Hackers have stolen around $1 billion since 2013 according to a new report by Kaspersky Labs, a Russian security company and major player in the information security industry. The methods? Malware downloaded by bank employees used to find vulnerabilities in routine procedures. Once these weaknesses were discovered by the cyber criminals, they began to use social engineering tactics (impersonating supervisory roles within the institution) to use created credentials to transfer money to their accounts. This is very similar to a corporate account takeover (CATO) scheme. The hackers also implemented an ATM cash-out method where they overrode the daily transaction limits of the machines and designed them to dispense money on a schedule.
According to Kaspersky, hackers maintained stealing under $10 million per institution hit to ensure lack of detection. Judging by the nature of these attacks, they were unlikely produced by a nation-state, hacktivist, or lone-criminal. Because these attacks are solely designed for financial gain, it’s fair to assume this was done by a criminal syndicate intending for a hefty payday. This is of significance because these attacks are usually intended to affect customers of the institutions, rather than the institutions themselves. Here, it seems the lone objective was to make money.
The Federal Financial Institutions Examination Council (FFIEC) members are doing their best to not only raise awareness regarding cybersecurity, but are also pushing the implementation of mitigating controls to minimize the impact of an attack. The National Institute of Standards and Technology (NIST) defines cybersecurity as “the process of protecting information by preventing, detecting, and responding to attacks.” The FFIEC and NIST both advise institutions to implement and test a strong incident response plan (IRP) that includes information sharing both with other corporations in the industry along with law enforcement.
Related articles
The NSA Cybersecurity Guide for Remote Workers
In this blog post, we cover a few key recommendations for remote workers from the NSA guide, ‘Best Practices for Securing Your Home Network.’
GraVoc Recognized on CRN’s 2023 MSP 500 List
CRN®, a brand of The Channel Company, has named GraVoc to its Managed Service Provider (MSP) 500 list in the Pioneer 250 category for 2023!
The Cybersecurity Implications of ChatGPT
Is ChatGPT a security risk? In this blog post, we explore the cybersecurity implications of ChatGPT, including the benefits and challenges.
