Bank robbery—it’s one of the oldest crimes in the book. This get-rich-quick scheme, while not always successful, often leaves criminals untouched. Though the goals of bank robbers have remained the same over the years, their methods have evolved.
Today’s bank robbers are hiding behind the screen, using targeted and sophisticated cybercrime tactics and leaving IT teams struggling to keep their networks and their vaults secure.
[ Effective security operations requires staying ahead of threats. Get up to speed with this Webinar: Next Level SecOps with UEBA and MITRE ATT&CK (9/25, 2PM EDT) ]
Evolution of the bank attack
In 2015, the banking industry discovered a startling new type of threat: A massive cybercriminal ring was targeting banks using Carbanak malware. The machines infected with this malware had flown under the radar for two years, attacking the banks’ internal money-processing services and automated teller machines (ATMs). By the time they were uncovered by Kaspersky Labs, the attacks had already infiltrated over 100 banks in 30 countries, with thieves making off with as much as $1 billion.
[ Get up to speed fast on today’s tools with TechBeacon’s Application Security Buyer’s Guide 2019 ]
What’s old is new again
New variants of the malware surfaced last fall, delivered through phishing attacks, and new criminal groups emerged as recently as this past February, employing similar tactics of spearphishing to embed customized malware and gain control over ATMs. Unfortunately, phishing attacks are still extremely prominent, and for good reason: They’re immensely successful.
Attackers take extreme care in developing convincing emails that appear to be legitimate banking communications to trick bank employees—or third parties with access to bank systems—into handing over their user credentials. Once inside, attackers exploit known vulnerabilities in commonly used applications that remain unpatched by large banks due to their cumbersome infrastructure.
This post is originally published here