The Dire Straits of Cybersecurity
February 23, 2015
Money for Nothing
In late 2013, ATMs in Kiev began spitting out cash at random times, even if nobody was standing in front of them. Turns out, cash on the concrete was just the tip of the iceberg. By the time investigators got their forensics around the issue, over 100 financial institutions across over 30 nations had been breached in what might be the largest bank theft of all time.
Clicks for Free
The Carbanak Gang, named after the malware used in the heist, is comprised mostly of Russian, Chinese, and European hackers. The malware included Remote Access Trojans (RATs) that allowed the Gang to remotely access and manipulate the networks of the victim banks, completely undetected. Beginning by recording video of internal movements within the network, hackers were able, over time, to mimic bank officers performing routine tasks while actually routing funds to their own accounts.
APT: Easy as 123
Advanced Persistent Threats (APTs) are different from other cyberthreats in a number of ways. First, the breach is orchestrated in slow, patient steps, often involving social engineering, to penetrate and inhabit a network undetected. Second, the end goal of the penetration is typically to mine data rather than to damage or disable the host network. A third distinction is the elevated investment in hacker time and resources.
Risk and Reward in Harmony
The effects of the Carbanak Gang continue to ripple through the banking and cybersecurity industries, but all hackers are not Russian or Chinese. The threat is everywhere, and there are no easy solutions. ICS can be a vital part of your defense with services like vulnerability assessment and penetration testing, and prevention is a lot easier and dramatically less expensive than recovery. If you like the sound of that, you should really hear the rest of the song.