A secure democratic Net is a fundamental right

The last two days the media have been in a real frenzy about a real hacking story. Computercriminals were targeting Belgian banks (nothing new, we published the list with Belgian banks that were targeted by the new perfected stealth banker malware already weeks ago). That news have been in all the media and nearly every hour for two days on the radio. So nothing new, these are the facts (and be sure not to have something in your mouth because you are going to laugh.... )

* the story is about 10 (TEN) people who have lost a FEW THOUSANDS (I repeat together they have lost a FEW THOUSAND) euro's

this is amusing because no media had published anything about the cdroms with 21,5 million bank acountdata in Germany....

* the story is about the fact that those 10 people had their computer infected and had on their screen a warning screen that they had to re-introduce their banking details (which they did). The pop-up screen was manifactured by the malware (smart move when you think about it - nobody expects this, because you are on the real site of the online banking site.... this is kind of man in the middle phishing attack)

and the last thing to say about it is that this shows that quantitative risk analysis ain't worth the paper it is written on if no qualitative risk analysis was done at the same time. Because with quantitative risk analysis those 10 users that lose a few thousand euro's while tens of thousands of users are transferring so many more millions of Euro's in online transactions every day won't be considered worthy of any additional investment (not even in cents). The qualitative risk analysis will say that those 10 users in the media will tarnish your whole online business if their story is being published in the media. And so that additional investments are necessary even if the quantitative risk is less than 0.0001%

and yes, if you do online banking, you should have controlled your computer before with your antivirus and other security software...