now browsing by tag


#deepweb | Criminals using ‘Frankenstein identities’ to steal from banks

Source: National Cyber Security – Produced By Gregory Evans It started out like any other online loan. Notre Dame Federal Credit Union reviewed the application. It did the necessary background checks, and authenticated the applicant’s credit score and background. But it wasn’t until a group of borrowers in Missouri abruptly stopped making payments that the […] View full post on

#infosec | UK Banks Foiled by Travelex Ransomware Attack

Source: National Cyber Security – Produced By Gregory Evans

The New Year’s Eve cyber-attack on currency exchange bureau Travelex is disrupting services for UK bank customers. 

Travelex took all its systems offline as a precautionary measure after being hit by what it initially described as a “software virus” on December 31. On January 7, the company released a statement fingering the culprit as a type of ransomware known as Sodinokibi and also commonly referred to as REvil.

Although the malware has been contained, Travelex has so far been unable to resume normal operations, though the company has said that a number of internal systems are now back up and running normally. 

The ransomware attack is not only causing misery for Travelex and its customers but has also spurned a brouhaha for British banks that rely on the travel money giant. 

RBS, Sainsbury’s Bank, First Direct, Virgin Money, and Barclays are among more than a dozen banks that have said their online foreign currency services are down as a result of the incident. 

Requests for foreign currency are being handled in-branch by many of the banks affected. 

According to the BBC, threat actors behind the ransomware attack are attempting to extort $6m from Travelex by encrypting the company’s data. 

Travelex said on Tuesday that it was not yet clear what data had been affected by the incident. 

“To date, the company can confirm that whilst there has been some data encryption, there is no evidence that structured personal customer data has been encrypted. Whist Travelex does not yet have a complete picture of all the data that has been encrypted, there is still no evidence to date that any data has been exfiltrated,” Travelex stated on January 7.

Until normal service is resumed, Travelex is doing business the old-fashioned way. The company’s chief executive, Tony D’Souza, said: “Travelex continues to offer services to its customers on a manual basis and is continuing to provide alternative customer solutions in the interim.”

With all the hullaballoo it seems that reporting the incident to the authorities may have slipped Travelex’s mind. Organizations are legally obliged to inform the Information Commissioner’s Office (ICO) within 72 hours of becoming aware of a data breach; however, the ICO said on Tuesday that it had not received a data breach report from Travelex.


#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity

Source link

The post #infosec | UK Banks Foiled by Travelex Ransomware Attack appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Cybersecurity at Banks a Different Kind of Holiday Stress

Source: National Cyber Security – Produced By Gregory Evans

Regardless of how they are made or who may be at fault when fraudulent transactions occur, the buck stops at the desks of cybersecurity professionals working at banks and financial institutions.

A recent survey of 1,000 U.S. consumers conducted by Terbium Labs, a provider of asset monitoring tools accessed via a risk protection platform, finds over two-thirds (68%) would hold their bank at least partly responsible for fraudulent activity. Just over half of respondents (51%), said they’d blame both the original source of the data compromise, such as a retailer, and the financial institution that issued the payment card. Only 17% said they would only hold their financial institution responsible regardless of how the compromise occurred.

The survey finds 19% of respondents would close their accounts following a data breach, while 26% said they would only keep their accounts open if their financial institution took specific actions to improve security.

Much to the frustration of many cybersecurity professionals, the survey finds only 7% of respondents said they planned on using two-factor authentication when shopping online. More than a third (38%), however, said they will prioritize monitoring their transaction history, even though 14% said they get frustrated when purchases that aren’t suspicious get flagged too often.

Despite awareness of the potential threats, a full 66% of survey respondents acknowledged they could easily become a victim of fraud, while 65% admitted they are at a higher risk of having their financial information compromised as a result of their holiday shopping. What appears to be missing in a lot of cases is any sense of personal responsibility.

Emily Wilson, vice president of research for Terbium Labs, said the holiday season is especially tough on cybersecurity professionals because cybercriminals view the holiday seasons as the perfect time to increase the volume of fraudulent transactions they generate. Retailers and banking institutions aren’t willing to challenge unusual spending patterns as consumers buy gifts and have them shipped to multiple locations using multiple debit and credit cards.

