SlideShare a Scribd company logo

08 notable-security-incidents-in-the-finance-sector

I
innov-acts-ltd

Notorious Security Incidents in the Finance Sector

Economy & Finance
1 of 17
Download to read offline
1H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY INNOV-ACTS, Limited H2020 FINSEC Project The FINSEC project is co-funded from the European Union’s Horizon 2020 programme under grant Agreement No 786727 Notable Recent Cybersecurity Incidents in the Finance Sector 21/04/2020
2H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Bangladesh Bank cyber heist (source: Wikipedia) Among the biggest cyber heist in history Fraudsters intruded SWIFT network Initial transfer was US $1 billion to Federal reserve bank of New York out of which $850 million were blocked Five of the thirty-five fraudulent instructions were successful in transferring $101 million, with $20 million traced to Sri Lanka and $81 million to Philippines. SWIFT Alliance Access software manipulation Happened sometime between February 4–5 when Bangladesh Bank's offices were closed. 4/21/2020
3H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Dridex take down operation and revival Dridex is a banking malware that has been seen most active between late 2015 and early 2016 At Oct 2015 UK’s National Crime Agency (NCA) in cooperation with Federal Bureau of Investigation (FBI) and Europol coordinated a take-down activity by ‘sinkholing’ infected computers’ traffic Before this operation there was an £20m of estimated losses in the UK alone (source: Europol) The cybercriminals were believed to be based in Eastern Europe and target end users via documents delivered by e-mail addresses that seem legitimate Despite its declined activity, Dridex malware continue to evolve and remains a serious threat to end-users of financial services 4/21/2020
4H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Volusion case Volusion is a company that provides e-commerce software and marketing and web design services to SME’s At October 9, 2019, Check Point security researcher Marcel Afrahim discovered that a malicious JavaScript file was injected in the checkout page of e-commerce sites to extract credit card information The attackers used Typosquatting and code injection (source: Zdnet) March 19, 2020 “Fraudsters have currently generated $1.6 million USD in revenue from these stolen payment cards, with the breach potentially exposing up to 20 million records.” Experts believe that cybercriminals operating under the moniker “Magecart” are behind this attack
5H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Bank of Valletta February 2019 various news outlets reported the hack of Bank of Valletta (BOV), one of Malta's biggest banks The hack took place on February 13, 2019. Using malware planted on the bank's internal servers, hackers transfered €13 million ($14.7 million) from the bank's internal systems to accounts in the UK, the US, the Czech Republic, and Hong Kong Security analysts believe that EmpireMonkey cybercrime group is believed to be behind this attack A number of accounts were used to receive those funds, one of them was in the UK and was held in Belfast. Around £800,000 was transferred. Attackers used macros to copy wscript.exe to another file 4/21/2020
6H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY ECB bring down reporting dictionary ECB discovered that Banks’ Integrated Reporting Dictionary (BIRD) website 15 August 2019 was breached (source: ECB - https://www.ecb.europa.eu/press/pr/date/2019/html/ecb.pr190815~b1662300c5.en.html) The breach was discovered after routine maintenance As a result, it was possible that the contact data (but not the passwords) of 481 subscribers to the BIRD newsletter may have been captured. The affected information consists of the email addresses, names and position titles of the subscribers. Attacker can use this data for further activities (conduct spear phishing attacks to high rank officials, management staff) 4/21/2020
7H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Binance Security Breach (Source: Company’s own website) Binance is a cryptocurrency exchange headquartered in Malta with significant presence in Asia The company disclosed the security breach on May 7, 2019 The hackers were able to withdraw 7000 BTC, worth worth nearly $41 million at the time of the incident Binance said hackers used various techniques --such as "phishing, viruses and other attacks"-- to gain access to user accounts, including "API keys, 2FA codes, and potentially other info." As a result, the cryptocurrency exchange had to suspend operations The company said it will compensate affected customers through its Secure Asset Fund for Users (SAFU) 4/21/2020
8H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Edenred Payment Solutions malware incident Edenred Payment Solutions is a French company specialized in prepaid corporate services (known for its Ticket Restaurant offering) The company disclosed that it detected malware in its IT infrastructure on 21 November 2019 (source: Edenred) Edenred was able to put back its systems into service on 23 November 2019 The company notified the authorities There is no indication of theft of personal data which would have a significant impact given that the company operates in 46 countries and managed 2.5 billion transactions in 2018 4/21/2020
