It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Analysis: Banks Seek Cybershelter With "Ethical Hackers"

page: 1
4

log in

join
share:

posted on Jun, 17 2011 @ 10:35 PM
link   

Analysis: Banks Seek Cybershelter With "Ethical Hackers"


www.reuters.com

Professional hacker Nicholas Percoco received an unusual request from a major financial institution this week: How can you help us avoid becoming the next Citigroup Inc?

Amid a wave of cyber attacks on Citi, the International Monetary Fund and other institutions, Percoco and his team at security firm Trustwave Holdings Inc are fielding more and more calls from banks wanting to stress-test their online defenses
(visit the link for the full news article)



Related AboveTopSecret.com Discussion Threads:
Hi Tech thieves push banks to brink of global disaster
White House Pushes Secure Online Identity System




posted on Jun, 17 2011 @ 10:35 PM
link   

banks got wake-up calls this month, when the attacks on the IMF and Citi, the third-largest U.S. bank, came to light.


Yet even with the hacks of late, at the end of the article we have the sum total of the facts....

Steven Kietz executive for Citigroup and JPMorgan Chase helped implement federal guidelines for Internet security standards in 2006 has this to say...


"five years later we've seen really no new efforts by any of the major banks to protect customers."


How far off is the Secure ID that the current Administration wants to implement?

And why, why have the banks that got the bail out funds sat on their hands, making no effort to
protect customers idenities?

Why over a period of 5 years have they made "no effort" to protect customers?
Lets take a wild guess, a stab in the dark....can we say C O N S P I R A C Y!



www.reuters.com
(visit the link for the full news article)
edit on 17-6-2011 by burntheships because: (no reason given)



posted on Jun, 17 2011 @ 10:43 PM
link   
Good find thanks for the update. At this point I can only shake my head and wait for the other shoe to drop.



posted on Jun, 17 2011 @ 10:51 PM
link   
Its an interesting development but I want to address your question at the end.

"How far away can the secure Id system be?"

As with most other laws and regulations passed, this will be circumvented and misused by people who are capable of figuring it out. Its as simple as that, and that's pretty much how every other law is treated.

Its evolution baby, put up a barrier, and something will get over it





edit on 6/17/2011 by VonDoomen because: (no reason given)

edit on 6/17/2011 by VonDoomen because: (no reason given)



posted on Jun, 17 2011 @ 10:53 PM
link   

Originally posted by VonDoomen

Its evolution baby, put up a barrier, and something will get over it




I agree, what do you make of it...the banks are first turning to "ethical hackers" ...
Which leaves the government next when the "ethical hackers" fail....



posted on Jun, 17 2011 @ 11:03 PM
link   

Originally posted by burntheships

Originally posted by VonDoomen

Its evolution baby, put up a barrier, and something will get over it




I agree, what do you make of it...the banks are first turning to "ethical hackers" ...
Which leaves the government next when the "ethical hackers" fail....


the only difference between a hacker and cracker is one gets paid for his services and the other doesn't. As for "ethical" i kinda like that, it already makes it sound legal to hack. i.e. , why did you break into the bank system, Answer: well as an ethical hacker i wanted to make sure that if i deposited my money within that bank that it would be safe from hackers

P.S. Obviously hacking is illegal so don't do anything stupid...okay..!
edit on 17-6-2011 by cerebralassassins because: (no reason given)



posted on Jun, 17 2011 @ 11:06 PM
link   
reply to post by burntheships
 


well the problem is, whitehats have to be right 100% of the time while a hacker only needs to find 1 small vulnerability to be successful, its a rigged game at the start with unfair odds.

However, there are a lot of intelligent people out there working as whitehats.

Most of the attacks we have seen so far, while they may seem incredible, aren't necessarily all that complicated.

citibank for example is just guilty of not caring enough about their customers data. from what I understand, the exploit involved was very simple.

Another example is the CIA website. While at first it sounds incredible that the CIA was hacked, lets be real, it was their public relations website for all intents and purposes. Its not like they hacked into some super secret CIA mainframe


on top of that, one of the hacks also involved social engineering, which is tricking a person to give you login credentials, and cant really be considered hacking your way in from the outside. Although they did find one gullible person.