Alas, cybercriminals are not only aware of that tendency to ignore red flags that at other times of the year would set off a wave of alerts, but Wilson also said cybercriminals share best practices along with information about the capabilities on any organization to recognize fraudulent transactions. In many cases, cybercriminals who create exploits will even offer them at reduced prices during the holidays to spur sales in much the same way the typical retailer does, he said.

Cybersecurity professionals working in the banking sector naturally are highly stressed during the holiday season. The good news is that artificial intelligence (AI) systems are getting better at recognizing fraudulent transactions. The bad news is that cybercriminals are also investing in more sophisticated methods for making fraudulent transactions. Rather than relying on traditional spray-and-pray types of attacks, Wilson said attacks are becoming more sophisticated and targeted. As such, even as AI advances, there will be a need for humans to investigate fraudulent transactions for the foreseeable future, he said. If anything, the number of fraudulent transactions that can be investigated in the course of 24 hours is likely to increase substantially.

In the meantime, cybersecurity professionals working in the personal banking sector are once again in a no-win situation. When issuing debit and credit cards, banks are assuming some level of risk in return for the fees they charge. The best cybersecurity professionals can hope this holiday season is to minimize losses in a way that aggravates customers in the least way possible.

Source link

The post #cybersecurity | #hackerspace |<p> Cybersecurity at Banks a Different Kind of Holiday Stress <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Stolen credit card data from Singapore banks worth more on Dark Web, Tech News & Top Stories

Source: National Cyber Security – Produced By Gregory Evans

Stolen credit card data from Singapore banks is valued higher on the Dark Web than that from other countries because of the robust cyber security measures protecting it and the difficulty in obtaining such data, according to new research from cyber security firm Group-IB.

The Singapore-based firm yesterday said that for cards from the United States, the average price for raw payment card data, which includes credit card number, expiration date, cardholder name and CVV number, is between US$8 (S$11) and US$10 on Dark Web shops.

Please subscribe or log in to continue reading the full article. Learn more about ST PREMIUM.

Enjoy unlimited access to ST’s best work

  • Exclusive stories and features on multiple devices
  • In-depth analyses and opinion pieces
  • ePaper and award-winning multimedia content

Source link

The post #deepweb | <p> Stolen credit card data from Singapore banks worth more on Dark Web, Tech News & Top Stories <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Open #banking holds #promise but #cybersecurity fears loom for #Canadian #banks

Source: National Cyber Security – Produced By Gregory Evans

As banks work to fortify their cybersecurity defences amidst a growing number of data breaches, they are also exploring the promise of so-called “open banking,” a concept that could finally disrupt the staid financial services industry.

Customers have increasingly moved away from physical branches towards online and mobile apps, but banking has yet to reach its “Uberization” moment, one that breaks down traditional models to usher in new innovations, as Uber has done for the taxi industry.

Open banking — granting third-parties like financial technology startups access to bank data to develop innovative apps — could be such a “game changer,” according to Toronto Dominion Bank’s chief information officer, Jeff Henderson.

All but one of 100 payment executives at major banks globally said they were planning major investments in open banking by 2020, according to an online survey by consulting firm Accenture released last month.

But even as Canadian financial institutions toy with the idea, they’re concerned about the looming risk to consumers’ personal information amid the growing threat of cyberattacks.

The Accenture survey also showed that 50 per cent of respondents said that implementing the emerging concept increases risk.

“There’s no question this is a trend,” TD’s Henderson said.

“(But) I want to make sure that any time we exchange information externally, that is done so in a very controlled and understood manner.”

In these early days, the exact nature of the innovation in the open banking landscape is unclear, said Bob Vokes, managing director of financial services at Accenture in Canada.

“What we’re trying to do in open banking is to create new sets of services off of the banking data, or alternatively, allow you to manipulate your banking information in a different way,” he said.

Open banking allows consumers to share their banking data, which proponents say will spur the creation of new apps and platforms that will make financial transactions easier or develop new use cases.

For example, a consumer could log into one app and see all their financial accounts, from various banks, to get a full picture of their net worth and move funds in real time. Or, geolocation data could be layered over payment data, allowing a consumer to analyze exactly where their money is being spent, while also allowing merchants to offer them location-based rewards.

The buzz around open banking is building just as concerns about cybersecurity mount.

Most recently, Uber announced earlier this month that hackers compromised some 57 million user accounts and Equifax Inc. disclosed in September a cyberattack that compromised the personal information of half of Americans and some 19,000 Canadians.

