New information suggests that a high number of wire-transfer businesses may be infected with security-compromising viruses, despite the sensitive nature of the transactions they handle. Wire transfers are a common way for immigrants working in the United States to send money home to relatives in need.
These payments are oftentimes an extremely important source of revenue for both the individuals in question and the nations in which they live and, in some nations, account for a substantial percentage of cash inflows. In 2007, Mexican immigrants sent some $24 billion in remittances back to their home country. That's just three percent of Mexico's GDP, but it represents the country's second-largest source of foreign currency behind oil revenues. It's unclear how much money flows from developed nations into the third world from these unofficial channels, but 2006 estimates put the total somewhere between $250 billion-400 billion.
According to security firm Panda Security, however, the wire shops many of these transactions flow through are handling the cash flow on systems that are infected with the nastiest kinds of spyware. Panda's results indicate that out of the 300 businesses it evaluated, 60 percent of the 1,500 computers on-site were infested with some sort of spyware. Interestingly, Panda notes that just 30 percent of these systems were running an outdated antivirus solution, which implies that a substantial (though unknown) proportion of those 1,500 systems were both infected and running an up-to-date AV product. This is either a depressing take on the efficacy of current antimalware software, or a not-so-subtle jab at Panda's various competitors—take your pick.
The potential for data theft reportedly went far beyond the theoretical; the company found that certain systems (mainly those with keyloggers installed) had illicitly recorded Social Security numbers and other financial information on certain wire transfer customers. The security problems were often exacerbated in stores where the computers were used for multiple purposes. Shops that only handled wire transfers or check cashing were less likely to have exposed customer data, since these transactions are primarily cash-based, but pawn shops or those companies handling a wire business on the side often processed all customer data in one location.
"The danger with these computers is that, unsafe as they are, they are very frequently used to conduct bank transactions. The risk is enormous as we are talking about very sensitive information being stored on infected, vulnerable computers," says Dominic Hoskins, Country Manager, Panda Security UK. "This combination of lack of maintenance, low security consciousness and inappropriate end user behaviour results in highly vulnerable systems that are very easy for cyber-criminals to infiltrate."
Hoskins is right, insofar as these systems are vulnerable, and vulnerabilities are bad, but there's a practical rebuttal to the idea that these vulnerabilities represent a major threat. The shops in question are small, local businesses, heavily concentrated in certain urban areas. The financial value of any one store's customer lists and data is quite low by black hat standards, and while infiltrating all of the stores in an area could potentially be quite profitable, it represents quite a lot of work for a very low reward. Keep in mind that Panda Security focused on small wire transfer companies here, not large organizations—Western Union and its competitors are, as far as we know, a safe bet.
No comments:
Post a Comment