Carbanak: How Would You Have Stopped a $1 Billion APT Attack?
In
what’s shaping up to be a textbook classic, Carbanak, a major advanced
persistent threat (APT) attack against financial institutions around the world,
may be considered the largest cyberheist to date. The scope of the attack and
the losses it has caused make its case so significant. The surprise factor in
this APT attack was the criminals’ change in approach and careful planning.
Unlike the usual cybercriminal method of stealing consumer credentials or compromising
individual online banking sessions with malware, the brazen Carbanak gang
targeted banks’ internal systems and operations, resulting in a multichannel
robbery that averaged $8 million per bank.
At the
time of this post, attacks connected to the Carbanak operation are reportedly
still active.
Attacking
financial organizations from within is more complicated to execute than
impersonating online banking users. Such a large-scale APT operation took
planning, skill and resources that are not commonly seen from many organized
cybercrime gangs.
The main
factor that let attackers cause such damage was inadequate security controls.
While the financial sector has been fervently working for decades to prevent
fraud and strengthen its detection and protection mechanisms, it has not been
as aware of the threats to corporate systems and internal operations networks.
Since banks possibly did not expect cybercriminals to be able to attack from
within the bank’s systems, internal core systems were not protected by adapted
solutions that would have stopped this sort of attack. It was only a matter of
time before criminals conceived and executed an operation of this scale.
Read this article here.
This post was further translated into Japanese and can be accessed here:
Carbanak:10億ドル相当のAPT攻撃を止めるにはどうすべきだったか http://bit.ly/1CVbDP8 | #cybercrime by IBM's @iCyberFighter
This post was further translated into Japanese and can be accessed here:
Carbanak:10億ドル相当のAPT攻撃を止めるにはどうすべきだったか http://bit.ly/1CVbDP8 | #cybercrime by IBM's @iCyberFighter
Comments
Post a Comment