Russian cybersecurity company, Kasperky Lab issued a report yesterday disclosing what may well be the biggest bank hacking in history. The hacking of more than 100 banks in the United States, Japan, Switzerland, the Netherlands and primarily Russia was accomplished by a criminal group called the Carbanak cybergang composed of Russians, Chinese and Europeans who through advanced malware installed on the computers of the targeted banks permitted the hackers to infiltrate the computers of the banks’ employees in charge of cash transfer systems and ATMs. They then installed a remote access tool (RAT) on these employees’ computers that enabled the hackers to see everything done on these employees’ computers with the goal of mimicking the look of legitimate transactions when the hackers activated electronic transactions and programmed ATMs to dispense money at specific times to steal as much as a billion dollars over the last two years.
As of today, no bank has admitted that it was one of the affected banks. This makes fighting similar attacks more difficult, which is one reason President Obama has recently been advocating for a law to mandate public disclosure of such security breaches by financial institutions. An important aspect to this hacking that has been often overlooked in some early reporting of the story is that although the malware used to perpetrate this crime is amazingly sophisticated, the planting of the sophisticated malware into the computers of the targeted banks was accomplished by old-fashioned phishing emails that lured the bank employees to click on infected link. Everyone including companies, governments and private individuals have got to do a better job of not clicking on links no matter how legitimate they may appear until you have confirmed that they are indeed legitimate. Remember my motto, “trust me, you can’t trust anyone.”