9H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Sberbank Data Leak Sberbank is the largest bank in Russia operating in Russia, Europe and at many post-Soviet countries. The bank reported a possible data breach in 2 October 2019. The event was reported by popular news outlets as well Personal information of up to 60 million credit card holders were leaked in an incident that is probably the largest data leak in Russian banking. The data went on sale in online black market. Reportedly snippets of 200 customers were offered to potential “customers” for testing The database was offered being offered per line for 5 Russian Ruble (US$0.076) or in total 300 million rubles ($4.6 million) The bank believes that the leak can be attributed to an insider 4/21/2020
10H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY €24 MILLION CRYPTOCURRENCY THEFT On 25 June 2019, Europol announced the arrest of 6 individuals for cryptocurrency theft (source: Europol) Arrests were made after a joint operation of UK’s South West Regional Cyber Crime Unit (SW RCCU) with the Dutch police (Politie), Europol, Eurojust and the UK’s National Crime Agency (NCA) This was the result of a 14-month long investigation The theft, which targeted users’ Bitcoin tokens, is believed to have affected at least 4 000 victims in 12 countries Cybercriminals used typosquatting to spoof a well-known online cryptocurrency exchange to gain access to victims’ Bitcoin wallets 4/21/2020
11H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY GozNym Gang Arrested On May 16, 2019, Europol, the U.S. Department of Justice (DoJ), and six other countries, dismantled a group of international cyber criminals that is associated with GozNym malware The gang used GozNym malware to steal an estimated $100 million from 41000 victims and their financial institutions GozNym is a hybrid banking malware designed to capture victims’ online banking login credentials. It has been used since 2016 to target Polish, German and U.S. online banking The international operation included searches in Bulgaria, Georgia, Moldova and Ukraine. This led to criminal prosecutions in Georgia, Moldova, Ukraine and the United States. 4/21/2020
12H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Retefe: a 5 year long banking malware Retefe is a special banking malware that has been seen active between 2014 and 2019 It is a special piece of banking malware that is primarily targeting German, Swiss and Austrian individuals It has been initially discovered in 2014 by Trend Micro The malware operators used advanced methods to redirect users to spoofed internet banking sites in order to steal banking credentials Over the course of time, the malware has evolved from using proxies to Tor network and stunnel (secure tunneling) to redirect users in spoofed sites to achieve its illicit perposes 4/21/2020
13H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Metro bank (UK) hit by cyber attack On January 31, 2019 news outlets reported a cyber attack against Metro bank PLC in UK Sophisticated hackers exploited a flaw in SS7, a signaling protocol for telecom operators. They were able to intercept sms text that was used in 2-factor authentication (2FA) in e-banking This exploitation gave them the ability to perform banking transactions protected by 2FA The bank officials said that a small number of customers were affected As a result the bank’s risky assets raised by $900 million 4/21/2020
14H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Evercore security breach Various news outlets reported the security breach on Evercore (source: The Times) Evercore investment bank, headquartered in New York with a global presence was reportedly hacked in November 2018 The hack was the outcome of a successful phishing attack to one of the bank’s junior administrator in London The hackers got access to the administrator’s inbox and reportedly extracked 160.000 data objects like sensitive documents, invitations and emails Sources close to Evercore said there is no evidence of data misuse out of this hack 4/21/2020
15H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Cobalt group activity Cobalt is a cybergang targeting financial institutions (e-payment systems, ATMs, SWIFT) since at least 2013 The group mainly targets banks in Eastern Europe, Central Asia, and Southeast Asia Cobalt is likely associated with Carbanak remote backdoor Banks in more than 40 countries have been allegedly attacked by Cobalt group and the overall losses are estimated to be above EUR 1 billion (Source: Europol) The leader of the cybergang was arrested in March 2018 following an international operation between Europol, US FBI, the Romanian, Moldovan, Belarussian, Taiwanese and Spanish authorities 4/21/2020
16H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY DarkVishnya: Eight banks hacked in Eastern Europe According to Kaspersky, at least 8 banks were hacked from the inside between 2017 and 2018 The attacks, nicknamed DarkVishnya were executed with the use of inexpensive netbooks, Raspberry Pi and Bash Bunny Attackers didn’t use any of the traditional delivery methods like phishing emails. Instead a visitor pretending to be a courier or a job seeker connected the device to the banks’ network The device offers remote access to the attackers via e.g. a 3G/LTE modem This type of attacks are difficult to detect because there is no infection in the banks IT equipment 4/21/2020
17H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Lessons learned The increased use of e-transactions in today’s finance leads to more opportunities for cybercriminals Organized cybercrime gangs are difficult to dismantle as often the developed malware will be re-used by new cybergangs Law enforcement operations need international cooperation as often cybergangs are setup worldwide and rely on remote hacked infrastructure for their activities Cybercriminals utilize different techniques to evade detection They evolve their modus operanti in accordance to current IT trends 4/21/2020

