On February 6th, Julia Henderson, of SearchSecurityChannel.com fame, told us of a study that revealed some of the weaknesses of site-authentication images. This study was the most damning to banks, such as Bank of America, who have instituted the security method for their online banking sites.
However, an article in today’s Guardian offers a report that paying attention to the secure nature of the log-in page for your bank may be the least of your worries. According to the article, the Royal Bank of Scotland has been struggling with “systematic attempts” by “organized hacking gangs” to compromise the organization’s security via executives working from home.
The hackers, evidently, work under the assumption that systems used outside of the office are less secure than those under the umbrella if corporate IT. Through emails designed to appeal to the specific user targeted and keylogging software, the attackers are able to get into the company’s system through the VPN.
As telecommuting becomes more and more popular, VPN security, including its weaknesses, will become increasingly important to the integrity of corporate networks.