Information Security Blog

HomeInformation Security BlogBanking with Live CDs (Protection from Zeus)

Banking with Live CDs (Protection from Zeus)

With all the information out there on the Zeus bot and malware like it, we made a decision at home not to use Windows to access any of our online banking sites. Now to be honest, we probably had a head start in that arena as we only run Windows on our Work laptops. The home laptops and desktop all run Linux of one flavor or another. One evening not too long ago we were at my parents’ house and the discussion of these bots and their method of operation came up. I’ll skip the part of the conversation where we discussed how they “protect” themselves now with changing their complex passwords often, etc. The conversation wound up with the question of what to do. Do you discontinue the use of online banking and roll back the convenience clock or do you find a safer way to do these things?

I showed my parents the Ubuntu Live USB key I have in my bag and grabbed my father’s laptop. A live CD (or USB key in this case) allows you to run another operating system without altering the Windows operating system. If you like it, there are menu options that will auto-install Ubuntu on either the whole hard drive or in the free space. That, however, is for another blog article. A few seconds after turning on the laptop with my Live USB key in, we were looking at the Gnome desktop.

My mother was the first to recognize the Firefox icon on the top menu bar and within seconds she was surfing the web with Ubuntu. They decided that this was an easy way to stay safer while using their bank’s web portal. You can download your own live CD from http://www.ubuntulinux.org/getubuntu/download .

One last note before I go. While you are less likely to get “infected” while using Linux, it is not impossible. It’s all a numbers game, once Linux gains more popularity; the bad guys will start writing malware for Linux… Until then, happy computing.

Find further help at our blog posting on Creating an Ubuntu USB Live Drive



Related Articles That Might Interest You

Free Whitepaper: Five Best Practices for SIEM

siem-whitepaper

The promise of SIEM is the consolidation of all relevant Security Event Logs from disparate sources into a single unified and normalized data store.

Free Download: ISO 27001 Implementation Roadmap

ISO 27001 RoadmapHave no fear – our “roadmap” will guide you, step by step, through the entire ISO 27001 process.

Getting to ISO 27001 certification is a process made up of things you already know – and things you may already be doing!

Free Whitepaper: Stop Wasting Money on Penetration Testing

penetration-testing-whitepaper

Penetration Testing is most frequently performed to:

  • Substantiate the net effectiveness of a mature control environment
  • Prove to a third party that an environment is secure/trustworthy
  • Quickly assess the security of a less mature control environment (in a sense a technical risk assessment)
  • To validate that significant changes did not have unanticipated results

Is ISO 27001 Right for (Y)our Organization?

iso-27001-webinar

Thinking about ISO 27001 Certification? View our free On-Demand ISO 27001 Webinar

  • How to deal with increasing threats
  • How to manage multiple regulatory requirements
  • How to handle client requests for attestation
  • To validate that significant changes did not have unanticipated results

Free Download: A Best Practices Guide to Database Security

database security roadmap

Because data is only as secure as the systems & processes it relies on – a holistic approach to data security is essential. This roadmap is not meant to be exhaustive but rather to stimulate the necessary thought process to put you on the path to good data security.

Best Practices for Firing A Network Security Administrator

Firing A Network Security AdministratorWant to know how to fire a Network Admin? Need to know what precautions to take? Firing any employee can be a stressful event. Firing one who has significant knowledge of and privileged access to your Information Technology/Security infrastructure is even more stressful, as the risks are so notable.

Download: Information Security Attestation Guide

Information Security GuideA Best-Practices Guide to Information Security Attestation

Download our proven Information Security Guide to simplify the process of protecting your data, proving you’re secure and growing your business.

Categories: Techno

Tags: ,

About the Author:

MIke Gargiullo - Senior Security Consultant

Discussion

  1. Evgenij  May 7, 2012

    It’s an obvious idea and we’ve been using such a method to protect our clients against banking bots for ages… Also you can use virtualization software (for example, VirtualBox) with virtual machine reverting after an online banking session.

    (reply)
Subscribe to Comments

Add a Comment