IT Governance

It was reported in the FT today that, hackers have stolen more than €36m from 30 banks across Europe using a new two-stage Trojan virus that spreads from a victim’s PC to their mobile phone. More than 30,000 online banking customers in Germany, Italy, Spain and the Netherlands were affected by the attack, which security companies have called Eurograbber.

It is the second significant online banking breach this year. The first, Operation High Roller, involved an estimated $60m in fraudulent money transfers at 60 financial institutions, according to Guardian Analytics, an online banking security company.

What has happened to all the talk of IT governance and controls that are supposed to prevent such occurrences? Don’t they test their firewalls, penetration test their processes? Banks moving into mobile banking & mobile payments systems will have to be aware of the risks from such events and build controls that can prevent and also detect unusual patterns. Internal audit will play a big part of the defense that a bank should build.

Advertisements

About surenraj

“Views expressed are my own”
This entry was posted in Governance and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s