Calls for greater banking security in light of major cyber attack

Revelations from Kaspersky about a major hack on banks that has led to $1bn being stolen by criminals has led to calls for greater security in the financial services sector

The revelations by Kaspersky that hackers were able to gain access to 100 banks across 30 countries and steal around $1bn over a period of two years is not only a major concern but also an indication that while a lot of focus has been drawn to nation state attacks the criminals are still busy getting their hands on cash illegally.

The Kaspersky report pointed the finger at a cyber criminal gang that was operating out of Russia, China and the Ukraine and attacks have taken place against banks in those countries as well as many other places across the globe.

The hackers took the approach of using malware infected Word attachments sent to bank employees that could then monitor their activity and once they had gained entry to it was possible to get cash machines to issue money and for funds to be transferred.

The response from the security industry has been one of dismay that a lot of the problems seem to have resulted from staff failing to follow security policies and opening attachments that contained malware.

"This is yet another hacking originating from spear phishing attacks," said Mike Spykerman, vice president of product management at OPSWAT "The problem with these attacks is that because they are targeted to only a small number of individuals, the malware can get past anti-virus engines."

He recommended more data sanitisation technology to help prevent malware based attachments and there were other calls for banks to step up and invest in the latest security technology.

"Whatever technologies these banks were using to protect themselves failed. It’s time to look for new technologies," said Amichai Shulman, CTO Imperva.

"Such an operation resulted in countless acts of internal credential theft and explorations within the bank network. Clearly setting up traps within end stations would have triggered multiple alerts over time. Organizations must deploy this new technology."

Mark Bower, vice president of product management at Voltage Security, said that the attacks revealed the skills of cyber criminals in getting through defences to gain illicit funds.

"Cybercriminals have got the infection-to-cash cycle down to a fine art, proving crime does pay when the victim's perimeter can be bypassed and systems manipulated at will. Today, there are few defenses against this level of attack sophistication - but new methods have emerged to fight back, especially data-centric security which works by making stolen data completely useless to the criminal who steal it," he advised using format-preserving encryption.

The timing of the revelations of the attack comes just days after President Obama called on security vendors to do more to share information about the latest threats and work more closely with law enforcement.

Read more on Data Protection Services