Hackers Steal Nearly $14 Million from Indian Cosmos Bank in ATM Attack

According to Reuters, after conducting a malware attack on the bank’s ATM server, the criminals stole Cosmos’ customer data and used cloned cards to withdraw 805 million rupees in 14,849 transactions in only a two hour time period. Aside from the thousands of ATM withdrawals, the hackers also managed to transfer 139 million rupees to a Hong Kong-based company’s account.  

This news come after the FBI just alerted the financial industry that cyberthieves are preparing for a highly coordinated “ATM cash-out” fraud scheme, which could result in the loss of millions of dollars stolen from ATMs across the globe.

The alert claims, “Historic compromises have included small-to-medium size financial institutions, likely due to less robust implementation of cybersecurity controls, budgets, or third-party vendor vulnerabilities.

The FBI is urging banks to implement application whitelisting to block the execution of malware and to closely monitor, audit and limit administrator and business critical accounts. Other tips the FBI advisory suggests include:

  • Implement the separation of duties or dual authentication procedures for account balance or withdrawal
  • Monitor for the presence of remote network protocols and administrative tools used to pivot back into the network
  • Monitor for encrypted traffic traveling over non-standard ports
  • Monitor for network traffic in unexpected regions

Customer data held by smaller banks with less sophisticated security systems has become increasingly more vulnerable to attack. While certain threats vary from industry to industry, we at NNT believe that the best place to start is by implementing the CIS Critical Controls, as these outline what your business must do first and foremost to protect sensitive data.

Once you’ve established your secure configuration posture across your entire IT infrastructure, then introduce intelligent change control technology to track and analyze any unexpected changes to your systems integrity by leveraging self-learning whitelisting technology and threat intelligence.

 

Interested in learning how to deliver security through system integrity to your organization? Click here to learn more

Cloud and Container Security
The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
Information
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.