From Russia with Love
News over the weekend that an international gang of Russian speaking cyber criminals pulled off what the NY Times described as one of the biggest bank heists of all time (approximately $1 billion) has once again exposed the fact that the financial system and its consumers are under attack and the bad guys are winning.
Although it appears that the breath of the attack may have been overestimated by initial reports, the Krebs on Security blog is reporting that, according to the Russia security firm that uncovered the heist, the cyber gang hit up to 100 banks worldwide in approximately 30 different countries involving 300 IP addresses.
If news reports are accurate this group patiently broke into computer systems using phishing techniques and once inside thoroughly learned how to mimic employee and system behavior. They may have even videotaped keyboards. By the time they struck they were able to make ATMs spit out money on command, inflate the size of accounts, and, of course, transfer money out of the institutions. As Krebs explains “ Most cyber crime targets consumers and businesses, stealing account information such as passwords and other data that lets thieves cash out hijacked bank accounts, as well as credit and debit cards,…but this gang specializes in hacking into banks directly, and then working out ingenious ways to funnel cash directly from the financial institution itself.”
Far from throwing up our hands in frustration there is much that can and should be done by individual institutions as well as governments and consumers.
- Assume that your computer system has been breached and ask yourself how you can minimize the damage? You won’t find this advice in a compliance manual but experts have been stressing for years now that your IT system is as vulnerable as your most careless employee. The more you limit access to key systems to those employees who need direct access the better off you will be. Another step you could take is mandating that only certain computers be used for certain functions. Finally change passwords frequently.
- A hallmark of cyber attacks these days is that criminals are patiently “casing” cyber infrastructures sometimes for several months before attacking. As a technological Luddite I want to know how these people know they can poke around the security systems of some of the world’s most sophisticated banks and not get exposed? It seems to me that we can’t prevent break-ins but we can shorten the amount of time that criminals have to carry out their crimes.
- Is it time for a cyber-security tax? I’m open to alternatives on this one but, just as what I pay for a plane ticket partially reflects the cost of security, it’s time that financial transactions have a similar tax to pay for cyber-security. Without a robust public security infrastructure cyber-security will become yet another cost that only larger institutions can absorb. This isn’t fair to the small guys,
- President Obama has recently taken some long overdue steps to nationalize the issue of cyber-Security. Now it’s time to make it an international issue. This is a crucial piece of cybersecurity. No one can be facilitating international cyber thefts of the size and sophistication we are now seeing without governments looking the other way. After all someone has to collect the money. We need an international treaty-modeled after the nuclear Non-Proliferation Treaty-in which countries would agree to adopt domestic cybersecurity protocols and consent to international inspection of their compliance efforts. Those countries that don’t comply would be subject to sanctions and those countries that choose not to participate in the agreement will give us a pretty good list of where most of the cyber crime is being facilitated. Remember that a vibrant safe electronic infrastructure is in the best interest of almost all businesses and all countries,
Here are some interesting stories on the heist.