Recommended

08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sectorChristos Laganas
 
Insecure mag-33
Insecure mag-33Insecure mag-33
Insecure mag-33cheinyeanlim
 
The Current State of Cybercrime 2014
The Current State of Cybercrime 2014The Current State of Cybercrime 2014
The Current State of Cybercrime 2014EMC
 
Viet bankhacked ft
Viet bankhacked ftViet bankhacked ft
Viet bankhacked ftsonninhpt
 
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki... Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...ArielMcCurdy
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & careerAmit Kumar
 
Data protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsData protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsUlf Mattsson
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report- Mark - Fullbright
 

Recommended

08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sectorChristos Laganas
 
Insecure mag-33
Insecure mag-33Insecure mag-33
Insecure mag-33cheinyeanlim
 
The Current State of Cybercrime 2014
The Current State of Cybercrime 2014The Current State of Cybercrime 2014
The Current State of Cybercrime 2014EMC
 
Viet bankhacked ft
Viet bankhacked ftViet bankhacked ft
Viet bankhacked ftsonninhpt
 
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki... Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...ArielMcCurdy
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & careerAmit Kumar
 
Data protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsData protection on premises, and in public and private clouds
Data protection on premises, and in public and private cloudsUlf Mattsson
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report- Mark - Fullbright
 
MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018Match-Maker Ventures
 
Anatomy of a spear phishing attack
Anatomy of a spear phishing attackAnatomy of a spear phishing attack
Anatomy of a spear phishing attackMark Mair
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1Sohail Gohir
 
Protecting Data Privacy
Protecting Data PrivacyProtecting Data Privacy
Protecting Data PrivacyDirectorate of Information Security | Ditjen Aptika
 
Ce hv8 module 19 cryptography
Ce hv8 module 19 cryptographyCe hv8 module 19 cryptography
Ce hv8 module 19 cryptographyMehrdad Jingoism
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyChukwunonso Okoro, CFE, CAMS, CRISC
 
Ssp fraud risk vulnerablity in ebanking
Ssp fraud risk vulnerablity in ebanking Ssp fraud risk vulnerablity in ebanking
Ssp fraud risk vulnerablity in ebanking sathyananda prabhu
 
Cybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryCybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryAmmar WK
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Reportcheinyeanlim
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?Spire Research and Consulting
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Roen Branham
 
