Preventing Scalable MitB Attacks – ActivIdentity Blog

Malware hijacking attacks are certainly nothing new – criminal hackers have been wreaking havoc with the Zeus trojan for years, attacking everything from bank accounts to government networks. However, an extremely specific, targeted threat against the online banking industry has emerged, drawing serious attention for its sheer magnitude, ingenuity and potential for extreme damage: the Man in the Browser (MitB) attack.

These attacks can often be spotted if a transaction seems to be taking longer than normal, or if a user is asked for more information that is usually required. Additionally, infected machines often slow down substantially while the malware takes over the processor and Internet connections.

This advanced attack, once an occasional exploit, has evolved into a global, multi-million dollar cyber crime industry – and threatens online banks around the globe in a huge way. For this specific type of attack, the malware lives in the Web browser, and can get between the user and the website, altering what is seen and covertly changing what is being entered. Because these attacks are constantly evolving, organizations are struggling to defend themselves and are increasingly realizing that their traditional online defenses simply cannot keep pace.

Standard Web browsers have not been architected to keep up with the continuous steam of targeted malware attacks, and firewall and antivirus products are simply not enough to protect against the massive number of attacks on the end-user PC. Furthermore, a MitB attack can be successful regardless of the authentication method in place, as the malware has the ability to control the application used to transact online (i.e. the Web browser). In fact, no singular security method has proven to be robust enough to prevent these sophisticated malware attacks on its own. To effectively counter this new wave of online banking fraud, focus must shift to preventing the scalability of malware attacks.

Of course online banking, though convenient, can come with a security price. Customers do not always follow prescribed security procedures and most will not accept higher security at the cost of poor usability. So it is critical that banks provide an effective, layered protection that can be active without requiring any user participation or special procedures.

ActivIdentity’s 4TRESS Authentication Appliance solution enables a cohesive layered and proactive framework for endpoint and backend security needed by banks to combat today’s online threats, as well as those that have yet to appear. Real-time device profiling and mobile location services coupled with versatile strong authentication and out-of-band (OOB) verification go a long way to prevent malware attacks while maintaining customer convenience with transparent and adaptive security calibrated to risk profiles. This, combined with an endpoint security layer of a hardened application, i.e. a secure browser that can communicate with the authentication device’s firmware and connect only to bank Web sites on its “white list”, criminal hackers can be forced to work much harder for any successful MitB attack.

Leave a Reply