Blackmoon has two sets of victims, says Modi: the financial institutions and the users of their services. The financial institutions are in the best position to prevent damage to themselves and their customers from a targeted attack like Blackmoon.
“The best protection for themselves and their users is for financial institutions to use multi-factor authentication,” says Modi. Attackers count on websites requiring only a username and password, he adds. Making multi-factor authentication the primary line of defense adds layers to crack and will encourage most attackers to move on to easier targets.
Modi advises consumers of financial services, who might be individuals or businesses, to use providers that have multi-factor authentication in place. He also says that organizations should secure all devices that employees use to access services. “There is more opportunity at the enterprise level to provide better endpoint security,” he says. “Have the financial procedures in place to ensure that not one person or one computer are compromised in a way that can result in theft.”
Sign up for CIO Asia eNewsletters.