Lebanese banks have upgraded their software security systems to block any virus designed to spy on transactions and operations, the Central Bank and IT experts said Thursday.
“When the news of the [Gauss] virus broke in the media, the Central Bank called on commercial banks to take the necessary measure [to protect the computer systems],” Ali Nahleh, the head of the IT department at the Central Bank, told The Daily Star.
He said the countermeasures were swiftly implemented. “The new virus is definitely not stupid but nevertheless Lebanese banks have the means to counter such a virus,” he added.
The Gauss virus was first discovered by Kaspersky Lab, a leading computer security firm. The cyber surveillance virus was apparently designed to target Lebanese and Arab bank accounts, as well as email and social networking activity.
Gauss may also be capable of attacking critical infrastructure, and was built in the same laboratories as Stuxnet, the computer worm widely believed to have been used by the United States and Israel to attack software for Iran’s nuclear program, Kaspersky Lab said.
Nahleh said the Lebanese media’s reports on the “Gauss” virus had helped in raising awareness and prompted local banks to upgrade their systems to confront any threat.
“The anti-virus program blocks all known viruses and this has been going on for a long time. But the Gauss virus did not have time to inflict harm on the systems,” Nahleh said.
Nahleh declined to explicitly say which country might be behind the development of such viruses.
But one banker, who spoke on condition of anonymity, said these viruses are developed at the request of “powerful international players.”
Lebanese banks have come under tough scrutiny from the U.S. Federal Reserve over suspicions of possible money-laundering or financial dealings with Iran, Syria or Hezbollah.
The banks have assured Washington that they have strengthened financial supervision to ensure that no suspicious transactions take place. They also insist that they are fully abiding by U.N. Security Council resolutions that prohibit any financial dealings with Iran, Syria and Hezbollah.
But experts say that U.S. and Israeli firms have clandestinely developed several viruses capable of spying on the accounts and transactions of Lebanese and Arab banks.
Analysis of the Gauss virus shows it was designed to steal data from several Lebanese banks, including the Bank of Beirut, EBLF, BLOM Bank, Byblos Bank, Fransabank and Credit Libanais, as well as users of Citibank and PayPal.
The virus is apparently aimed at uncovering any suspicious financial transactions, perhaps to try to determine whether Hezbollah is using these banks to launder money.
Jonny Torbey, the head of the IT department at Credit Libanais, said Lebanese banks have developed a security system to prevent any outside party from penetrating their computers regardless of how strong the virus.
“The measures adopted by the Central Bank and all commercial banks are capable of limiting and even preventing any attempt to penetrate the software systems of the banks. There is no way for anyone to enter the systems of computers that have the accounts of clients because these computers do not have any Internet but operate on a system specially developed for the banks,” Torbey said.
He added that all the computers in the banks have firewall and anti-virus programs to block all types of threats.
“The banks executives who check the accounts in their computers have a software program that prohibits the usage of regular Internet websites and programs. These executives are the only ones entitled to check special emails about bank accounts,” Torbey said.
Other bankers confidently say that they are not concerned about any virus because they insist that they have nothing to hide. “Let them [Americans] browse our accounts. They won’t find anything suspicious because all our clients are well-known,” one banker told The Daily Star.
Daily Star