What is shocking is the breadth of the attacks, which spanned two years and over 30 banks. The hacks which stole a billion dollars from 100 establishments were a product of spear phishing, as discovered by Kapersky.
According to ZDNet, Researchers from the security firm (Kapersky), working together with the International Criminal Police Organization (Interpol), Europol and law enforcement agencies including the NHTCU were able to expose the two-year criminal operation.
How did they make it happen? The Independent reports,
Emails were sent by the gang to select employees to trick them into opening malicious software files in a technique known as spear phishing. They were then able to get into the internal network and track down administrators’ computers for video surveillance.
And ZDNet adds,
Once infected with Carbanak, the malware spread across internal corporate networks and tracked down administrator computers before using covert video surveillance programs to capture and record the screens of staff dealing with cash transfer systems.
With this data, the criminal gang were able to mimic staff members and transfer cash fraudulently. Online banking and international payment systems were used to deposit stolen funds in Chinese and US accounts. It is possible that transfers were also made to bank accounts in other countries.
It wasn’t even necessary for the attackers to hack into the banks’ specific services. They were able to hide their nefarious scam within the networks once they cracked the code and got in.
The substantial haul was stolen straight from banks by using malicious code with cyber criminals coming from Russia, Ukraine and China.
“Sergey Golovanov, Principal Security Researcher at Kaspersky Lab’s Global Research and Analysis Team told attendees at the Kaspersky Lab Security Analyst Summit that tracking the operation began when he was shown a video of a criminal taking money from an ATM without touching the machine.”
“These attacks again underline the fact that criminals will exploit any vulnerability in any system,” Sanjay Virmani, director of Interpol Digital Crime Center, said in a statement prepared by Kaspersky.
The discovery of Carbanak “united all of the theft cases around the world through one advanced persistent threat (APT),” according to Golovanov
Here’s the take away…“It also highlights the fact that no sector can consider itself immune to attack and must constantly address their security procedures.”
You can’t “set it and forget it”, security measures and procedures must be monitored, adjusted, updated and controlled at all times. You can’t leave the pot boiling on the stove.
There’s no one size fits all when it comes to security measures but SLPowers can help tailor an approach that will work for your specific needs. Customized Network Security, at your service.