April 2017 Digital Edition

Click Here

March 2017 Digital Edition

Click Here

Feb. 2017 Digital Edition

Click Here

January 2017 Digital Edition

Click Here

Nov/Dec 2016 Digital Edition

Click Here

Oct 2016 Digital Edition

Click Here

Technology Sectors

Market Sectors

Recent $1 billion international cyber bank robbery could have been prevented with simple security steps, expert says

A multinational gang of cyber criminals has stolen up to $1 billion from about 100 international banks over the past two years, according to an announcement earlier this week from the Russian cybersecurity firm Kaspersky Lab.

Responsibility for the robbery rests with a multinational gang of cybercriminals from Russia, Ukraine and other parts of Europe, as well as from China, according to Kaspersky, which worked on the case with INTERPOL, Europol and authorities from different countries.

Though the criminals’ take may be huge, many banks -- along with other organizations -- can take basic steps to reduce the theft of money and information, according to SentinelOne Chief Security Officer Ehud Shamir, who recently spoke with Government Security News. Organizations can take steps including educating employees about the dangers of spear phishing emails that can download malware.

The criminal group, which Kaspersky calls Carbanak, targeted financial organizations in Russia, the U.S., Germany, China, Ukraine, Canada, Hong Kong, Taiwan, Romania, France, Spain, Norway, India, the UK, Poland, Pakistan, Nepal, Morocco, Iceland, Ireland, Czech Republic, Switzerland, Brazil, Bulgaria, and Australia.

It is estimated that the largest sums were grabbed by hacking into banks and stealing up to ten million dollars in each raid. On average, each bank robbery took between two and four months, from infecting the first computer at the bank’s corporate network to stealing the money.

The criminals began by gaining entry into an employee’s computer through spear phishing. They were then able to jump into the internal network and track down administrators’ computers for video surveillance. In this way the criminals got to know details of the bank clerks’ work and were able to mimic staff activity to transfer money out.

The attacks are an example of “classic reconnaissance,” said Shamir, who did an independent analysis and reverse engineering of the malware. Traditional antivirus engines, which mainly look at past, as opposed to new threats, couldn’t detect it. “At this point it’s almost a game over.” The type of malware used has been used since at least 2012, Shamir said. “You take one variant or sample and just by manipulating code can bypass a lot of antivirus agents.”

Organizations should educate employees to be cautious about the source of emails. In addition, it’s important to disallow Internet access from sensitive internal/business networks.

There should also be a strong demarcation between employees who do and do not have computer administrative access. When employees access the Internet with a computer that has administrative privileges, it can be a lot easier for malware to infect a network. Malware attacks can be detected with forensic tools, but such tools are typically only used when there is a suspected breach.

The money was stolen in a few ways, Kaspersky said, including criminals using online banking or international e-payment systems to transfer money from the banks’ accounts to their own. In other cases cybercriminals penetrated into accounting systems, inflating account balances before pocketing the extra funds via fraudulent transactions.

When it comes to cyber security, “there is a war going on, just a different kind of war,” said Shamir.

 

Recent Videos

HID Global is opening the door to a new era of security and convenience.  Powered by Seos technology, the HID Mobile Access solution delivers a more secure and convenient way to open doors and gates, access networks and services, and make cashless payments using phones and other mobile devices. ...
Mobile device forensics can make a difference in many investigations, but you need training that teaches you how to get the most out of your mobile forensics hardware and software, and certifies you to testify in court. Read this white paper to learn how to evaluate mobile forensics training...
PureTech Systems is a software company that develops and markets PureActiv, its geospatial analytics solution designed to protect critical perimeters and infrastructure.  Its patented video analytics leverage thermal cameras, radars and other perimeter sensors to detect, geo-locate, classify, and...
PureTech Systems is a technology leader in the use of geospatial video, focusing on perimeter security.  When combining geospatial capabilities with video analytics and PTZ camera control, managers of critical facilities can benefit by allowing the video management system to aid them in the process...