Your SlideShare is downloading. ×
The 21st Century Bank Job
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

The 21st Century Bank Job

3,784
views

Published on

presented at IDSecConf2010 (Indonesia Security Conference 2010). …

presented at IDSecConf2010 (Indonesia Security Conference 2010).


1 Comment
7 Likes
Statistics
Notes
No Downloads
Views
Total Views
3,784
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
203
Comments
1
Likes
7
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. THE 21 ST CENTURY BANK JOB @GEOVEDI
  • 2. EVER THOUGHT ABOUT ROBBING A BANK?
  • 3. JOHN DILLINGER KUSNI KASDUT OLD SCHOOL
  • 4. HACKING A BANK IS EASY ..OR MAYBE NOT!!
  • 5. CASE STUDIES MODERN BANK JOBS
  • 6. CREDIT CARD FRAUD
  • 7. ATM SKIMMING
  • 8. SOCIAL ENGINEERING
  • 9. WHY TARGETING THE USERS? & IT’S EASIER THEY ARE CLUELESS [MOST OF THE TIME]
  • 10. HOW ABOUT HACKING?
  • 11. Swordfish (2001)
  • 12. INSIDE THE BANK’S IT SYSTEM
  • 13. TRADE FINANCE TREASURY DATA WAREHOUSING REMITTANCE ANTI MONEY LAUNDRING CRM CORE ATM SWITCH COLLECTION SYSTEM INTERNET BANKING MOBILE BANKING ISLAMIC BANKING CARD MANAGEMENT
  • 14. EMPLOYEES MANAGEMENT VENDORS NETWORK OF TRUST GOVERNMENT CUSTOMERS
  • 15. STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT
  • 16. COMMON PROBLEMS PEOPLE PROBLEMS SYSTEM PROBLEMS WEAK PASSWORDS OUTDATED SYSTEMS LACK OF AWARENESS INSECURE CONFIGURATIONS LACK OF SKILLS INSECURE PROTOCOLS
  • 17. MANAGEMENT PROBLEMS
  • 18. MERCHANTS
  • 19. ATM COMPROMISE
  • 20. WTFKTHXBYE
  • 21. WHO’S RESPONSIBLE?
  • 22. SECURITY RESPONSIBILITY BANK SIBLE BANK SIBLE RE SPON RESPON SIBLE RESPON CUSTOMER CUSTOMER According to Customer According to Bank
  • 23. BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL
  • 24. ENCRYPTION
  • 25. TWO-FACTOR AUTHENTICATIONS
  • 26. TWO-FACTOR AUTHENTICATIONS
  • 27. REGULATION COMPLIANCE
  • 28. REGULAR SECURITY ASSESSMENT
  • 29. WHAT’S NEXT?
  • 30. WHAT’S NEXT?
  • 31. THANKS!
  • 32. CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/ • [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/
  • 33. @GEOVEDI CHECKOUT: http://slideshare.net/geovedi