Recently, an article appeared on the Financial Times website entitled "Bank firewalls cracked by cyberhackers". The title of the article makes it seem like the bank was compromised when, in fact, they had not. The title is misleading, as the rest of the article shows how cyber-criminals use sophisticated malware to steal funds from people. A person may naturally wonder how safe his or her bank really is. The fact is, bank websites are very secure. Inter-bank transactions are also very secure. So secure that the easiest way to bypass security is to install malware on a person's computer.

Internet security is very difficult to crack. It relies on a proven principle of being too difficult to make it worth the effort. All secure communication on the internet can be cracked. But it can take years with a supercomputer to crack. Not days, not weeks, but years to crack. The easiest way to bypass the security is to know your username and password. If that information is known, no amount of security will stop the attack.

What cyber-criminals do is plant what is called a keylogger onto your computer. A keylogger is a program that monitors your keystrokes and records them. Many keyloggers also make note of which program was used for certain keystrokes. Legal keyloggers exists for business that want to monitor their employees and individuals that want to monitor who is doing what on their computer (for example, with children). The illegal keyloggers are used only to steal information. These keyloggers send information back to owners, often through a computer that has also has malware on it so that the cyber-criminal can cover his tracks. The really good ones disable all security software and keep your computer clean of all malware and viruses so that an individual does not suspect anything. Others, as the Financial Times article points out, manipulate your online bank statement so that it appears nothing is wrong. These keyloggers are smart enough to remove any entry which shows money being siphoned out, including making sure the closing balance is consistent.

But the key is that the bank was not comprimised, but the person using the bank's website was.

A computer's security does not have to be comprimised to have your information stolen. The other common attack is called phising, were a cyber-criminals tries to trick you into just give up your information. Quite often, spam email is used for phising attacks were you are told you must enter your information for any number of reasons, all of them seemingly severe. These are surprisingly effective.

Like most cyber attacks, these can be defeated with a little thinking. One of the most common ways to spread keyloggers is by spam emails and bogus web pages. If you receive an email from someone you known and it isn't in to style of writing that that person has, then it is spam. Never reply to spam, never open spam attachments, never read spam. Cyber-criminals also like to exploit social networking sites because people just love to click on pages. Many of these very idea were covered in a previous blog post, What Could Possibly Go Wrong When I Click Here?. I have a rule about the internet: If it is free, then chances are, it ain't free. Downloading free music, movies, and especially free porn can be a fast track to an infected computer. I always search the internet before downloading a free program, just to make sure it really is free. Really, so long as you remember the internet is not always a safe place, then you should be fine.

Another way to reduce the chances of getting a virus or malware is to get a Mac or get Windows 7. Macs more so. Of course, if Macs had the market penetration of Windows, then it would be just as bad for viruses as Windows. For that reason, you cannot assume that if you have a Mac you cannot get a virus; that is just not true. But the fact is because virus writers have a much smaller audience with Macs, they spend far less time on it, which is to your advantage. Windows 7 is also more secure simply because it builds upon past knowledge of security failings.