Customers can relax, despite banking security breach

2013-10-18 09:31
Banking customers should be vigilant and report fraudulent transactions on accounts. (Duncan Alfreds, News24)

Banking customers should be vigilant and report fraudulent transactions on accounts. (Duncan Alfreds, News24)

Multimedia   ·   User Galleries   ·   News in Pictures Send us your pictures  ·  Send us your stories

Cape Town - Banking customers should not be too concerned about the breach in security that saw the institutions lose millions to an international card fraud syndicate.

The scam hit businesses that make use of the point of sales terminals and the Dexter malware as it is known, was used to gather customer information and sold to other criminals.

"Immediate and pro-active steps have been taken by Standard Bank and at an industry level to identify and limit the extent of the potential exposure," said Standard Bank spokesperson Ross Linstrom.

Reports suggest that around R100m was lost to thieves who targeted the point of sale machines commonly used in restaurants.

Cyber criminals have readjusted their focus to target financial information and while banks are very difficult to compromise, crooks look for the weakest link in the chain.

"An attacker only needs to find the weak link in the chain, the chink in the armour. They're not going to go with a sledgehammer after the most secure system in the environment," John Yeo, EMEA director at Trustwave told News24.

Suspicious activity

Trustwave division Spiderlabs specialises in penetration testing or ethical hacking.

The company revealed that the overall majority of companies that were hacked were unaware of being penetrated because of the nature of the malware that targeted specific networks.

"Of those 450 investigations we conducted last year, the vast majority we saw in each of those cases was bespoke so it wasn't something that was off the shelf or that was used in many different organisations - it was written with a very specific purpose in mind and was only used once," said Yeo.

Standard Bank said that all affected cards were placed on watch so that the bank could monitor any suspicious activity. It urged customers to be vigilant for unauthorised transactions.

"Should customers become aware of any suspicious transactions through MyUpdates (SMS alerts), internet banking, mobile app, or on their bank statements, they are requested to contact Standard Bank on 0861 201 000," said Linstrom.

First National Bank said that banking institutions were likely to be primary targets of cyber criminals, but that technology could be employed to limit serious impact of fraud.

"I do think all banks are very rich in technology: Technology drives every transaction; every deposit, so it's got to be a core skill. In fact it's the thing in the bank that scales the most, but we have tried to go beyond that as a key differentiator in how we can make the lives of our customers easier," said FNB CEO Michael Jordaan.


The integrity of banking sector security is illustrated by the fact that Dexter was focused on the point of sale machines, rather than directly at banking infrastructure.

Trustwave said that retail was proving to be a growing target with criminals and has had to contend with nearly half (45%) of all attacks.

"There are several contributing factors to this continuing trend, such as the sheer volume of payment cards used in these industries makes them obvious targets, as well as the fact that the main focus of organisations operating in these spaces is customer service, not data security," said Andrew Kirkland, regional director at Trustwave.

He said that the security landscape in SA cybercrime was making a definite shift toward retail, especially as electronic payment channels were expanding in use.

"The retail space saw a 15% increase in 2012 compared to 2011, nearly equal to the 17% drop in Food and Beverage breaches. During the past three years, these two have been almost interchangeable, with similar network layouts due to the payment systems and software vendors used."

- Follow Duncan on Twitter
Read more on:    trustwave  |  fnb  |  standard bank  |  cybercrime

Join the conversation! encourages commentary submitted via MyNews24. Contributions of 200 words or more will be considered for publication.

We reserve editorial discretion to decide what will be published.
Read our comments policy for guidelines on contributions.
NEXT ON NEWS24X publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
Comments have been closed for this article.

Inside News24


Book flights

Compare, Book, Fly

Traffic Alerts
There are new stories on the homepage. Click here to see them.


Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire network.


Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.