Hackers steal up to $1 billion from banks, security firm says | Inquirer Technology

Hackers steal up to $1 billion from banks, security firm says

/ 09:48 AM February 16, 2015

in this Jan. 20, 2015, Kwon Seok-chul, CEO at computer security firm Cuvepia Inc., presents "Kwon-ga," a real-time monitoring solution that detects hackers during an interview at his office in Seongnam, South Korea. Ever since the Internet blossomed in the 1990s, cybersecurity was built on the idea that computers could be protected by a digital quarantine. Now, as hackers routinely overwhelm such defenses, experts say cybersecurity is beyond due an overhaul. Their message: Neutralize attackers once they’re inside networks rather than fixating on trying to keep them out. In South Korea, where government agencies and businesses have come under repeated attacks from hackers traced by Seoul to North Korea, several security firms have jumped on the growing global trend to develop systems that analyze activity to detect potentially suspicious patterns rather than scanning for known threats. Kwon said it has been tough to convince executives that it’s more effective to catch bad guys after they’ve infiltrated a network instead of trying to keep them out, which he believes is impossible anyway. (AP Photo/Ahn Young-joon)

In this Jan. 20, 2015, Kwon Seok-chul, CEO at computer security firm Cuvepia Inc., presents “Kwon-ga,” a real-time monitoring solution that detects hackers. Ever since the Internet blossomed in the 1990s, cybersecurity was built on the idea that computers could be protected by a digital quarantine. Now, as hackers routinely overwhelm such defenses, experts say cybersecurity is beyond due an overhaul. AP

NEW YORK, United States — A hacking ring has stolen up to $1 billion from banks around the world in what would be one of the biggest banking breaches known, a cybersecurity firm says in a report scheduled to be delivered Monday.

The hackers have been active since at least the end of 2013 and infiltrated more than 100 banks in 30 countries, according to Russian security company Kaspersky Lab.

Article continues after this advertisement

After gaining access to banks’ computers through phishing schemes and other methods, they lurk for months to learn the banks’ systems, taking screen shots and even video of employees using their computers, the company says.

FEATURED STORIES

Once the hackers become familiar with the banks’ operations, they use that knowledge to steal money without raising suspicions, programming ATMs to dispense money at specific times or setting up fake accounts and transferring money into them, according to Kaspersky. The report is set to be presented Monday at a security conference in Cancun, Mexico. It was first reported by The New York Times.

The hackers seem to limit their theft to about $10 million before moving on to another bank, part of the reason why the fraud was not detected earlier, Kaspersky principal security researcher Vicente Diaz said in a telephone interview with The Associated Press.

Article continues after this advertisement

The attacks are unusual because they target the banks themselves rather than customers and their account information, Diaz said.

Article continues after this advertisement

The goal seems to be financial gain rather than espionage, he said.

Article continues after this advertisement

“In this case they are not interested in information. They’re only interested in the money,” he said. “They’re flexible and quite aggressive and use any tool they find useful for doing whatever they want to do.”

Most of the targets have been in Russia, the U.S., Germany, China and Ukraine, although the attackers may be expanding throughout Asia, the Middle East, Africa and Europe, Kaspersky says. In one case, a bank lost $7.3 million through ATM fraud. In another case, a financial institution lost $10 million by the attackers exploiting its online banking platform.

Article continues after this advertisement

Kaspersky did not identify the banks and is still working with law-enforcement agencies to investigate the attacks, which the company says are ongoing.

The Financial Services Information Sharing and Analysis Center, a nonprofit that alerts banks about hacking activity, said in a statement that its members received a briefing about the report in January.

“We cannot comment on individual actions our members have taken, but on balance we believe our members are taking appropriate actions to prevent and detect these kinds of attacks and minimize any effects on their customers,” the organization said in a statement. “The report that Russian banks were the primary victims of these attacks may be a significant change in targeting strategy by Russian-speaking cybercriminals.”

The White House is putting an increasing focus on cybersecurity in the wake of numerous data breaches of companies ranging from mass retailers like Target and Home Depot to Sony Pictures Entertainment and health insurer Anthem.

The administration wants Congress to replace the existing patchwork of state laws with a national standard giving companies 30 days to notify consumers if their personal information has been compromised.

RELATED STORIES

Globe website hacked due to ‘poor internet connection service’

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our daily newsletter

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

Hacking group Anonymous takes down ISIS websites, social media accounts

TOPICS: Cybercrime, Cybersecurity, Hackers, hacking, Kaspersky, Kaspersky Lab
TAGS: Cybercrime, Cybersecurity, Hackers, hacking, Kaspersky, Kaspersky Lab

Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our newsletter!

By providing an email address. I agree to the Terms of Use and acknowledge that I have read the Privacy Policy.

© Copyright 1997-2024 INQUIRER.net | All Rights Reserved

This is an information message

We use cookies to enhance your experience. By continuing, you agree to our use of cookies. Learn more here.