It also comes as the Bank of Canada once again listed cyber threats as a key vulnerability for the Canadian financial system in its semi-annual review released Tuesday.

“The high degree of financial and operational interconnectedness among financial institutions means that a successful cyber attack against a single institution or a key service provider could spread more widely within the financial system.”

Meanwhile, various jurisdictions are pushing ahead with legislation that would see financial institutions become even more interconnected.

By January 2018, banks in Europe will be required to share proprietary data, in a regulated and secure way, under the U.K.’s Open Banking Standard and Europe’s PSD2 legislations.

Canadian institutions are also jumping on board.

The Competition Bureau said in a report on fintech earlier this month that it is early days “but the potential impact on competition and innovation is promising.”

The Ministry of Finance said in August it is “examining the merits of open banking.”

“Open banking holds the potential to make it easier for consumers to interact with financial service providers and increase competition,” the ministry said in a consultation paper as part of a review of the federal Bank Act.

The Canadian Bankers Association responded to the ministry that while its members are proponents of innovation, they are also concerned about the potential impacts on safety, soundness and stability in Canada’s financial system.

“Canadian banks have devoted very significant resources to creating well-established information security and data warehouses that meet the highest standards worldwide, the CBA said.

“Any initiative that could undermine this trust would be very problematic for Canadian consumers, financial market participants and the broader economy.”

Vokes says these concerns — as well as questions about whether the bank or the third party is liable if something goes awry — will need to be addressed in legislation.

If additional layers of security protection are put in place, open banking should not raise the level of cybersecurity risk, he said, adding however, that cyberattackers are becoming more sophisticated as well.

“Innovation isn’t just the purview of fintechs,” he said.

“As we continue to innovate, fraud and criminal enterprises are also innovating.”

The post Open #banking holds #promise but #cybersecurity fears loom for #Canadian #banks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Singapore #banks to face new #cybersecurity #regulations

Source: National Cyber Security – Produced By Gregory Evans

Singapore #banks to face new #cybersecurity #regulations

Ravi Menon, managing director of the city state’s central bank, the Monetary Authority of Singapore (MAS), reportedly told The Business Times that MAS will look to introduce new cyber rules in a bid to encourage greater adoption of online and digital banking.

According to The Business Times report, Menon said: “The use of technology is not going to take off if we have not successfully addressed the cybersecurity problem, and assured ourselves and Singaporeans that cyber risks are reasonably well mitigated. MAS has been raising the level of expected standards for cyber risk-management. We want to do some things through regulation, in terms of setting requirements for cyber.”

“Cyber risk is the least known risk of all the major risks facing banks. The models to track, manage and mitigate these risks are not as well developed as the models for the more traditional areas,” he said.

According to the report, there are more than 400 financial technology (fintech) companies now operating in Singapore, while 20 global banks and insurers have also established innovation labs within the country.

In June 2016, MAS announced plans to create a regulatory sandbox to support innovation in fintech. Under the scheme, financial services firms, technology companies and other “non-financial players” in Singapore have the chance to test new fintech products and services in an environment where some regulatory requirements are relaxed. The scheme is similar to others established by financial regulators around the world, including in the UK where the Financial Conduct Authority (FCA) pioneered the concept.

In March this year, MAS approved the first company to participate in its regulatory sandbox.

Menon said MAS has received more than 30 applications in total from businesses seeking to participate in sandbox testing, more than 80% of which have come from fintech startups, according to The Business Times report.

Menon admitted, however, that businesses have faced delays in winning approval from MAS for sandbox testing.

“One would have hoped we could have approved sandbox applications in weeks rather than months. But, we are learning ourselves – we’re in the sandbox, too,” Menon said, according to the report. “We are working out reduced requirements, looking at what are the requirements we can lift.”

The post Singapore #banks to face new #cybersecurity #regulations appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers #Attack Global #Banks with Just Found ‘Silence’ #Banking #Trojan

Source: National Cyber Security – Produced By Gregory Evans

One fresh banker Trojan has been detected and found employing techniques resembling ones that the Carbanak employed. The Trojan has been targeting financial institutions mostly in Russia.

According to security researchers from Kaspersky Lab, the new Trojan called “Silence” is used for acquiring continuous access of certain online banking network even as it makes video recordings of computer operations by bank employees, identifies the software they use and the operational activities of the bank. Once equipped with all this knowledge, the attackers controlling the malware apply that knowledge for grabbing cash out of the banks’ customer accounts. posted this, November 1, 2017.

