Cyber Attacks on Banks

Exposing Weaknesses in Bank’s Cyber Security

Penetration tests are finding that banks are becoming guilty of web application vulnerabilities, and insufficient network security measures. As soon as the attackers access the internal network, they find that the network is secured no better than companies in other industries.

One weak element throughout banks, is the human factor. Attackers can bypass the best protected network perimeter using techniques, such as Phishing. The Phishing message can be sent to bank employees both at their work and personal email addresses. The Phishing method for bypassing the network perimeter has been used by almost every bank attacker.

Positive Technologies, generated a test which indicated – employees at 75% of banks reviewed had clicked on links in phishing messages, and those at 25% of banks entered their credentials in a fake authentication form. At 25% of banks, at least one employee ran a malicious attachment on their work computer. Penetration testers succeeded in obtaining access to financial applications in 58% of cases. At 25% of banks, they were able to compromise the workstations used for the management of automatic teller machines (ATM’s), which means the banks tested were vulnerable to techniques similar to ones used by Cobalt and other cyber-criminal gangs in actual attacks.

Moving money to criminal-controlled accounts through interbank transfers, a favorite method of the Lazarus and MoneyTaker groups, was possible at 17% of tested banks, while at the same proportion of banks, card processing systems were poorly defended, which would enable attackers to manipulate the balance of card accounts. Such attacks were recorded in early 2017 against banks in Eastern Europe.

An attacker collects the following information about the bank:

  • Information about network perimeter systems and software
  • Employees (including email addresses, telephones, positions, and names)
  • Partners and contractors, as well as their systems and employees
  • Business processes

Examples of preparatory actions:

  • Developing or adapting malicious software for the software and OS versions used in the bank
  • Preparing phishing emails
  • Setting up infrastructure (including domain registration, server rental, and purchase
  • of exploits)
  • Preparing the infrastructure for money laundering and cash withdrawal
  • Searching for money mules
  • Testing the infrastructure and malicious software

Conclusion

Penetration testing can indicate your organization’s weaknesses and how an attacker can wrongfully enter your system(s). Understanding how you can be hacked will help create a barrier to prevent breaches in the future. The key is to remember that if an attack is detected and stopped in time, intruders can be thwarted. Preventing losses is possible at any stage if appropriate protective measures are taken. Email attachments should be checked in an isolated environment (sandbox), instead of relying solely on endpoint antivirus solutions. It is critical to configure notifications from protection systems and react to notifications immediately. Therefore security events must be monitored by an internal or external security operations center (SOC) with use of security information and event management (SIEM) solutions, which significantly facilitate and improve processing of information security events. Cybercrime is continuing to evolve and advance quickly, making it crucial that instead of hiding incidents, banks pool their knowledge by sharing information on industry attacks, learning more about relevant indicators of compromise, and helping to spread awareness throughout the industry.

0
Read More
World Trade Day SecurityRI.com

SecurityRI.com x Bryant University – World Trade Day 2018

World Trade Day 2018 Will Address Technology in Global Trade at Bryant University

 

SecurityRI.com is proud to announce our technology team will be attending and speaking at the 33rd Annual World Trade Day: Technology in Global Trade on Wednesday, May 23, 2018. World Trade Day is presented by the John H. Chafee Center for International Business and is one of the region’s largest international business conferences, with more than 500 industry leaders and business executives expected to attend.

As Bryant University states – “Each year at World Trade Day, keynote speakers, workshops, and panel discussions provide high-level insights and thought-provoking discussions on future trends and economic drivers. With this year’s focus on Technology in Global Trade, experts will discuss innovations in manufacturing including robotics, drones, and other technological advancements. Attendees will learn about the use of big data and analytics to drive strategic decision making, as well as ethical considerations in data mining practices. Other featured topics include block chain technology, cybersecurity, and global logistics.”

World Trade Day 2018 SecurityRI.com

Our topic / focus will touch upon:

  • Security & Compliance Management
  • Complete IT / Risk Assessments
  • Cyber Security
  • Data Protection
  • and More

In closing, the goal of World Trade Day is to bring together experts and leaders to share knowledge, vision, and opportunities for growth and success within the global marketplace. That’s why SecurityRI.com has been invited to advise on the complex issues associated with both personal and sensitive business data, including its collection, use, storage, disclosure, transfer and destruction.

If you have any questions regarding the event, please contact us or comment below.

Thank you.

0
Read More
Locations

Corporate Headquarters
58 Waterman Avenue - North Providence RI 02911

MA Office
14 Holly Lane - Westport MA 02790

Toll Free: (888) 219-5296
Local: (401) 231-8130

Operating Live 24∙7∙365