This week, a report by the Russian security company Kaspersky Lab
uncovered an "unprecedented" cyber attack on up to 100 banks located across the globe. The attack was undertaken by a cyber gang dubbed 'Carbanak' and could result in losses of $1bn (£648m).
These findings build on a report released by another cyber-security company
, Fox-IT in December. The long game
In many ways, this cyber attack began like any other write New York Times
journalists David Sanger and Nicole Perlroth. The cyber criminals sent their victims emails infected with malicious code that allowed them to "crawl across a bank's network until they found employees who administered the cash transfer systems or remotely connected ATMs", they explain. 79%
of banking and capital markets CEOs worldwide see cyber risk as the top threat to business growth
What sets this operation apart for Sanger and Perlroth is the length of time that elapsed before the heist was undetected. "The question remains how a fraud of this scale could have proceeded for nearly two years without banks, regulators or law enforcement catching on," they observe.
The New York Times
journalists believe the answer lies in Carbanak's meticulously considered strategy. "The attackers took great pains to learn each bank's particular system, while they set up fake accounts at banks in the United States and China that could serve as the destination for transfers", they say. nytimes.com piece
One step ahead
For Computer Business Review's
Jimmy Nicholls, "much can be learned from the Carbanak campaign".
Like Sanger and Perlroth, Nicholls believes offenders are becoming shrewder, with cyber attacks taking place over months rather than minutes. He quotes Rob Norris, Director of Enterprise and Cyber Security, Fujitsu UK&I, who said: "If you were going to draft the definition of a modern cyber attack, this would be it."
So, how can companies protect themselves? They can implement a strong password policy, use two-factor authentication, and segment important data from the "trivial stuff", Nicholls advises. They can also set a behavioural benchmark and monitor it, he adds.
"The Carbanak hackers were expert at infiltrating banking environments, carefully watching admin behaviour before enacting their own fraud to ensure they would not be detected," notes Nicholls. "The recent surge in behavioural analytics is making it easier to work out when something malign is happening, with a lot of technology leveraging machine learning to gain insights into workers' habits." crbonline.com opinion
Anna Irrera believes lessons are already being learned. The efinancialnews.com journalist claims that high-profile attacks like Carbanak's are pushing banks and other firms to bolster their defence systems.
"Cyber security analysts have for years lamented that banks weren't paying sufficient attention to the threat posed by online attacks," she writes. "Now, after a slew of high-profile breaches, it seems bank chief executives are taking note."
She points to a recent study by PwC
, 'Achieving success while managing disruption', which reports that 79% of banking and capital markets CEOs worldwide see cyber risk as the top threat to business growth - up from 71% a year ago. What's more, 93% of those questioned consider cyber security to be "a strategically important category of digital technologies in their organisation", she notes. thetally.efinancialnews.com comment
Seen a blog, news story or discussion online that you think might interest CISI members? Email firstname.lastname@example.org
Cyber crime watchThe CISI is hosting two events in March to help members address the threat posed by cyber crime:
11 March, 2015: Live webcast - Tinker, tailor, soldier, stockbroker - the growing cyber threat to finance
Sir David Omand GCB, one of the world's leading authorities on the growing cyber threat to financial firms, and a former head of GCHQ and Security and Intelligence Co-ordinator for the UK Government, will assess the growing threat to our members and their firms from cyber criminals and how they can combat the danger posed.
30 March 2015, London: Economic and cyber crime conference 2015 - the future of cyber defence
This inaugural conference will address the rising frequency and severity of cyber threats, in addition to highlighting strategies that financial services organisations can employ to ward off and respond to such attacks.