Your SlideShare is downloading. ×
The 21st Century Bank Job
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

The 21st Century Bank Job

3,810
views

Published on

presented at IDSecConf2010 (Indonesia Security Conference 2010). …

presented at IDSecConf2010 (Indonesia Security Conference 2010).


1 Comment
7 Likes
Statistics
Notes
No Downloads
Views
Total Views
3,810
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
204
Comments
1
Likes
7
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. THE 21 ST CENTURY BANK JOB @GEOVEDI
  • 2. EVER THOUGHT ABOUT ROBBING A BANK?
  • 3. JOHN DILLINGER KUSNI KASDUT OLD SCHOOL
  • 4. HACKING A BANK IS EASY ..OR MAYBE NOT!!
  • 5. CASE STUDIES MODERN BANK JOBS
  • 6. CREDIT CARD FRAUD
  • 7. ATM SKIMMING
  • 8. SOCIAL ENGINEERING
  • 9. WHY TARGETING THE USERS? & IT’S EASIER THEY ARE CLUELESS [MOST OF THE TIME]
  • 10. HOW ABOUT HACKING?
  • 11. Swordfish (2001)
  • 12. INSIDE THE BANK’S IT SYSTEM
  • 13. TRADE FINANCE TREASURY DATA WAREHOUSING REMITTANCE ANTI MONEY LAUNDRING CRM CORE ATM SWITCH COLLECTION SYSTEM INTERNET BANKING MOBILE BANKING ISLAMIC BANKING CARD MANAGEMENT
  • 14. EMPLOYEES MANAGEMENT VENDORS NETWORK OF TRUST GOVERNMENT CUSTOMERS
  • 15. STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT
  • 16. COMMON PROBLEMS PEOPLE PROBLEMS SYSTEM PROBLEMS WEAK PASSWORDS OUTDATED SYSTEMS LACK OF AWARENESS INSECURE CONFIGURATIONS LACK OF SKILLS INSECURE PROTOCOLS
  • 17. MANAGEMENT PROBLEMS
  • 18. MERCHANTS
  • 19. ATM COMPROMISE
  • 20. WTFKTHXBYE
  • 21. WHO’S RESPONSIBLE?
  • 22. SECURITY RESPONSIBILITY BANK SIBLE BANK SIBLE RE SPON RESPON SIBLE RESPON CUSTOMER CUSTOMER According to Customer According to Bank
  • 23. BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL
  • 24. ENCRYPTION
  • 25. TWO-FACTOR AUTHENTICATIONS
  • 26. TWO-FACTOR AUTHENTICATIONS
  • 27. REGULATION COMPLIANCE
  • 28. REGULAR SECURITY ASSESSMENT
  • 29. WHAT’S NEXT?
  • 30. WHAT’S NEXT?
  • 31. THANKS!
  • 32. CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/ • [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/
  • 33. @GEOVEDI CHECKOUT: http://slideshare.net/geovedi