The 21st Century Bank Job

7,153 views
6,412 views

Published on

presented at IDSecConf2010 (Indonesia Security Conference 2010).

1 Comment
7 Likes
Statistics
Notes
No Downloads
Views
Total views
7,153
On SlideShare
0
From Embeds
0
Number of Embeds
113
Actions
Shares
0
Downloads
230
Comments
1
Likes
7
Embeds 0
No embeds

No notes for slide

The 21st Century Bank Job

  1. THE 21 ST CENTURY BANK JOB @GEOVEDI
  2. EVER THOUGHT ABOUT ROBBING A BANK?
  3. JOHN DILLINGER KUSNI KASDUT OLD SCHOOL
  4. HACKING A BANK IS EASY ..OR MAYBE NOT!!
  5. CASE STUDIES MODERN BANK JOBS
  6. CREDIT CARD FRAUD
  7. ATM SKIMMING
  8. SOCIAL ENGINEERING
  9. WHY TARGETING THE USERS? & IT’S EASIER THEY ARE CLUELESS [MOST OF THE TIME]
  10. HOW ABOUT HACKING?
  11. Swordfish (2001)
  12. INSIDE THE BANK’S IT SYSTEM
  13. TRADE FINANCE TREASURY DATA WAREHOUSING REMITTANCE ANTI MONEY LAUNDRING CRM CORE ATM SWITCH COLLECTION SYSTEM INTERNET BANKING MOBILE BANKING ISLAMIC BANKING CARD MANAGEMENT
  14. EMPLOYEES MANAGEMENT VENDORS NETWORK OF TRUST GOVERNMENT CUSTOMERS
  15. STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT
  16. COMMON PROBLEMS PEOPLE PROBLEMS SYSTEM PROBLEMS WEAK PASSWORDS OUTDATED SYSTEMS LACK OF AWARENESS INSECURE CONFIGURATIONS LACK OF SKILLS INSECURE PROTOCOLS
  17. MANAGEMENT PROBLEMS
  18. MERCHANTS
  19. ATM COMPROMISE
  20. WTFKTHXBYE
  21. WHO’S RESPONSIBLE?
  22. SECURITY RESPONSIBILITY BANK SIBLE BANK SIBLE RE SPON RESPON SIBLE RESPON CUSTOMER CUSTOMER According to Customer According to Bank
  23. BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL
  24. ENCRYPTION
  25. TWO-FACTOR AUTHENTICATIONS
  26. TWO-FACTOR AUTHENTICATIONS
  27. REGULATION COMPLIANCE
  28. REGULAR SECURITY ASSESSMENT
  29. WHAT’S NEXT?
  30. WHAT’S NEXT?
  31. THANKS!
  32. CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/ • [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/
  33. @GEOVEDI CHECKOUT: http://slideshare.net/geovedi

×