According to the ASIC, the hackers used the accounts to engage in trades that lost the clients money. About a dozen share-trading accounts have been hacked across several brokers and the ASIC is cooperating with international authorities to trace proceeds reaped by the other party in each transaction. The ASIC has also said that the attacks are not believed to be associated with the attacks that shut down online brokers E*TRADE and Directshares.
Representatives at E*TRADE and Directshares have recommended that their users who have online brokerage accounts keep their anti-virus and anti-malware software up to date on their PC devices. E*TRADE was targeted by hackers late in 2011 to access a small number of online broking accounts to make unauthorized trades. E*TRADE has stated that their systems were not the source of the security hacks, but rather the user's accounts were compromised. E*TRADE has recommended users to change their account passwords and also to check their computers to make sure there is no malicious software that logs their keystrokes. Users that have online brokerage accounts should also check their transaction history for unusual trades and to report any unauthorized trades to the authorities and their broker.
The user accounts that were hacked could have been protected from unauthorized persons accessing their account if stronger authentication measures were used to authenticate the users accessing the account. Layered security such as multi factor authentication identifies users using multiple factors. Two factor authentication is a form of multi factor authentication and could have been used to thwart the hacking attacks. If two factor authentication were implemented to authenticate the broker's online clients, the chance of the hackers accessing the data would minimal. A user's login, or something they know, and a user's mobile phone, or something they have, are two factors that can be used to authenticate them in two factor authentication.
The most secure way of authenticating a user using their mobile phone is to send a one-time password to the mobile phone using the phone's cellular network. This is an effective form of authentication because most users carry a mobile phone on them at all times and once they receive the one time password, they enter the password into the screen requesting it along with the login credentials to verify them. It's effective because the one time password is sent using an out of band authentication method, meaning the one time password is being sent from a channel separate from the login channel. In the case of the broker's client's accounts being hacked, if two factor authentication was being used, the hackers would only have the login credentials and the access would have been prevented because they wouldn't be able to receive the one time password sent through the cellular network of the mobile phone since they don't have access to it. This type of authentication is a standard in industries such as banking and healthcare where two-factor authentication is commonly used to strengthen security and limiting user access. The best way to prevent this type of hacking attack is to scan your computer for viruses, malware, and to incorporate two-factor authentication as an additional layer of security to protect against unauthorized access. With two factor authentication in place, your logins for your online trading accounts will be much safer.
David is a network security professional who believes out-of-band authentication is the most secure form of two factor authentication utilizing a one-time password. He writes to inform businesses about upcoming changes to government regulatory compliance and remote access security.
View the original article here
No comments:
Post a Comment