Professional Broking - Internet crime - Criminal evolution heads online

Business intelligence for broker managers

Make PB your home page

Latest issue

Digital edition

PB Competition

PB Management Event

Insurance Golf League

Insurance Masters

Advanced Search

Useful links

Insurance Directories

Email Alerts

Get free news updates from
Professional Broking straight
to your inbox

Poll Question

Technology

1 Oct 2008

Internet crime - Criminal evolution heads online

Katherine Brandon exposes the risks presented by malware to brokers' IT systems

The internet has created a new crime zone in which criminal activity is much harder to trace. Where criminals once had to break into an office to steal data, the internet now allows hackers worldwide to access UK IT systems by using malware - any program that carries out undesirable actions on a computer.

E-mail spreads the bulk of malware and its ruse is simple: open an innocuous-looking e-mail then click on a weblink and you are sent inadvertently to an infected site, at which point the hacker can control your computer remotely. The hacker can upload software that can steal information such as home users' bank details or firms' business documents to then sell on.

The development of cyber-crime is becoming strategic and almost business-like, with hacking groups such as Asprox having formed a coalition - one group owning the code and another the machines that have been taken over, then selling the code as part of a criminal network.

Fallacy

Many small businesses believe that they will not be targeted because big business is perceived as more tempting for cyber criminals, however Graeme Newman, business development director at CFC Underwriting, believes that this view is misinformed: "Like cars, the smallest companies are easiest to break into and therefore are most commonly targeted. You will be exposed if you are not protected.

"Web-based systems make brokers more vulnerable. They are accessible from anywhere in the world and are therefore exposed to bots (automated computer tasks) sent out by hackers that look for unprotected sites, meaning that it is only a matter of time before the site is attacked. It gives hackers a nice route into back-office systems and access to all customer data."

The nightmare does not end with the broker alone. Alex Shipp, chief imagineer and founder of MessageLabs Skeptic technology, comments: "Brokers with their own web servers or sites can also be used to host a hacker's enterprise. This enables them to infect the systems of anyone they deal with that is unprotected."

There are many routes that you can take to protect against malware, including desktop-based software, outsourced IT security provision and web-use policies. "Web filtering is being used increasingly," says Richard Brain, technical director at ProCheckUp. "This allows employees to visit only certain trusted sites. However, an employee may already have malware on their machine from a portable device or home computer.

"Even trusted updates and software are being hacked into. Several high-profile websites have been hit by domain name systems modifications that redirect customers without them realising," he continues.

"See if you can outsource your security provision with an outsourced e-mail scanning service and proxy server that will check your systems for you," suggests Brain. "Give the headache to someone else."

There are many security provision services and the Payment Card Industry Security Council has a list of suggested vendors and services on its website - pcisecuritystandards.org.

Knowledge

It is important not to get carried away, as Newman notes: "There are a lot of uneducated IT buyers in insurance. Security slips down the agenda as security measures make our daily lives more difficult.

"You can lock a system down so much that it can make life very difficult, therefore the right compromise will leave the broker at some risk."

Cyber insurance is important if you want to protect your business fully against internet-based crime. Newman highlights: "Viral attacks leave no tangible physical damage to computers, therefore they are usually excluded from standard office policies. If a broker is hacked into and data is lost then it is left open to civil liability claims from clients and also fines." Recently, TKMaxx was fined $40m by the PCISC after cyber criminals stole thousands of customer card details by infecting a store's cashpoints with malware. Newman highlights: "You can build up years' worth of losses without realising it. We take out contents insurance despite physical security measures being in place in most offices, so why do we not buy insurance against viral attacks?"

Malware 101

Advice from Alex Shipp, chief imagineer and founder of MessageLabs Skeptic technology, which provides integrated messaging and web security services.

How does malware work and how do systems become infected?

The first goal of any piece of malware is to get itself run on a computer using techniques such as social engineering to trick the user into running a program, or targeting exploits in existing software installed on a machine, and running the program automatically. Once malware is installed on the computer, its next actions are limited only by the criminal minds that wrote it.

The program may steal money from online banking accounts, rifle through your network for company secrets or send out spam on behalf of fraudulent marketing companies.

I never use the internet for anything apart from browsing trusted websites. Does that mean that I am safe?

Do not forget that, whenever you are connected to the internet, the internet is connected to you, which means that you can be targeted by cyber criminals. Even trusted websites can contain flaws that hackers can compromise to use to install unwanted malware on your PC.

How can I tell if I have malware already?

There is no easy way to determine whether or not a computer contains malware, though tools such as anti-virus software, rootkit detectors, network sniffers and adware, in addition to spyware detectors, can all help you to identify signs of infection.

Know your enemy

- Postcard - This email pretends to be an e-postcard sent from a friend or family member. Clicking on the malicious link redirects the victim a few times before downloading a piece of malware.

- Parite - Infects host files and drops executable malware.

- Virut - A polymorphic file infector virus that downloads and runs other malicious programs. Occasionally it infects other pieces of malware.

- Storm - Aggressively spreading malware which has formed one of the largest botnets in history with two million compromised computers under its control.

Comment on this story (registered users only)

There aren’t any comments for this article yet

Login to add a comment

Need to register? Click Here

Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503