Blockchain Decentralized Identifier (DID) Innovation Insights from Patents
Blockchain Decentralized Identifier (DID) Innovation Insights from PatentsBlockchain Decentralized Identifier (DID) Innovation Insights from Patents
Blockchain Decentralized Identifier (DID) Innovation Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015ADISPO Asociación de directores de seguridad
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internetAlexander Decker
 
Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020Fusion Informatics
 
Cyber crime
Cyber crimeCyber crime
Cyber crimepraveen1792
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security ProtectionShawn Crimson
 
Blockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from PatentsBlockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trendsShreedeep Rayamajhi
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingIJSRED
 

More Related Content

What's hot

MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018Match-Maker Ventures
 
Anatomy of a spear phishing attack
Anatomy of a spear phishing attackAnatomy of a spear phishing attack
Anatomy of a spear phishing attackMark Mair
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1Sohail Gohir
 
Ce hv8 module 19 cryptography
Ce hv8 module 19 cryptographyCe hv8 module 19 cryptography
Ce hv8 module 19 cryptographyMehrdad Jingoism
 
Ssp fraud risk vulnerablity in ebanking
Ssp fraud risk vulnerablity in ebanking Ssp fraud risk vulnerablity in ebanking
Ssp fraud risk vulnerablity in ebanking sathyananda prabhu
 
Cybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryCybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryAmmar WK
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Reportcheinyeanlim
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Roen Branham
 
Blockchain Decentralized Identifier (DID) Innovation Insights from Patents
Blockchain Decentralized Identifier (DID) Innovation Insights from PatentsBlockchain Decentralized Identifier (DID) Innovation Insights from Patents
Blockchain Decentralized Identifier (DID) Innovation Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internetAlexander Decker
 
Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020Fusion Informatics
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security ProtectionShawn Crimson
 
Blockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from PatentsBlockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 

What's hot (20)

MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018MMV Webinar 2. GDPR Insights. January 2018
MMV Webinar 2. GDPR Insights. January 2018
 
Anatomy of a spear phishing attack
Anatomy of a spear phishing attackAnatomy of a spear phishing attack
Anatomy of a spear phishing attack
 
Rise of cyber security v0.1
Rise of cyber security v0.1Rise of cyber security v0.1
Rise of cyber security v0.1
 
Protecting Data Privacy
Protecting Data PrivacyProtecting Data Privacy
Protecting Data Privacy
 
Ce hv8 module 19 cryptography
Ce hv8 module 19 cryptographyCe hv8 module 19 cryptography
Ce hv8 module 19 cryptography
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
Ssp fraud risk vulnerablity in ebanking
Ssp fraud risk vulnerablity in ebanking Ssp fraud risk vulnerablity in ebanking
Ssp fraud risk vulnerablity in ebanking
 
Cybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industryCybercrime: A threat to Financial industry
Cybercrime: A threat to Financial industry
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Report
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021
 
Blockchain Decentralized Identifier (DID) Innovation Insights from Patents
Blockchain Decentralized Identifier (DID) Innovation Insights from PatentsBlockchain Decentralized Identifier (DID) Innovation Insights from Patents
Blockchain Decentralized Identifier (DID) Innovation Insights from Patents
 
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015
EUROPOL: THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2015
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internet
 
Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security Protection
 
Blockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from PatentsBlockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from Patents
 

Similar to 08 notable-security-incidents-in-the-finance-sector

Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trendsShreedeep Rayamajhi
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingIJSRED
 
INSECURE Magazine - 33
INSECURE Magazine - 33INSECURE Magazine - 33
INSECURE Magazine - 33Felipe Prado
 
Survival Guide for Million- Dollar Cyberattacks
Survival Guide for Million- Dollar Cyberattacks Survival Guide for Million- Dollar Cyberattacks
Survival Guide for Million- Dollar CyberattacksPanda Security
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyFirst Atlantic Commerce
 
2014 Cybercrime Roundup: The Year of the POS Breach
2014 Cybercrime Roundup: The Year of the POS Breach2014 Cybercrime Roundup: The Year of the POS Breach
2014 Cybercrime Roundup: The Year of the POS BreachEMC
 
