A wave of cyberattacks has cost banks across the globe up to $1bn since 2013, according a report by Russian computer security firm Kaspersky Lab.
Up to 100 banks, e-payment systems and other financial institutions in about 30 countries have become the targets in these attacks.
The countries being targeted include Russia, US, Germany, China, Ukraine, Canada, Hong Kong, Taiwan, Romania, France, Spain, Norway, India, the UK, Poland, Pakistan, Nepal, Morocco, Iceland, Ireland, Czech Republic, Switzerland, Brazil, Bulgaria, and Australia.
The report estimates that the largest sums were stolen by hacking into banks, with up to ten million dollars stolen in each raid and each bank robbery taking two to four months.
Kaspersky Lab’s global research and analysis team principal security researcher Sergey Golovanov said, "These bank heists were surprising because it made no difference to the criminals what software the banks were using. So, even if its software is unique, a bank cannot get complacent. The attackers didn’t even need to hack into the banks’ services: once they got into the network, they learned how to hide their malicious plot behind legitimate actions. It was a very slick and professional cyber-robbery."
The cybercriminals gained entry into an employee’s computer with the help of spear phishing, infecting the victim with the Carbanak malware, and then penetrated the internal network and tracked down administrators’ computers for video surveillance.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataFor money transfer from the banks’ accounts to their own, the fraudsters used online banking or international e-payment systems.
Fraudsters also sometimes penetrated into the heart of the accounting systems, inflating account balances before getting the extra funds via a fraudulent transaction.
The report said that the attacks are still active.