Data released by Lookingglass Cyber Solutions this week reveals a disturbing fact: eighteen out of twenty four large banks across the world have been infected with viruses that have done the rounds in recent times: Conficker, Zeus, Gamover Zeus, Exploit Kit, DNS Changer, Fake AV and others. In all about 100 different viruses and other types of infections affect about 1.6 percent of all web users. The study, which covered 42 million infected IP addresses also reveals that 40 percent of users suffer from multiple infections.
While the banks in question have taken swift action to counter the menace, 65 percent of the banks affected with such virus suffer from re-infection at a later date. This is caused mainly by the banks interacting with channel partners who remain less diligent about security than mainstream corporations. The chances of smaller entities, which do not devote much time or expertise to network security, being affected by malware and then spreading the infection through their interactions with big corporations such as banks is a live and ever present threat, nullifying much of the extensive security deployments that banks take.
A primary cause for infections spreading through channel partner servers is risky user behavior. The security deployments in place may very well issue a virus warning when a bank’s employee connects to a third party server, but the employee, either owing to the innate habit of overlooking such warnings or due to work pressure, may choose to ignore such warnings and allow the virus in, overriding the roadblocks put up as a part of security deployment.
However, end users are not the only ones responsible for such third-party induced infection. The reason may also be some downloader that no one has detected, or the original infection not properly cleaned up.