Skip to main content
Risky Business

It’s a thorny question and one that hasn’t yet been properly explored in Britain. Where does the ultimate responsibility lie in cases of online banking fraud?

An American businessman is reportedly suing Bank of America for the return of $90,000 he claims was stolen from his online banking account when he fell victim to a computer virus. For the technically-minded, this was Backdoor.Coreflood a Backdoor Trojan that is primarily designed to conduct Denial of Service (DoS) attacks. It connects to an IRC server and transfers control of the infected computer to an attacker, who was, in this case, apparently in Latvia. Apparently, $20,000 of the money was quickly withdrawn by the fraudulent recipient and the remainder was frozen by a local bank that was on the ball.

Mr Joseph Lopez, the unhappy customer – and who wouldn’t be – claims that his bank is responsible for the theft because it failed to properly protect him from known online banking risks and should have spotted such a large transfer winging its way towards a Bank in one of the newest EU members, without considering it might be dodgy. It is estimated that as much as one-third to half of all cybercrime now originate with organised crime gangs in Russia, Eastern Europe and the Baltic nations.

Mr Lopez claims that Bank of America was negligent in what will become a landmark case exploring the growing problem of online banking risk. It raises the question of whether financial institutions, can reasonably expect customers to protect themselves from the increasingly sophisticated threat of cybercrime

Central to his legal argument is that banks know only too well that online banking is risky and should be more proactive in defending their customers from online threats. Bank of America insists that it has in place "stringent" electronic security measures and continually monitors online banking for irregular activity.

From another perspective, the case appears to follow the well-trodden American “Poodle in the Microwave” argument. Mr Lopez, like millions of other people, may not have had an up-to-date antivirus program running on his Personal Computer, which, as a result, left him wide-open to hundreds if not thousands of potential threats from the Internet. By arguing that the fault lies with the bank and not him, he potentially challenges the concept of online banking in its present form as unworkable. After all, this is, in principle, a trusted conversation between two remote parties but one, is now insisting that security is not a shared responsibility where two connected systems are involved.

If the US courts were to rule in favour of Mr Lopez, then online banking may become untenable in the present atmosphere of Internet crime as banks would be forced to shoulder an unacceptable level of responsibility and risk in the provision of online services. The case also begs a second question. Let’s say for the sake of example, you’re buried behind a firewall, with the latest Norton Anti Virus 2005 and Spyware Blaster, all running and slowing your machine down to a crawl in the interests of personal security. What happens, if a new threat creeps through the firewall undetected, collects your keystrokes and rifles your bank account overnight. Who’s to blame for the hole? You, the bank or the antivirus vendor? The criminals are rarely caught leaving the rest of us to worry about the risks and whether in fact we should return to queuing a local branch of one’s bank, that’s if they existed anymore.


Popular posts from this blog

Median Saleh

I mentioned in the last post, the 1981 expedition that took in Median Saleh, the ruined Nabatean city in Saudi Arabia

A temple carved from the rock from Petra's sister city.

By coincidence, one of the most important train stations on the Hejaz railway sat next to the ruins and when Lawrence of Arabia blew the line in 1917, the trains were trapped there and are still there today, gathering dust and with "Krupp" on the engine casings.

One of the trains, sitting where T.E. Lawrence left themwith Dr Paul Garnett as the passenger

Below, you can see one of the fortified train stations that Lawrence attacked along the Hejaz railway between Damascus and Medina.

More photos Medain Saleh can be found on THIS Site - Apparently you can catch a tourist bus these days, rather different from risking life and limb to cross an unfriendly Saudi Arabia twenty years ago!
A Christmas Tale

It’s pitch blackness in places along the sea wall this evening and I'm momentarily startled by a small dog with orange flashing yuletide antlers along the way. I’m the only person crazy enough to be running and I know the route well enough to negotiate it in the dark, part of my Christmas exercise regime and a good way of relieving stress.

Why stress you might ask. After all, it is Christmas Day.

True but I’ve just spent over two hours assembling the giant Playmobil ‘Pony Farm’ set when most other fathers should be asleep in front of the television.

I was warned that the Playmobil ‘Pirate Ship’ had driven some fathers to drink or suicide and now I understand why. If your eyesight isn’t perfect or if you’ve had a few drinks with your Christmas lunch then it’s a challenge best left until Boxing day but not an option if you happen to have a nine year old daughter who wants it ready to take horses by tea time.

Perhaps I should stick to technology but then, the instruc…

A Matter of Drones - Simon Moores for The Guardian

I have a drone on my airfield” – a statement that welcomes passengers to the latest dimension in air-travel disruption. Words of despair from the chief operating officer of Gatwick airport in the busiest travel week of the year. Elsewhere, many thousands of stranded and inconvenienced passengers turned in frustration to social media in an expression of crowd-sourced outrage.

How could this happen? Why is it still happening over 12 hours after Gatwick’s runways were closed to aircraft, why is an intruder drone – or even two of them – suspended in the bright blue sky above the airport, apparently visible to security staff and police who remain quite unable to locate its source of radio control?

Meanwhile, the UK Civil Aviation Authority, overtaken by both the technology and events, is reduced to sending out desperate tweets warning that an airport incursion is a criminal offence and that drone users should follow their new code of conduct. Yet this is not an unforeseen event. It was i…