One of Australia’s richest men has just gone public to warn everyone that cyber hackers really are winning. Andrew Forrest had $615,000 stolen directly from his bank account via an injection of software into his PC. You can be sure that this billionaire’s IT department had all the known cyber precautions in place. And it takes a brave person to admit this because it risks losing business confidence and reputation.
The story was covered today by most of the Australian newspapers. If you look a bit closer another hacking story is in the mainstream media now every single week. For every headline there are thousands of businesses and people who have been hacked and don’t want it to be known.
- The West Australian Newspaper: Andrew Forrest warns of online theft risk
- The West Australian Newpspaer: Forrest burglary charges
- The Australian Newspaper: Fortescue’s Andrew Forrest victim of $615,000 cyber-scammer
The “virus” came in via a spreadsheet but that’s a clumsy description. It was certainly an injection of software that couldn’t be picked up by anti-virus software because it was newly crafted. It’s not really a virus. It’s actually far more dangerous. It has been tailored to find banking details and feed information back to the hacker via the Internet. These injections can potentially allow the hacker to install other packages and then take complete control. Or change data files such as bank account deposit numbers. Most often it provides the hacker with your login credentials to the bank. And we see this all the time these days.
I’ve been asked by a number of people whether BankVault would have helped prevented this? Most of the technical detail is not reported by the paper so I can only make some general statements.
If BankVault is used to open a spreadsheet then any macro’s or software injections could probably not run, and even if they could they would have absolutely nowhere to go because they’re not running on the local machine.
If the banking was done only by BankVault then it would be invisible and out of reach from the hackers.
If the spreadsheet was opened on the local PC and then executed to give the hacker access to change data on the local PC, then in this situation BankVault hasn’t been used and so of course the hacker is already there.
BankVaultOnline.com is a brilliant solution that simply sidesteps hackers and malware. It can only be effective when it is used. With everything I’ve learned about hackers techniques in the last few years I would never do online financial transactions again outside of BankVault. It would be very naive and foolish to trust your PC, Mac, mobile phone, anti-virus software or even your browser. You might trust the suppliers of your software but you’ve no idea what else gets added by your own hand. There is no organisation who can ever guarantee your machine is secure given the myriad of applications, versions, browsers, plug-ins and live-internet-connections running.
BankVault does provide a secure environment. It doesn’t replace your PC except when you actually do your online transaction. It builds a pristine new machine on the Internet that sidesteps whatever hackers have done to your machine.
This post was first published by Graeme Speak, CEO of BankVault, on LinkedIn.