The 21st Century Bank Job
Upcoming SlideShare
Loading in...5
×
 

The 21st Century Bank Job

on

  • 4,068 views

presented on IDSecConf2010 — Indonesia Security Conference 2010.

presented on IDSecConf2010 — Indonesia Security Conference 2010.

Statistics

Views

Total Views
4,068
Views on SlideShare
3,983
Embed Views
85

Actions

Likes
7
Downloads
199
Comments
1

6 Embeds 85

http://nakedtokyo.typepad.com 63
http://www.linkedin.com 15
https://www.linkedin.com 3
http://static.slidesharecdn.com 2
http://aberuni.blogspot.com 1
http://translate.googleusercontent.com 1

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

The 21st Century Bank Job The 21st Century Bank Job Presentation Transcript

  • THE 21 ST CENTURY BANK JOB @GEOVEDI
  • EVER THOUGHT ABOUT ROBBING A BANK?
  • JOHN DILLINGER KUSNI KASDUT OLD SCHOOL
  • HACKING A BANK IS EASY ..OR MAYBE NOT!!
  • CASE STUDIES MODERN BANK JOBS
  • CREDIT CARD FRAUD
  • ATM SKIMMING
  • SOCIAL ENGINEERING
  • WHY TARGETING THE USERS? & IT’S EASIER THEY ARE CLUELESS [MOST OF THE TIME]
  • HOW ABOUT HACKING?
  • Swordfish (2001)
  • INSIDE THE BANK’S IT SYSTEM
  • TRADE FINANCE TREASURY DATA WAREHOUSING REMITTANCE ANTI MONEY LAUNDRING CRM CORE ATM SWITCH COLLECTION SYSTEM INTERNET BANKING MOBILE BANKING ISLAMIC BANKING CARD MANAGEMENT
  • EMPLOYEES MANAGEMENT VENDORS NETWORK OF TRUST GOVERNMENT CUSTOMERS
  • STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT
  • COMMON PROBLEMS PEOPLE PROBLEMS SYSTEM PROBLEMS WEAK PASSWORDS OUTDATED SYSTEMS LACK OF AWARENESS INSECURE CONFIGURATIONS LACK OF SKILLS INSECURE PROTOCOLS
  • MANAGEMENT PROBLEMS
  • MERCHANTS
  • ATM COMPROMISE
  • WTFKTHXBYE
  • WHO’S RESPONSIBLE?
  • SECURITY RESPONSIBILITY BANK SIBLE BANK SIBLE RE SPON RESPON SIBLE RESPON CUSTOMER CUSTOMER According to Customer According to Bank
  • BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL
  • ENCRYPTION
  • TWO-FACTOR AUTHENTICATIONS
  • TWO-FACTOR AUTHENTICATIONS
  • REGULATION COMPLIANCE
  • REGULAR SECURITY ASSESSMENT
  • WHAT’S NEXT?
  • WHAT’S NEXT?
  • THANKS!
  • CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/ • [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/
  • @GEOVEDI CHECKOUT: http://slideshare.net/geovedi