These are some countermeasures I have identified to reduce the risk in Internet banking for each attacks.
· User Surveillance
o Having a security policy regarding token and password handling.
· Theft of token and handwritten notes
o Having a security policy regarding token and password handling.
o Giving passwords that are easy to remember still hard to guess such as combing dictionary word with symbols and numbers.
· Hidden code
o Operating System/browser patching
o Code installation blockers
o Anispyware software
o Antiphishing software (URL inspection)
o Firewall for blocking inbound and outbound connections to unauthorized ports
o Intrusion/anomaly detection
o Best practices for browser security (cookies, window pop-ups, java support, etc)
· Worms and bots
o Operating System/browser patching
o Code installation blockers
o Anispyware software
o Custom application secure coding
o Firewall for blocking inbound and outbound connections to unauthorized ports
o Intrusion/anomaly detection
o Best practices for browser security (cookies, window pop-ups, java support, etc)
· E-mails with malicious code
o E-mail policy
o Code installation blockers
o Attachment blocking
o HTML code blocking
o Antispam software
o Anispyware software
o Antiphishing software (URL inspection)
o Firewall for blocking inbound and outbound connections to unauthorized ports
o Intrusion/anomaly detection
· Smartcard analyzers
o Noise generators
o Power and time neutral code designing
· Smartcard reader manipulator
o Secure smartcard interface design and implementation
· Brute force attacks with PIN calculations
o Increasing number of digits (at least eight digits)
· Social engineering
o Increasing security awareness
o Simple URLs that are easy to remember
o Antiphishing software (URL inspection)
· Web page obfuscation
o Monitoring the domain name server (DNS)
o Prohibiting the IP addresses instead of URLs.
o Using predetermined list of valid URLs.
· Pharming
o Monitoring the server
o Patch management
o Intrusion/anomaly detection
o Firewall
· Active man in the middle attacks
o Using predetermined SSL certificates
o Mutual authentication and encryption through client-server SSL
· Session hijacking
o State management to prevent session ID specification in the message, session ID rotation and life cycle management
· Brute force attacks
o Monitoring the server
o Patch management
o Intrusion/anomaly detection
o Firewall
· Bank security policy violation
o Security policy implementation according to standards such as ISO 17799
· Website manipulation
o Monitoring the server
o Patch management
o Intrusion/anomaly detection
o Firewall
magnificent ..
ReplyDelete