Bank Heists the Modern Way — Cyber Crime Breaching Financial Institutions

by Tony Richardson CISSP

Banks and Financial Institutions have always been rich pickings for the cyber criminal. And will continue to be so…….

For as long as there have been banks, there have been bank robbers. Some have gone in all guns blazing, wild west style, while others have broken in clandestinely, but 21st century criminals have found a new way of robbing banks — creating a data breach.

Cybercrime Against Financial Institutions

In 2022, financial institutions became the second most commonly targeted sector globally, only behind government organisations. Figures suggest that, in the year to 9th December, there were 566 data breaches suffered globally by financial and insurance institutions. These attacks resulted in more than 254 records being compromised.

This represents a wide range of tactics, ranging from standard hacking techniques like phishing to ATM card data skimmers. Much of this is by criminal groups, but state-sponsored hacker groups are also prevalent — particularly those from North Korea. In these cases, the proceeds don’t just line the pockets of criminals — they might go into the development of nuclear weapons.

Phishing — Still the Most Common Attack

Phishing remains the most common hacking technique employed by cybercriminals, largely because it doesn’t require any sophisticated technical know-how. All you need do is trick an employee into clicking a link or opening an attachment that will embed malware onto their machine, from where it can spread throughout the network.

Phishing can have various aims, but the most common where financial institutions are concerned is to harvest data such as logins for bank accounts or  credit card numbers. This enables the criminals to steal directly from customer accounts, causing not only financial loss, but also a major loss of reputation for the organisation.

Magecart-Style Attacks

An alternative approach by cybercriminals is to use what are known as Magecart-style attacks. The most common of these involves inserting digital skimmers onto platforms for ecommerce or other payments. This usually takes the form of JavaScript code, allowing the criminals to steal card data when the card is used for a payment.

The code is often disguised as something legitimate, such as Google Analytics or Google Tag Manager. Alternatively, a tactic discovered recently involved buying the domain of a defunct tool that some organisations may not have removed from their websites. This allowed card data to be skimmed off and offered for sale on the dark web.

Ransomware Is Still Common

Ransomware can be used either to steal your data or lock you out from it (or both) if the ransom isn’t paid. The extent of the problem isn’t easy to pin down, since many victims who pay the ransom don’t report it and no breaches occur. However, it remains common, and this includes financial institutions.

The methods used to install ransomware vary, but phishing appears to be the most common. Other approaches, such as exploiting software vulnerabilities and remote services, are also fairly common. And, as always, criminals can occasionally gain access by means of a malicious insider.

Protect Yourself Against Modern Bank Heists

In the days of physical banking, banks introduced increasingly sophisticated ways of foiling heists, from security alarms to timelocks, as well as bulletproof glass screens. While modern heists may seem less dramatic, they can be far more damaging in the long run.

Fortunately, there are ways of defending against them. Get in touch with us and find out how SecuraProTM can help you protect your systems against latter-day bank robbers.