Hackers have stolen around $1 billion since 2013 according to a new report by Kaspersky Labs, a Russian security company and major player in the information security industry. The methods? Malware downloaded by bank employees used to find vulnerabilities in routine procedures. Once these weaknesses were discovered by the cyber criminals, they began to use social engineering tactics (impersonating supervisory roles within the institution) to use created credentials to transfer money to their accounts. This is very similar to a corporate account takeover (CATO) scheme. The hackers also implemented an ATM cash-out method where they overrode the daily transaction limits of the machines and designed them to dispense money on a schedule.
According to Kaspersky, hackers maintained stealing under $10 million per institution hit to ensure lack of detection. Judging by the nature of these attacks, they were unlikely produced by a nation-state, hacktivist, or lone-criminal. Because these attacks are solely designed for financial gain, it’s fair to assume this was done by a criminal syndicate intending for a hefty payday. This is of significance because these attacks are usually intended to affect customers of the institutions, rather than the institutions themselves. Here, it seems the lone objective was to make money.
The Federal Financial Institutions Examination Council (FFIEC) members are doing their best to not only raise awareness regarding cybersecurity, but are also pushing the implementation of mitigating controls to minimize the impact of an attack. The National Institute of Standards and Technology (NIST) defines cybersecurity as “the process of protecting information by preventing, detecting, and responding to attacks.” The FFIEC and NIST both advise institutions to implement and test a strong incident response plan (IRP) that includes information sharing both with other corporations in the industry along with law enforcement.
Related articles
Tackle the Cybersecurity Talent Shortage by Hiring a vCISO
In this blog post, we discuss how outsourcing cybersecurity operations to a vCISO can help businesses, including SMBs, tackle the cybersecurity talent shortage.
Need-to-Know Privilege Explained
In this blog post and video, we explore need-to-know privilege in cybersecurity and why it’s important for organizations to assign user permissions on a need-to-know basis.
Email Security: Solutions to Protect Your Inbox from Cybersecurity Threats
In this blog post, we discuss the importance of email security for businesses and explore the VIPRE and Sendmarc email protection technology solutions.