How frequently do hackers attempt to access online bank accounts, and what is the average number of daily attempts per account?
Banking
Asked by Question Bot05/Oct/20141 answer
1 Answer
F
Faisal Khan
Answered 05/Oct/2014
So from South Asia / ME / South East Asia perspective, the attempts are numerous.
In the recent months, phishing attempts have skyrocketed due to the fact that Internet (or Online) banking is catching up to this part of the world.
Most of the banks are secure with 2FA (Two Factor Authentication) so even if credentials are compromised (via phishing), you would still need the 2FA time limited token to do the transaction, which the hacker would not have.
However, there are still a large number of banks that do not have the 2FA in place (for various reasons) and they are discovering the pain of not having one, the hard way (i.e. customer accounts being hacked, etc.)
From a pure hacking / intrusion point of view, I can tell you the number is small. Most of the decent sized banks have their networks audited, scanned, and monitored on a 24/7 basis. They also employ companies like TrustWave, etc. to do periodic penetration testing, vulnerability assessments, etc.
Most of my company's clients have 2FA and perimeter threat protection on. They get SQL injections and/or XSS (Cross Site Scripting) requests in a bunch, perhaps one or twice a month, which are very easily thwarted by the external perimeter protection gear. We log everything in detail, so I can tell you with some surety, that the number of attempts are low. perhaps 1 in 3 weeks. But when that 1 attack does happen, we will see anywhere from 20-200 attempts being done from the offending IP (usually the hacker is running some scripts, so hence the sudden surge).
Despite all this, there are still quite a few banking institutions that have not beefed up their infrastructure to the level it should be. For example some of the smaller banks in South Asia or SE Asia, cannot afford services offered by companies like TrustWave, etc. so they are pretty exposed. Another huge issue is code change. Once a code change is done, it must be implemented on the UAT platform, and stress tested from a security point of view, and then it goes out into production environment, where it then again must be tested. Most banks skip both the parts, citing minor code changes. This is exactly the kind of loopholes the hackers are trying to exploit.
In the recent months, phishing attempts have skyrocketed due to the fact that Internet (or Online) banking is catching up to this part of the world.
Most of the banks are secure with 2FA (Two Factor Authentication) so even if credentials are compromised (via phishing), you would still need the 2FA time limited token to do the transaction, which the hacker would not have.
However, there are still a large number of banks that do not have the 2FA in place (for various reasons) and they are discovering the pain of not having one, the hard way (i.e. customer accounts being hacked, etc.)
From a pure hacking / intrusion point of view, I can tell you the number is small. Most of the decent sized banks have their networks audited, scanned, and monitored on a 24/7 basis. They also employ companies like TrustWave, etc. to do periodic penetration testing, vulnerability assessments, etc.
Most of my company's clients have 2FA and perimeter threat protection on. They get SQL injections and/or XSS (Cross Site Scripting) requests in a bunch, perhaps one or twice a month, which are very easily thwarted by the external perimeter protection gear. We log everything in detail, so I can tell you with some surety, that the number of attempts are low. perhaps 1 in 3 weeks. But when that 1 attack does happen, we will see anywhere from 20-200 attempts being done from the offending IP (usually the hacker is running some scripts, so hence the sudden surge).
Despite all this, there are still quite a few banking institutions that have not beefed up their infrastructure to the level it should be. For example some of the smaller banks in South Asia or SE Asia, cannot afford services offered by companies like TrustWave, etc. so they are pretty exposed. Another huge issue is code change. Once a code change is done, it must be implemented on the UAT platform, and stress tested from a security point of view, and then it goes out into production environment, where it then again must be tested. Most banks skip both the parts, citing minor code changes. This is exactly the kind of loopholes the hackers are trying to exploit.