So many banks in so little time. We should expect cyber attacks on financial institutions because it’s just so much easier to pillage online than to coordinate a get-away car, guns and comfortable ski masks.
Over the past year, exploits against banks have seriously upped their game: jackpotting ATMs, DDoS and messing with trusted messengers. (We’ll review what happened with that trusted messaging service, since SWIFT isn’t supposed to work for the attackers as well as it does for the customers.)
The recent attacks on Polish banks initially went unnoticed. That’s a mistake we can’t afford to make, but the attackers are banking on it. When source code revealed that a much bigger player was involved, everyone jumped in. But that happened days later.
Let’s see the future through the lens of the past – there are big lessons here. We need to look at attitudes and assumptions because there are a whole lot of heads in the sand.
Then, we’ll talk about the big boys on the block: Carbanak, Dridex, Lazarus Group and the art of the pivot. We need to find the context in their past pursuits to see where they are heading. Finally, we’ll take a world tour of cybercrime hotspots and banks: Southeast Asia, Brazil, Africa. Forget that Nigerian prince.
What are we missing because we choose to see what we expect instead of what is really there?
After last year’s massive breaches, and some significant financial attacks, you would think financial organizations understand their need to be prepared. But the truth is, the onus can no longer be only on the banks.
In our world of plug and play, the attackers aren’t just going after the money – not when there’s so much more to be had.
Join me at 11:30 AM on Tuesda, July 25 at BSides Las Vegas 2017 (Underground Track) for my talk, “Banking on Insecurity: The ongoing fairytale of securing financial institutions.”
About the Author: Cheryl Biswas is a Cybersecurity Consultant, Threat Intel with KPMG in Toronto, Canada. She is fascinated by APTs, Mainframes, ICS Scada, and passionate about creating security awareness. She has a specialized honours degree in Political Science, has held a variety of roles in IT, and is ITIL designated. You’ll find her on Twitter as @3ncr1pt3d; she writes a security blog and guest blogs; and has spoken at BSidesLV, Circle City and BSidesTO. The views expressed here are solely her own, not those of her employer
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.