As I'm reading through the Belgian news, there's a report about hackers compromising about a dozen Belgian bank accounts. The bank involved is not named, but it would be one of the bigger banks in Belgium, either Fortis, Dexia or KBC. Belgian law enforcement has started an investigation, no doubt this will die a silent death. What's even more worrysome is that all banks I know, in Belgium, use two-factor authentication. Not unbreakable, but still pretty rigidly implemented.
However, what struck me most is the comment by Febelfin, an organisation grouping Belgian financial institutions. Here's what they said :
"You are safe if you are running a regularly updated antivirus application."
Allow me to disagree, and I don't even want to bring this down to a "AV is dead" post, cuz we all
know we had too much of that lately ;-) However, what amazes me the most is that a professional organisation that (especially in these times, cuz they f'd up mucho lately) dares to come with as lame an advice as this. If you truly care about your customers and their money, I'd expect a little more than this. If you truly care about your customers, come out and tell us how this happened and what your customers can really do to protect themselves (which, in the current situation is close to nothing). If you truly care about your customers, take up your responsibility and disclose.
I'm not accepting "protecting the investigation" or "protecting the customers", you and I know the culprits are long gone and/or hiding behind networks and servers hosted in far away lands.
I don't expect to be answered though ... but at least I got to rant ;-)
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment