Hackers have broken into the capital city of the State of Nevada's general fund bank account and stolen $450,000. Investigators believe the hackers obtained the Carson City account log-in details after successfully uploading spyware to a city-owned computer.
City treasurer Karen Avilla said she and her staff acted quickly after discovering the theft and, as a result, the bank was able to freeze 90 per cent of the funds, although officials are still looking for the remaining $45,000.
While she was investigating the first transfer, Avilla said she discovered a second unauthorised transfer worth $358,500, but that transfer was blocked at source.
Commenting on the incident, Geoff Sweeney, CTO with behavioural analysis software specialist Tier-3, said that the case is a clear illustration that conventional anti-virus and signature detection IT security software - as was used on the computer - is no longer enough. This conventional type of software is reactive only - which means that it can’t detect malicious spyware nor the resulting theft. The loss must be detected by other means.
"Although officials claim that any losses are covered by the city's insurers, I fully expect the city's insurance premium to rise at the next renewal date," he said.
"The fact that no-one is currently out of pocket, however, is not the point. Had the city installed early warning or proactive behavioural analysis software which detects the presence of spyware on its computers, I'm confident the offending spyware would have been locked down before it began to execute. Behavioural analysis software provides real time protection against this sort of loss" he added.