There's a new threat to financial institutions that goes by the name of 'commjacking,' which will hopefully catch the attention of credit unions before a new style of data breach hits them.
Commjacking is a “back door” for cybercriminals, public Wi-Fi hotspots and cellular networks that are not as secure as they need to be. CoroNet, a cybersecurity software company, coined the term to describe what it believes to be the fastest-growing security threat worldwide: the ability to hijack the communication channel between any device and the Wi-Fi and cellular networks to which the device is connected.
Commjackers are a class of signal thief that has been largely secreted away inside governments and other sophisticated, extremely well-funded, spy organizations, according to Dror Liwer, chief security officer, Israeli security firm CoroNet. Now, however, equipment for hijacking cellular, wireless and other over-the-air signals has gone from millions in cost and huge in size to a mere pittance, and organized crime syndicates, data thieves and other bad guys can get hold of this tech for as little as $50 for Wi-Fi and $1,500 for cellular.
Liwer said that if left unaddressed, commjacking could wreak havoc on an increasingly connected society in which financial institutions and individuals—and their data—are at risk. The company hopes its solution will help by offering the ability to detect and evade commjacking in realtime, thereby helping customers avoid eavesdropping, data interception, and device manipulation when their devices are connected to Wi-Fi and cellular networks.
This new software detects and evades commjacking on any wireless network, in real time, making any device resilient to the attack. It does that by sensing the attempted compromise and sending the at-risk signal to a safe node before it can be taken hostage.
“Until now, cyber criminals, industrial spies and crime syndicates could readily commjack the crown jewels of an enterprise. CoroNet is the first and only software solution available for the enterprise that stops commjacking in its tracks,” said Liwer. “Through the use of CoroNet's breakthrough technology, carriers and MSSPs can protect enterprise customers by successfully and immediately plugging this backdoor that cyber criminals are rushing to exploit.”
Three unnamed banks are considering CoroNet's solution, according to Liwer — two in the U.S. and one in Europe.
The first bank hopes to protect executives and employees from commjacking.
“You want to make sure your employees don't become a wireless backdoor organization, and you want to make sure their devices — laptops, tablets and smartphones — are protected,” Liwer said.
The second bank plans to use the software for perimeter detection. This bank has several small branches in developing countries in which small employee teams use wireless devices.
The third bank wants to protect its high-net-worth customers, Liwer said. It would monitor customers' online banking activity and make sure they're communicating over a secure channel.
“We're not here to replace any existing security mechanisms,” Liwer said. “We're here to plug a hole that no one else is plugging right now, so we would strongly recommend that people continue to use anti-phishing, antivirus, anti-malware and encryption tools.”
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
