Hackers use banks as a starting point for phishing attacks
The cybercrime attacks banks and financial institutions, infiltrating and using part of the compromised infrastructure to have access to specific objectives in every region or country. Recent trends in recent times.
In a report released Feb. 19, international security company Group-IB, which specializes in international cyber attacks, described the so-called "cross-border domino effect." can lead to malicious attacks and phishing attacks beyond the original goal. The report is based on information from incident response projects implemented in 2018 by the company's computer forensic team.
- What can organizations do to protect themselves from cyber attacks?
Attack in chains to get maximum effect
The incident response activities at various financial institutions have revealed that in some cases, the attacker used his access to send email to other banks and payment systems.
A simple example of a case originating from a Russian bank could be taken, where the attacker used the bank's infrastructure to send fraudulent emails to another bank in Kazakhstan. A chain attack was carefully observed, and there were many organizations in other countries that were also found to be involved in malicious messages to access their systems.
The cyber criminals behind the incident then made another fraudulent campaign with the same scenario, using the infrastructure of a bank in Kazakhstan to infect the bank. Other goods in Georgia.
Although the focus of the report is on companies and organizations in Russia and Eastern Europe, but Group-IB experts have also tracked the attacker's footprint to targets in the independent nations community. (CIS) - an organization of 10 post-Soviet republics in Asia and Europe.
"A group of motivated hackers targeting the financial sector are always looking for ways to maximize the profits earned after each attack, for example in this case by controlling the banking system. only aimed at withdrawing money from an compromised bank but also aiming to infect as many new victims as possible ". Valery Baulin, head of digital forensic research department Group-IB, said.
In addition, the expert explained that the "domino effect" caused by chain attacks is a vector that spreads dangerously, because hackers use databases of bank partner companies. compromised.
- IBM developed a new technology to patch security holes.
Banks in Russia are often targeted
The key point in Group-IB's report is that banks in Russia are often not ready for cyber attacks, or in other words their security system is too loose and not "taken care of" regularly. Statistics show that more than half of signs of infringement on past banking systems stem from Russia.
In addition, 29% of the companies where Group-IB performed incident response activities last year contain malware that is operating on their network infrastructure, while reports about The internal IT security services of these banks do not have any clues about the malware.
The fraudulent methods of withdrawing money are still carried out by the old method, which is money withdrawn via payment card (ATM), through fake accounts, payment systems or directly from ATMs.
The method is still the same, but the amount of stolen cash has increased significantly, and the attacks have been done more quickly. If three years ago, average hackers took 25-30 hours to get $ 3 million, then in 2018 they took the same amount in less than 15 minutes from many banks in Russia. .
- US $ 1.7 billion of electronic money was beaten by hackers in 2018
According to security experts, the success of hackers is partly due to the lack of central management capacity, not enough to forecast and offer remedial measures, or further cooperation among banks. . Besides, the lack of warning processes and the fact that IT experts have reacted too slowly to hacking incidents are also factors that contribute to the situation.
Without timely measures to improve the situation in the near future, the damage they receive will not stop at that level.
You should read it
- Hacker purged two-factor security just by automated phishing attacks
- Summary of popular network attacks today
- Air New Zealand hacked, customer information is at risk of falling into the hands of hackers
- Excel continues to be used as a lure for online fraud with complex mechanisms
- The 4 most popular network attacks towards older people in 2018
- Hackers found a way to bypass Microsoft Office 365 Safe Links
- The alarming increase in the number of attacks targeted at IoT devices
- GitHub is under strong phishing attack, users pay attention to account security
- Microsoft warns of an increasing trend of attacks targeting firmware and worrying public indifference
- Application protection against DFA attacks
- Top 10 attack techniques on the web
- New phishing attacks appear to use Google Translate as a disguise
Maybe you are interested
What are DoS and DDoS denial of service attacks? What are their harmful effects?
Cyber attacks cause many American businesses to return to using paper
Famous cyber attacks of the past decade
Plants vs. Zombies: Upgrade and collect plants to deal with zombie attacks
Detection of new utility backdoor leaves many Linux distributions vulnerable to attacks
The 9 largest ransomware attacks in human history