee accounts with access to payment systems.

" Restrict access to wire transfer limit settings.

" Reduce employee wire limits in automated wire systems to require a second employee to approve larger wire transfers.

" If wire transfer anomaly detection systems are used, consider changing "rules" to detect this type of attack and, if possible, create alerts to notify bank administrators if wire transfer limits are modified.

" Secure and/or store manuals offline or restrict access to the training system manuals with further security, such as enhanced access controls and/or segregation from the payment systems themselves.

" Monitor for spikes in website traffic that may indicate the beginning of a DDoS and implement a plan to ensure that when potential DDoS activity is detected, the appropriate authorities handling wire transfers are notified so wire transfer requests will be more closely scrutinized.

" Strongly consider implementing an out of band authorization prior to allowing wire transfers to execute.

" Limit systems from which credentials used for wire authorization can be utilized.

Follow Michael Cooney on Twitter: @nwwlayer8 and on Facebook.

Read more about wide area network in Network World's Wide Area Network section.

Originally published on Network World |  Click here to read the original story.
Join us:






Ask a Question