Financial Institutions Suffer “Carbanak” Cyber Attack

By Eric Noonan • February 16, 2015

According to the latest Kaspersky Labs report, financial institutions have had approximately $1 billion (£648 million) stolen in the cyber attacks starting in 2013 and are still ongoing. The report identifies a cybercriminal group named “Carbanak” consisting of members from Russia, Ukraine, and China. Carbanak is also suspected as the group behind for the major retail breaches with Bebe Stores, Sheplers, and Staples. Carbanak leveraged well-known vulnerabilities in Microsoft Office in nearly all of their attacks against financial institutions. The average attack was carried out over a period of 2 to 4 months, entailed a 100+ compromised internal systems, and resulted in up to $10 million in stolen financial assets.

 

“Advanced control and fraud detection systems have been used for years by the financial services industry (…) However, these focus on fraudulent transactions within customer accounts. The Carbanak attackers bypassed these protections, by for example, using the industry-wide funds transfer (the SWIFT network), updating balances of account holders and using disbursement mechanisms (the ATM network). In neither of these cases did the attackers exploit a vulnerability within the service. Instead, they studied the victim´s internal procedures and pinpointed who they should impersonate locally in order to process fraudulent transactions through the aforementioned services. It is clear that the attackers were very familiar with financial services software and networks (…)”

The Kaspersky Labs Report

 

The big take away from this report is that spear phishing attacks and old exploits (for which patches have already been released) remain effective against medium to large sized companies. Most businesses are simply not set up to defeat skilled attackers as most their cybersecurity is built around compliance or to put it more simply, to combat auditors and regulators. To sufficiently protect competitive customer advantages and shareholder values, businesses must adapt their approach to cybersecurity to keep pace. In our experience at CyberSheath, businesses that take a sustained approach to cybersecurity also take better advantage of the latest innovative technologies in mobile, social media, and cloud, which help a business maintain its competitive edge and drive growth.

CyberSheath Blog

CyberSheath Opens Registration For CMMC CON 2022

RESTON, Va. — June 8, 2022 — Federal contractors have been searching for direction after seeing a flood of messaging about the future of Cybersecurity Maturity Model Certification (CMMC). The nation’s largest CMMC conference has returned to help contractors navigate their course through the evolving compliance landscape.   Hosted by…

5 Reasons to Partner with CyberSheath

The threat landscape is only becoming more complex. Offload the responsibility of navigating cybersecurity issues for your customers by taking advantage of CyberSheath’s new Partner Program.   As a pioneer and industry leader in the managed security service provider space, our new offering helps you achieve rapid results and deliver…

CMMC Compliance Training: How to Earn Your Black Belt

Contractors in the Defense Industrial Base (DIB) are looking for direction as Cybersecurity Maturity Model Certification (CMMC) 2.0 nears. Compliance with CMMC and Defense Federal Acquisition Regulation Supplement (DFARS) is your key to doing business with the Department of Defense (DoD) and we can help you navigate those requirements and…

Our Trusted Partners

Tenable Microsoft Siemplify KnowBe4 ConnectWise DUO