So lets be real. These weren't necessarily feats of legend and myth. Apparently, there are websites and software you can use to test your systems and databases for vulnerabilities. makes sense. These guys just lucked out and found some big name brand websites with lax security.

if you want to see a real hacker, check this guy out, even though he got caught


Gary Mckinnon



McKinnon is accused of hacking into 97 United States military and NASA computers over a 13-month period between February 2001 and March 2002, using the name 'Solo'. The computer networks he is accused of hacking include networks owned by NASA, the US Army, US Navy, Department of Defense, and the US Air Force



posted on Jun, 17 2011 @ 11:10 PM
link   

Originally posted by cerebralassassins

Originally posted by burntheships

Originally posted by VonDoomen

Its evolution baby, put up a barrier, and something will get over it




I agree, what do you make of it...the banks are first turning to "ethical hackers" ...
Which leaves the government next when the "ethical hackers" fail....


the only difference between a hacker and cracker is one gets paid for his services and the other doesn't. As for "ethical" i kinda like that, it already makes it sound legal to hack. i.e. , why did you break into the bank system, Answer: well as an ethical hacker i wanted to make sure that if i deposited my money within that bank that it would be safe from hackers

P.S. Obviously hacking is illegal so don't do anything stupid...okay..!


I just posted this in my other thread your version being different.....


If there was ever any attempt to soft-pedal the word hacker versus cracker (with hacker meaning a guy who likes to fool around with his computer to discover new things and the cracker meaning the evil, black-hat criminal), well that definition is done. The hacker today is now the cracker for all practical purposes of discussion. www.pcmag.com...



posted on Jun, 17 2011 @ 11:14 PM
link   

Originally posted by burntheships

Originally posted by cerebralassassins

Originally posted by burntheships

Originally posted by VonDoomen

Its evolution baby, put up a barrier, and something will get over it




I agree, what do you make of it...the banks are first turning to "ethical hackers" ...
Which leaves the government next when the "ethical hackers" fail....


the only difference between a hacker and cracker is one gets paid for his services and the other doesn't. As for "ethical" i kinda like that, it already makes it sound legal to hack. i.e. , why did you break into the bank system, Answer: well as an ethical hacker i wanted to make sure that if i deposited my money within that bank that it would be safe from hackers

P.S. Obviously hacking is illegal so don't do anything stupid...okay..!


I just posted this in my other thread your version being different.....


If there was ever any attempt to soft-pedal the word hacker versus cracker (with hacker meaning a guy who likes to fool around with his computer to discover new things and the cracker meaning the evil, black-hat criminal), well that definition is done. The hacker today is now the cracker for all practical purposes of discussion. www.pcmag.com...



now that is funny, on the other hand its kinda confusing as if someone asks me what am i, i can more or less say an "ethical white and black harry potter geek"



posted on Jun, 17 2011 @ 11:20 PM
link   
reply to post by burntheships
 


Hey Burntheships

want to see how easy the citibank "hack" was? you can do it in 10 seconds and its perfectly legal


at the top of your browser, you will see the link for this very thread. It should match this-



Now within this link you should see "thread717950"

So within the ATS database of threads yours is #717950

We can pretend this is your credit card number, and you are looking at your credit card account online.

now change your link to match the one in this image below



You will notice that the only difference is the thread tag. mine says "thread716318".

This is a link to a story I posted a few days ago.
And for this hypothetical situation we could pretend this is my credit card number.
meaning just by doing this simple little trick, you could have gained access to my account.

Congratulations, you are now a hacker.




posted on Jun, 17 2011 @ 11:59 PM
link   
many experts think the only fail safe I.D. is DNA !

from 2001
www.technologyreview.com...

from 1992
www.accessexcellence.org...

en.wikipedia.org...

www.scientificamerican.com...


perhaps the objections will come from people who would be afraid of finding out just how much Neanderthal they have !!!!


we might be surprised !



posted on Jun, 18 2011 @ 11:21 PM
link   
reply to post by VonDoomen
 


Very good less there Von, thanks for that.

Yeah, I read as much Citi had absolutly no protection for its customers.
Which is pathetic sad, lol.




top topics



 
4

log in

join