By monitoring victims’ activities in the bank, the attackers get all the necessary details from them for sniffing the bank’s networks while escape unnoticed with stolen money. The victims get an e-mail containing one malicious attachment masquerading as ‘Windows help.’ The attachment contains a CHM file with a JavaScript embedded that by default downloads one Visual Basic programmed script and runs it that thereafter pulls down the Trojan installer via its command-and-control (C&C) server.

The researchers state that the controllers of ‘Silence’ possibly are a Russian-speaking group that has targeted no less than ten financial institutions with some inside Malaysia and Armenia although the majority is inside Russia. This is unlike Russian cyber-criminals who usually spare attacking domestic targets.

Like Carbanak, first victims of Silence are duped with spoofed electronic mails that enable the hackers to gain entry inside the network. The hackers then hang around for as long as it needs them to get all the information for striking attack and stealing huge amounts of funds.

The spoofed e-mails are highly personalized to craft them as spear-phishing e-mails. Kaspersky researchers point out that the hackers had previously attacked to infect banking infrastructure so they could dispatch the malicious messages via the ids belonging to genuine bank employees thus making the e-mails appear inconspicuous while trapping the victims.

The Carbanak gang too was the discovery of Kaspersky Lab back during 2015. According to a particular report then, the infamous hackers managed filching a maximum of $1 billion from over a hundred banks globally.

The post Hackers #Attack Global #Banks with Just Found ‘Silence’ #Banking #Trojan appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Half of #Japanese banks attacked by #hackers

Source: National Cyber Security – Produced By Gregory Evans

Half of #Japanese banks attacked by #hackers

Slightly over half of Japanese financial institutions have been exposed to cyberattack since 2015, according to a survey by the Bank of Japan (BOJ).

The central bank said on Monday (Oct 16) that 51 per cent of the 411 respondents had been attacked by hackers, with 10.9 per cent saying that their operations were affected as a result, Kyodo News reported.

The findings were from a survey conducted by BOJ in April on megabanks, local banks, as well as trust banks and credit associations, according to Nikkei Asian Review.

Of the institutions polled, 9.7 per cent said they suffered minor impact from a cyberattack, while 1.2 per cent said noted “significant fallout”, Nikkei reported.

The attacks ranged from viruses sent via e-mail, ransomware that threatened to wipe out infected computers’ data unless money is paid, to malware that rendered an institution’s website inaccessible, said Nikkei.

The survey also found that larger banks were more prone to attacks.

While a majority (85.4 per cent) of the financial institutions surveyed felt that the danger of cyberattack is increasing, three in five said they do not have enough manpower to deal with cyberattacks, Kyodo reported, quoting BOJ.

Still, spending in cybersecurity at the financial institutions has increased.

Banks in Japan are spending an average of 178 million yen (S$2 million) on cybersecurity in the current fiscal year ending March – a 60 per cent increase from the 2015 fiscal year, Kyodo reported.

While the Japanese banking industry has so far avoided a major cyberattack such as a serious information leak, “the scope of cyberattacks has spread rapidly over the past year or two to another level”, said Mr Keisuke Kamata, managing director of Financials ISAC Japan, which supports financial institutions’ cybersecurity efforts, according to Nikkei.

It is, therefore, vital that Japanese banks create systems that allow them to adapt quickly and efficiently to the ever-changing modes of attack, Mr Kamata added.

The survey was BOJ’s first on cybersecurity targeting financial institutions with accounts at the central bank, according to Nikkei. Next, the BOJ hopes to conduct in-depth discussions on cyberdefence with the institutions.


The post Half of #Japanese banks attacked by #hackers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybercrime proliferates against banks, other businesses

Keep employees off the Internet and have workers avoid clicking on any attachment or link in an email. Those are the only sure ways to avoid cyberattacks, according to three experts who spoke today at the North Bay Business Journal’s conference on cybersecurity in Rohnert Park. Maybe it sounds severe… View full post on National Cyber Security Ventures

Cyber attacks: clear and present danger for banks

Source: National Cyber Security – Produced By Gregory Evans

Banks as well as governments make tempting targets for cyber warriors, whether they are individuals or state actors. The number and sophistication of attacks will grow and become increasingly difficult to counter. While cyber attacks by Russia are prominent in the news, that country is not alone in excelling at…

The post Cyber attacks: clear and present danger for banks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures