confidential on-line banking risks & countermeasures by vishal salvi – ciso hdfc bank iba...
TRANSCRIPT
![Page 1: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/1.jpg)
ConfidentialConfidential
On-line Banking On-line Banking Risks & CountermeasuresRisks & Countermeasures
By Vishal Salvi – CISO HDFC BankBy Vishal Salvi – CISO HDFC Bank
IBA Banking Security Summit 2009
![Page 2: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/2.jpg)
ConfidentialConfidential
Agenda
1. Opportunity1. Opportunity2. Threats2. Threats3. Solutions3. Solutions
![Page 3: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/3.jpg)
ConfidentialConfidential
The Opportunity
OpportunityOpportunity
![Page 4: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/4.jpg)
ConfidentialConfidential
The Internet
![Page 5: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/5.jpg)
ConfidentialConfidential
The Internet
Source: Internet World Stats as of Q2 08
![Page 6: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/6.jpg)
ConfidentialConfidential
The Internet
Source: Internet World Stats as of Q2 08
![Page 7: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/7.jpg)
ConfidentialConfidential
The Internet
Source: Internet World Stats as of Q2 08
![Page 8: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/8.jpg)
ConfidentialConfidential
The Internet
Source: Internet World Stats as of Q2 08
19 %
72.5 %
73.8 %
5.2 %
63.8 %
26.1 %
68.6 %
58.1 %
70.7 %
![Page 9: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/9.jpg)
ConfidentialConfidential
The Internet
Source: Internet World Stats as of Q2 08
World Popl. 6.6 Billion
Internet Users 1.46 Billion (22%)
On-line Users584 Million (40%)
Funds Transfer146 Million (20%)
![Page 10: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/10.jpg)
ConfidentialConfidential
Threats
![Page 11: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/11.jpg)
ConfidentialConfidential
Infrastructure
Applications
Data
People
So
ph
isti
ca
tio
n o
f a
tta
ck
s
Low
High
Focus of attacks
Time in years
Password Cracking
Website Defacement
Malware
Network Intrusion
Application Layer Attacks
Unauthorised Access
Information Leakage / Theft
Spam Mail
Social Engineering
Phishing
Pharming
Organized
Crime
Disorganized
Crime
Att
ac
ke
rs P
rofi
le
Trojans
Threat Horizon
![Page 12: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/12.jpg)
ConfidentialConfidential
Threat Horizon
![Page 13: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/13.jpg)
ConfidentialConfidential
Trend Micro
The Crimeware Landscape
![Page 14: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/14.jpg)
ConfidentialConfidential
Phishing
![Page 15: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/15.jpg)
ConfidentialConfidential
Phishing Stats
![Page 16: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/16.jpg)
ConfidentialConfidential
Other Statistics
Distribution of Attacks by Hosting Method Top Ten Countries by Attack Volume
![Page 17: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/17.jpg)
ConfidentialConfidential
The Underground Fraud Ecosystem
![Page 18: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/18.jpg)
ConfidentialConfidential
TechnicalInfrastructure
Cash OutFraudster
The Fraud Supply Chain
HarvestingFraudster
OperationalInfrastructure
CommunicationFraud forum / chat room
Customer Account
Tools Hosting Delivery Mules Drops Monetizing
![Page 19: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/19.jpg)
ConfidentialConfidential
Cash OutFraudster
Fraud as a Service: “Cut the Middle Man”
OperationalInfrastructure
User Account
Mules Drops Monetizing
FaaS
Tools Hosting Delivery
![Page 20: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/20.jpg)
ConfidentialConfidential
Trojans
• Phishing/Pharming Trojans• Keyloggers/Screen-scrapers• MITB Trojans• Active Keylogger + Proxy (Botnet) Trojan
![Page 21: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/21.jpg)
ConfidentialConfidential
Modus Operandi : Harvesting
– Fast-flux networks
Fast FluxFast Flux
![Page 22: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/22.jpg)
ConfidentialConfidential
Underground Market Place : Credentials for Sale
• Potentially captured via crimeware, given FI & country coverage
![Page 23: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/23.jpg)
ConfidentialConfidential
Underground Market Place : Credentials for Sale
• An online ad promoting lists of stolen credit cards
![Page 24: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/24.jpg)
ConfidentialConfidential
Underground Market Place : Herding Mules
![Page 25: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/25.jpg)
ConfidentialConfidential
Phone fraud services to cash out accounts in USA by taking advantage of inherent
weaknesses in the Call Centers. This can spoof any number in the United States. The
service enables fraudsters to accept incoming calls, posing as the genuine account holder.
