In May 6th’s Scam of the day I told you about the international hacking collective Anonymous announcing on YouTube a month-long campaign they were launching against banks around the world. Anonymous calls this campaign Operation Icarus. Previously Anonymous had managed to take down the website of the Bank of Greece for a short period of time. The Bank of Greece indicated, however, that no personal information was accessed and no data was lost. Now Anonymous managed to take down the website of the London Stock Exchange although again, it does not appear that any personal information was stolen. The website was taken down through the use of a Distributed Denial of Service (DDoS) attack by which a website is flooded with communications often through a botnet of hacked computers that results in an overload of the website causing it to shut down. Although this type of attack is inconvenient, it does not carry with it a significant threat to the workings of the targeted company, in this case, the London Stock Exchange, which continued trading and did not lose any sensitive information.
Here is a link to the video announcement of Anonymous of its campaign against the banks of the world. https://www.youtube.com/watch?v=GpGWaa3uCNo
The world banking system is an increasing target of hackers and cybercriminals. The recent cyber bank robbery of the Bangladesh Central Bank in which hackers succeeded in stealing approximately 81 million dollars is just the tip of the iceberg. I reported to you in February of 2015 about the exploits of the Russian cybergang Carbanak that stole as much as a billion dollars from up to a hundred banks worldwide. The full extent of the vulnerability of banks to cybercrime is still unknown because it is believed that many banks that have been victimized by cybercriminals don’t report the thefts to regulatory authorities due to vague standards mandating the reporting of such security breaches.
More recently, the FBI warned banks to be on the lookout for attacks by cybercriminals and to particularly be vigilant in regard to international transfer requests.
The vulnerabilities in the interconnected world banking system as well as vulnerabilities in the security of individual banks have been and are being exposed by hackers such as those in Carbanak and those responsible for the hacking of the Central Bank of Bangladesh. Greater attention to cybersecurity by banks around the world is critical. In addition, regulators both in the United States and around the world need to establish new standards by which all banks must operate to safeguard their accounts. As for we, the depositors in these institutions, the best we can do is monitor our own accounts regularly for fraudulent activity and make sure that we are not the weakest link when it comes to protecting our username and password when doing online banking. We should also use dual factor authentication when doing online banking as an additional security measure.