Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Online bank security worsens

More security bugs crop up as banks rush online.

Article comments

Banks' online security is getting worse as they rush to offer services online, according to new research.

This year's Annual Security Report from NTA Monitor, a security testing firm, found that 20 percent more security vulnerabilities turned up in the infrastructures of banks, building societies and other financial institutions compared with last year's report. The survey covers networks, applications and systems.

By comparison, a month ago NTA reported that the security of UK organisations in general improved year-on-year. Thirty-two percent of UK organisations tested had critical vulnerabilities that are widely known and exploited, compared to 61 percent in 2006.

Meanwhile, financial organisations tested positive for an average of three more vulnerabilities in the 2007 survey, NTA said.

A common category was buffer overflows in Bind running on DNS servers, which could allow an attacker access to the server.

Another common problem was expired SSL certificates, which force users to acknowledge that they know the certificate is invalid before they can access the site.

NTA technical director Roy Hills said the increase in security problems is due to growing pressure on financial organisations to go online. "Whilst this extra accessibility is of benefit to many customers, at the same time it can increase the exposure to external attacks," he said in a statement.

Among NTA's recommendations are to ensure SSL certificates are always renewed on time, to change default settings on Apache, in order to avoid denial of service attacks, and to keep up to date with patches.



Share:

More from Techworld

More relevant IT news

Comments

Dave said: In a world where the service sector has lost its focus on perfection costs money and downgraded itself to a service level approaching mediocracy I no longer feel comfortable using on-line banking from my PC I have no choice but to accept financial institutions using the internet to conduct business I have experienced first hand this deterioration in the Insurance sector and the Medical sector When a problem is found it should be the task of responsible institutions to make immediate corrections Software and hardware vulnerabilities in this case should be looked after quickly not when it fits someones schedule or budget Those at risk are we the public the consumers those who must put their trust in professionalism and not be deceivedIt is a sad situation but the financial establishments lapses in integrity are but a microcosm of our western society Did Rome not but cumble from within Does history repeat itself



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *