Earlier this year, 5 European banks have been reportedly stolen of up to 10 million dollars each by an unknown well-organized cybercrime organization.
How does it come about?
The 6-month-long theft operation happened like this: The attackers initially recruit mules, economically enticing them to open bank account with given counterfeit documents. Upon receiving debit cards, the attackers gained access to bank employee’s credentials via phishing websites or emails, gradually acquiring control of processing network. With the malicious installed payloads, the attackers were able to manipulate risk ratings and overdraft limit at random, while at the same time removing all anti-fraud control in place. The adept cash withdrawal took place instantly within minutes after the draft limit change made via card management application.
How well-planned was the cybercrime organization?
Some victim banks even remain unconscious of the loss well after the completion of criminal action. All these evidence strongly indicates this as a knowledgeable, well-organized cybercrime group. In addition to adopting emerging high-end tactic coupled with physical elements, they elaborately select solitary ATMs, mostly in remote areas, but essentially without security guard protection and without withdrawal limit. Moreover, the attackers spared no effort in wiping out the criminal tracks by leaving an exe. in the system before restarting it. Thanassis Diogos from Trustwave’s SpiderLabs security team even expressed not previous knowledge about this TYPE of attack ever before, which is really astonishing.
How shall the other banks worldwide react in the future?
The key lies in cooperating and learn from failures. In retrospect, though, inspire of the well-planned criminal, banks have many more things to do in terms of enhancing its defensive system. First, filtering and management of phishing emails. Second is regulation of personal card risk ratings and overdraft enablement. Cyber attacks is a eternal topic across all industry, affecting individuals alike. In order to prevent potential loss in the future, banks worldwide shouldn’t just sit around, but collaborate together, with stronger resolution to combat against die-hard cybercrime.
Sources:
http://www.computerweekly.com/news/450427919/Cyber-heist-hits-banks-in-Russia-and-eastern-Europe
https://www.darkreading.com/endpoint/cybercrime-gangs-blend-cyber-espionage-and-old-school-hacks-in-bank-heists/d/d-id/1324222