Byron Acohido reports in his blog The Last Watch Dog that the American Bankers Association is warning small businesses to only use a dedicated PC for their online banking activities. See: American Bankers Association’s warning to small firms comes as a surprise.
Why the warning? Small businesses are not protected in the event a security breach results in the loss of funds. Consumers in most cases are protected. The article quotes Gartner security analyst Avivah Litan:
"The reality is small organizations have “no clue that they’re not protected, and that’s the problem,” says Litan. The threat is so great that Litan as been counseling her acquaintances who operate small businesses to go a step further than dedicating a PC to online banking. Litan advocates small business owners to drop commercial online accounts and move to an individual consumer account.
The services that come with a consumer account will be limited; you won’t be able to do administer payroll online, for instance. But if you do get victimized by a cyber-robber, the banks are compelled by consumer protection laws to make you whole. Not so with a commercial account.
“The bottom line is even if it’s a one in 1,000 or even one in 20,000 chance of your accounts getting ripped off, the chances of you getting the money back using a commercial account is about 50% , because the banks simply do not have to reimburse you,” says Litan."
It is a sad state of affairs that online banking is so risky that small businesses are advised against it by both the American Bankers Association and by Gartner.
The risks extend beyond business owners. Most Americans are employed by small business. Imagine losing your job because a business was victimized by online banking fraud. And Brian Krebs reports that school districts are being specifically targeted and they are offered no banking protections either. See: FBI Investigating Theft of $500,000 from NY School District:
The FBI is investigating the theft of nearly a half million dollars from tiny Duanesburg Central School District in upstate New York, after cyber thieves tried to loot roughly $3.8 million from district online bank accounts last month.
On Friday, Dec. 18, thieves tried to electronically transfer $1.86 million from the district’s account at NBT Bank to an overseas account. The following Monday, the attackers attempted to move another $1.19 million to multiple overseas location. It wasn’t until the next day, when transfers totaling $758,758.70 were flagged by a bank representative as suspicious, that the two previous unauthorized transactions were discovered, school officials said.
We must either improve the security of our Internet infrastructure or implement laws protecting small business so financial services firms are compelled to improve their security.
One would think that lawmakers would at least protect school districts and other taxpayer funded institutions.
Comments