Avivah Litan

A member of the Gartner Blog Network

Avivah Litan
VP Distinguished Analyst
12 years at Gartner
30 years IT industry

Avivah Litan is a Vice President and Distinguished Analyst in Gartner Research. Her area of expertise includes financial fraud, authentication, access management, identity proofing, identity theft, fraud detection and prevention applications…Read Full Bio

Coverage Areas:

DDoS diverts attention during Payment Switch takeover

by Avivah Litan  |  August 12, 2013  |  21 Comments

DDoS attacks are an increasingly popular method for criminals to divert bank security staff attention while defrauding bank systems. Until recently, most illegal money transfers were accomplished via account takeover – of either customer or employee accounts when the fraudsters moved money from customer accounts to their mules and eventually their own accounts.

A new much more ominous attack type has emerged over the past few months – and uses DDoS as its cover. Once the DDoS is underway, this attack involves takeover of the payment switch (e.g. wire application) itself via a privileged user account that has access to it. Now, instead of having to get into one customer account at a time, the criminals can simply control the master payment switch and move as much money from as many accounts as they can get away with until their actions are noticed.

Considerable financial damage has resulted from these attacks. One rule that banks should institute is to slow down the money transfer system while under a DDoS attack. More generally, a layered fraud prevention and security approach is warranted. See our research on the Seven Dimensions of Context Aware Security and the Five Layers of Fraud Prevention.

21 Comments »

Category: Uncategorized     Tags:

21 responses so far ↓