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxCase in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxcowinhelen
 
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)Kate Dalakova
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Tech and Law Center
 
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Dr. Amarjeet Singh
 
ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019- Mark - Fullbright
 
The financial sector under siege from vicious banking malware @ReveeliumBlog
The financial sector under siege from vicious banking malware @ReveeliumBlogThe financial sector under siege from vicious banking malware @ReveeliumBlog
The financial sector under siege from vicious banking malware @ReveeliumBlogITrust - Cybersecurity as a Service
 
RSA Monthly Online Fraud Report - June 2013
RSA Monthly Online Fraud Report - June 2013RSA Monthly Online Fraud Report - June 2013
RSA Monthly Online Fraud Report - June 2013EMC
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...Hafizah Jupri
 
Detecting phishing websites using associative classification (2)
Detecting phishing websites using associative classification (2)Detecting phishing websites using associative classification (2)
Detecting phishing websites using associative classification (2)Alexander Decker
 
The Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxThe Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxhelen23456789
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxbkbk37
 

Similar to 08 notable-security-incidents-in-the-finance-sector (20)

Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in Banking
 
INSECURE Magazine - 33
INSECURE Magazine - 33INSECURE Magazine - 33
INSECURE Magazine - 33
 
Survival Guide for Million- Dollar Cyberattacks
Survival Guide for Million- Dollar Cyberattacks Survival Guide for Million- Dollar Cyberattacks
Survival Guide for Million- Dollar Cyberattacks
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your Enemy
 
Top 5 cyber crimes of 2014
Top 5 cyber crimes of 2014Top 5 cyber crimes of 2014
Top 5 cyber crimes of 2014
 
2014 Cybercrime Roundup: The Year of the POS Breach
2014 Cybercrime Roundup: The Year of the POS Breach2014 Cybercrime Roundup: The Year of the POS Breach
2014 Cybercrime Roundup: The Year of the POS Breach
 
Cyber crime in Pakistan
Cyber crime in PakistanCyber crime in Pakistan
Cyber crime in Pakistan
 
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docxCase in PointInaction Caused Costly Hacking At Large Retailer.docx
Case in PointInaction Caused Costly Hacking At Large Retailer.docx
 
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
2019 06-05-dalakova-kateryna-mkm-mmt-pov-assignment (1)
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
 
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
Mitigating Cyber-Threat in the Financial Industry of Bangladesh using Biometr...
 
ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019ISTR Internet Security Threat Report 2019
ISTR Internet Security Threat Report 2019
 
The financial sector under siege from vicious banking malware @ReveeliumBlog
The financial sector under siege from vicious banking malware @ReveeliumBlogThe financial sector under siege from vicious banking malware @ReveeliumBlog
The financial sector under siege from vicious banking malware @ReveeliumBlog
 
RSA Monthly Online Fraud Report - June 2013
RSA Monthly Online Fraud Report - June 2013RSA Monthly Online Fraud Report - June 2013
RSA Monthly Online Fraud Report - June 2013
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response Planning
 
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
Issues and ethics in finance (fin 657) - How hackers steal $81 million in Ban...
 
Detecting phishing websites using associative classification (2)
Detecting phishing websites using associative classification (2)Detecting phishing websites using associative classification (2)
Detecting phishing websites using associative classification (2)
 
The Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docxThe Real Threat of CyberattacksEmmanuel .docx
The Real Threat of CyberattacksEmmanuel .docx
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docx
 

More from innov-acts-ltd

H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020innov-acts-ltd
 
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820innov-acts-ltd
 
12 ai-digital-finance-overview
12 ai-digital-finance-overview12 ai-digital-finance-overview
12 ai-digital-finance-overviewinnov-acts-ltd
 
11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sectorinnov-acts-ltd
 
10 the-finstix-data-model
10 the-finstix-data-model10 the-finstix-data-model
10 the-finstix-data-modelinnov-acts-ltd
 
