According to Reuters, after conducting a malware attack on the bank’s ATM server, the criminals stole Cosmos’ customer data and used cloned cards to withdraw 805 million rupees in 14,849 transactions in only a two hour time period. Aside from the thousands of ATM withdrawals, the hackers also managed to transfer 139 million rupees to a Hong Kong-based company’s account.
This news come after the FBI just alerted the financial industry that cyberthieves are preparing for a highly coordinated “ATM cash-out” fraud scheme, which could result in the loss of millions of dollars stolen from ATMs across the globe.
The alert claims, “Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cybersecurity controls, budgets, or third-party vendor vulnerabilities.
The FBI is urging banks to implement application whitelisting to block the execution of malware and to closely monitor, audit and limit administrator and business critical accounts. Other tips the FBI advisory suggests include:
- Implement the separation of duties or dual authentication procedures for account balance or withdrawal
- Monitor for the presence of remote network protocols and administrative tools used to pivot back into the network
- Monitor for encrypted traffic traveling over non-standard ports
- Monitor for network traffic in unexpected regions
Customer data held by smaller banks with less sophisticated security systems has become increasingly more vulnerable to attack. While certain threats vary from industry to industry, we at NNT believe that the best place to start is by implementing the CIS Critical Controls, as these outline what your business must do first and foremost to protect sensitive data.
Once you’ve established your secure configuration posture across your entire IT infrastructure, then introduce intelligent change control technology to track and analyze any unexpected changes to your systems integrity by leveraging self-learning whitelisting technology and threat intelligence.
Interested in learning how to deliver security through system integrity to your organization? Click here to learn more