Latest Trends : Phone Fraud to cash-out
![Page 26: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/26.jpg)
ConfidentialConfidential
Chat in the Middle : Phishing Attack attempts to steal consumers’ data via bogus live chat support– Pop-up chat session with online banking customer– Live Chat session with Bank’s “Fraud Dept” looking to validate personal
information for better service• Request information which may be typically be used for challenge questions
– New twist in Phishing attack
Latest Trends : Chat in the Middle
![Page 27: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/27.jpg)
ConfidentialConfidential
Solutions
![Page 28: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/28.jpg)
ConfidentialConfidential
Multilayer Protection
Customer Awareness & EducationCustomer Awareness & Education
BankBank CustomerCustomer
![Page 29: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/29.jpg)
ConfidentialConfidential
Awareness
![Page 30: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/30.jpg)
ConfidentialConfidential
Anti-Phishing, Anti-Pharming & Anti-Trojan ServiceAnti-Phishing, Anti-Pharming & Anti-Trojan Service
Customer Awareness & EducationCustomer Awareness & Education
Blocking / Shutdowns
BankBank CustomerCustomer
![Page 31: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/31.jpg)
ConfidentialConfidential
Infection / Update DropCommand & Control Bot-Herder
Less than 25% of infected PCs are protected by AV
applications. Even less effective against
the specific threat.
Anti-Trojan Service
Anti-Trojan Service
![Page 32: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/32.jpg)
ConfidentialConfidential
Site-To-User AuthenticationSite-To-User Authentication
Anti-Phishing, Anti-Pharming & Anti-Trojan ServiceAnti-Phishing, Anti-Pharming & Anti-Trojan Service
Customer Awareness & EducationCustomer Awareness & Education
Authentication
BankBank CustomerCustomer
![Page 33: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/33.jpg)
ConfidentialConfidential
Site-To-User Authentication
![Page 34: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/34.jpg)
ConfidentialConfidential
Second Factor Adaptive AuthenticationSecond Factor Adaptive Authentication
Site-To-User AuthenticationSite-To-User Authentication
Anti-Phishing, Anti-Pharming & Anti-Trojan ServiceAnti-Phishing, Anti-Pharming & Anti-Trojan Service
Customer Awareness & EducationCustomer Awareness & Education
Strong Authentication
BankBank CustomerCustomer
![Page 35: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/35.jpg)
ConfidentialConfidential
Adaptive Authentication
Fraud Network
![Page 36: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/36.jpg)
ConfidentialConfidential
Transaction MonitoringTransaction Monitoring
Second Factor Adaptive AuthenticationSecond Factor Adaptive Authentication
Site-To-User AuthenticationSite-To-User Authentication
Anti-Phishing, Anti-Pharming & Anti-Trojan ServiceAnti-Phishing, Anti-Pharming & Anti-Trojan Service
Customer Awareness & EducationCustomer Awareness & Education
Transaction Monitoring
BankBank CustomerCustomer
![Page 37: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/37.jpg)
ConfidentialConfidentialProprietary and Confidential
Transaction Monitoring
![Page 38: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/38.jpg)
ConfidentialConfidential
Physical, N/W, Application, DB & OS level SecurityPhysical, N/W, Application, DB & OS level Security
Transaction MonitoringTransaction Monitoring
Second Factor Adaptive AuthenticationSecond Factor Adaptive Authentication
Site-To-User AuthenticationSite-To-User Authentication
Anti-Phishing, Anti-Pharming & Anti-Trojan ServiceAnti-Phishing, Anti-Pharming & Anti-Trojan Service
Customer Awareness & EducationCustomer Awareness & Education
BankBank CustomerCustomer
![Page 39: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/39.jpg)
ConfidentialConfidential
Traditional layers of Security
![Page 40: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/40.jpg)
ConfidentialConfidential
Physical, N/W, Application, DB & OS level SecurityPhysical, N/W, Application, DB & OS level Security
Transaction MonitoringTransaction Monitoring
Second Factor Adaptive AuthenticationSecond Factor Adaptive Authentication
Site-To-User AuthenticationSite-To-User Authentication
Anti-Phishing, Anti-Pharming & Anti-Trojan ServiceAnti-Phishing, Anti-Pharming & Anti-Trojan Service
Customer Awareness & EducationCustomer Awareness & Education
Incident Response, Fraud & Case ManagementIncident Response, Fraud & Case Management
BankBank CustomerCustomer
![Page 41: Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009](https://reader037.vdocument.in/reader037/viewer/2022110401/56649e175503460f94b02279/html5/thumbnails/41.jpg)
ConfidentialConfidential