Online Security, a global provider of computer forensics and information technology risk mitigation since 1997   Original Source:    http://www.vnunet.com/News/1143138 UK banks slammed for poor IT security Author:  Robert Jaques Router vulnerabilities create a 'turkey shoot' for hackers, warns consultant UK banks have been blasted for a "complacent" attitude towards some aspects of IT security. According to NTA Monitor, the financial sector has the worst record for router security compared to other sectors, and its use of firewalls is less effective than in other sectors. The security consultant's Vertical Market Security Report 2003 found that 94 per cent of financial organisations tested had basic router flaws that could cause major disruption to online banking services. NTA Monitor also found that many firms' firewalls performed worse than in previous tests, with 31 per cent containing at least 10 flaws which left them open to a "considerable risk of malicious attack". Roy Hills, technical director at NTA Monitor, said: "Both these trends suggest either complacency or a lack of awareness, and I'm not sure which worries me most. "Although the financial sector performed among the best overall, on closer analysis we found that excellent performance in some areas masked worrying gaps in others. It proved to have the worst record for router vulnerabilities." The consultant picked out the recent Cisco IPv4 bug, which allowed routers to be disabled, to illustrate the dangers of letting the world easily locate and identify critical systems. A profile of system types can be held by an attacker to run exploits against newly released bugs. "Tighter security across all areas needs to be made a priority today," warned Hills. "The holes need to be plugged quickly or this could become a turkey shoot for hackers. "Many of the problems highlighted can be fixed in under 20 minutes with the right knowledge and the right mindset. So the cost of new software or infrastructure is not the major constraint."