Change and Configuration Management CONFIGURATION MANAGEMENT INTELLIGENT CHANGE CONTROL

Cyber thieves managed to walk away with $13.5 million (944 million rupees) from India’s Cosmos Bank after making illegal withdrawals at ATMs across 28 countries over the past weekend.

According to Reuters, after conducting a malware attack on the bank’s ATM server, the criminals stole Cosmos’ customer data and used cloned cards to withdraw 805 million rupees in 14,849 transactions in only a two hour time period. Aside from the thousands of ATM withdrawals, the hackers also managed to transfer 139 million rupees to a Hong Kong-based company’s account.  

This news come after the FBI just alerted the financial industry that cyberthieves are preparing for a highly coordinated “ATM cash-out” fraud scheme, which could result in the loss of millions of dollars stolen from ATMs across the globe.

The alert claims, “Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cybersecurity controls, budgets, or third-party vendor vulnerabilities.

The FBI is urging banks to implement application whitelisting to block the execution of malware and to closely monitor, audit and limit administrator and business critical accounts. Other tips the FBI advisory suggests include:

  • Implement the separation of duties or dual authentication procedures for account balance or withdrawal
  • Monitor for the presence of remote network protocols and administrative tools used to pivot back into the network
  • Monitor for encrypted traffic traveling over non-standard ports
  • Monitor for network traffic in unexpected regions

Customer data held by smaller banks with less sophisticated security systems has become increasingly more vulnerable to attack. While certain threats vary from industry to industry, we at NNT believe that the best place to start is by implementing the CIS Critical Controls, as these outline what your business must do first and foremost to protect sensitive data.

Once you’ve established your secure configuration posture across your entire IT infrastructure, then introduce intelligent change control technology to track and analyze any unexpected changes to your systems integrity by leveraging self-learning whitelisting technology and threat intelligence.

 

Interested in learning how to deliver security through system integrity to your organization? Click here to learn more

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.
Portland
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified
Copyright 2018, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.