09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharinginnov-acts-ltd
 
07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems 07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems innov-acts-ltd
 
06 digitalization-in-finance
06 digitalization-in-finance06 digitalization-in-finance
06 digitalization-in-financeinnov-acts-ltd
 
05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on financeinnov-acts-ltd
 
04 regulations-impact-on-finance-sector
04 regulations-impact-on-finance-sector04 regulations-impact-on-finance-sector
04 regulations-impact-on-finance-sectorinnov-acts-ltd
 
03 regulatory landscape&regtech
03 regulatory landscape&regtech03 regulatory landscape&regtech
03 regulatory landscape&regtechinnov-acts-ltd
 
02 the-fin tech-revolution
02 the-fin tech-revolution02 the-fin tech-revolution
02 the-fin tech-revolutioninnov-acts-ltd
 
01 introduction-to-digital-finance
01 introduction-to-digital-finance01 introduction-to-digital-finance
01 introduction-to-digital-financeinnov-acts-ltd
 
Finsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webFinsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webinnov-acts-ltd
 

More from innov-acts-ltd (14)

H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
H2020 finsec-ort-webinar-ml-dl-cybersecurity-july 2020
 
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
 
12 ai-digital-finance-overview
12 ai-digital-finance-overview12 ai-digital-finance-overview
12 ai-digital-finance-overview
 
11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector11 eu-institution-studies-regulation-finance-sector
11 eu-institution-studies-regulation-finance-sector
 
10 the-finstix-data-model
10 the-finstix-data-model10 the-finstix-data-model
10 the-finstix-data-model
 
09 blockchain-security-information-sharing
09 blockchain-security-information-sharing09 blockchain-security-information-sharing
09 blockchain-security-information-sharing
 
07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems 07 role of network effects and digital ecosystems
07 role of network effects and digital ecosystems
 
06 digitalization-in-finance
06 digitalization-in-finance06 digitalization-in-finance
06 digitalization-in-finance
 
05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance05 standards and general purpose regulations - impact on finance
05 standards and general purpose regulations - impact on finance
 
04 regulations-impact-on-finance-sector
04 regulations-impact-on-finance-sector04 regulations-impact-on-finance-sector
04 regulations-impact-on-finance-sector
 
03 regulatory landscape&regtech
03 regulatory landscape&regtech03 regulatory landscape&regtech
03 regulatory landscape&regtech
 
02 the-fin tech-revolution
02 the-fin tech-revolution02 the-fin tech-revolution
02 the-fin tech-revolution
 
01 introduction-to-digital-finance
01 introduction-to-digital-finance01 introduction-to-digital-finance
01 introduction-to-digital-finance
 
Finsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4webFinsec innov-acts-open banking-london080319-4web
Finsec innov-acts-open banking-london080319-4web
 

Recently uploaded

VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...dipikadinghjn ( Why You Choose Us? ) Escorts
 
The Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfThe Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfGale Pooley
 
The Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfThe Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfGale Pooley
 
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual serviceanilsa9823
 
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
The Economic History of the U.S. Lecture 26.pdf
The Economic History of the U.S. Lecture 26.pdfThe Economic History of the U.S. Lecture 26.pdf
The Economic History of the U.S. Lecture 26.pdfGale Pooley
 
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Call Girls in Nagpur High Profile
 
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Pooja Nehwal
 
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsHigh Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...dipikadinghjn ( Why You Choose Us? ) Escorts
 
The Economic History of the U.S. Lecture 23.pdf
The Economic History of the U.S. Lecture 23.pdfThe Economic History of the U.S. Lecture 23.pdf
The Economic History of the U.S. Lecture 23.pdfGale Pooley
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptxFinTech Belgium
 
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...Call Girls in Nagpur High Profile
 
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
The Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfThe Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfGale Pooley
 
Gurley shaw Theory of Monetary Economics.
Gurley shaw Theory of Monetary Economics.Gurley shaw Theory of Monetary Economics.
Gurley shaw Theory of Monetary Economics.Vinodha Devi
 
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptxFinTech Belgium
 
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...dipikadinghjn ( Why You Choose Us? ) Escorts
 
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home Delivery
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home DeliveryPooja 9892124323 : Call Girl in Juhu Escorts Service Free Home Delivery
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home DeliveryPooja Nehwal
 

Recently uploaded (20)

VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
VIP Independent Call Girls in Andheri 🌹 9920725232 ( Call Me ) Mumbai Escorts...
 
The Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdfThe Economic History of the U.S. Lecture 22.pdf
The Economic History of the U.S. Lecture 22.pdf
 
The Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdfThe Economic History of the U.S. Lecture 21.pdf
The Economic History of the U.S. Lecture 21.pdf
 
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual serviceCALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
CALL ON ➥8923113531 🔝Call Girls Gomti Nagar Lucknow best sexual service
 
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANIKA) Budhwar Peth Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
The Economic History of the U.S. Lecture 26.pdf
The Economic History of the U.S. Lecture 26.pdfThe Economic History of the U.S. Lecture 26.pdf
The Economic History of the U.S. Lecture 26.pdf
 
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
Top Rated Pune Call Girls Viman Nagar ⟟ 6297143586 ⟟ Call Me For Genuine Sex...
 
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
Independent Call Girl Number in Kurla Mumbai📲 Pooja Nehwal 9892124323 💞 Full ...
 
Veritas Interim Report 1 January–31 March 2024
Veritas Interim Report 1 January–31 March 2024Veritas Interim Report 1 January–31 March 2024
Veritas Interim Report 1 January–31 March 2024
 
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsHigh Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
High Class Call Girls Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
VIP Call Girl in Mira Road 💧 9920725232 ( Call Me ) Get A New Crush Everyday ...
 
The Economic History of the U.S. Lecture 23.pdf
The Economic History of the U.S. Lecture 23.pdfThe Economic History of the U.S. Lecture 23.pdf
The Economic History of the U.S. Lecture 23.pdf
 
03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx03_Emmanuel Ndiaye_Degroof Petercam.pptx
03_Emmanuel Ndiaye_Degroof Petercam.pptx
 
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
VVIP Pune Call Girls Katraj (7001035870) Pune Escorts Nearby with Complete Sa...
 
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Koregaon Park Call Me 7737669865 Budget Friendly No Advance Booking
 
The Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdfThe Economic History of the U.S. Lecture 17.pdf
The Economic History of the U.S. Lecture 17.pdf
 
Gurley shaw Theory of Monetary Economics.
Gurley shaw Theory of Monetary Economics.Gurley shaw Theory of Monetary Economics.
Gurley shaw Theory of Monetary Economics.
 
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
02_Fabio Colombo_Accenture_MeetupDora&Cybersecurity.pptx
 
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
VIP Call Girl Service Andheri West ⚡ 9920725232 What It Takes To Be The Best ...
 
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home Delivery
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home DeliveryPooja 9892124323 : Call Girl in Juhu Escorts Service Free Home Delivery
Pooja 9892124323 : Call Girl in Juhu Escorts Service Free Home Delivery
 

08 notable-security-incidents-in-the-finance-sector

  • 1. 1H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY INNOV-ACTS, Limited H2020 FINSEC Project The FINSEC project is co-funded from the European Union’s Horizon 2020 programme under grant Agreement No 786727 Notable Recent Cybersecurity Incidents in the Finance Sector 21/04/2020
  • 2. 2H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Bangladesh Bank cyber heist (source: Wikipedia) Among the biggest cyber heist in history Fraudsters intruded SWIFT network Initial transfer was US $1 billion to Federal reserve bank of New York out of which $850 million were blocked Five of the thirty-five fraudulent instructions were successful in transferring $101 million, with $20 million traced to Sri Lanka and $81 million to Philippines. SWIFT Alliance Access software manipulation Happened sometime between February 4–5 when Bangladesh Bank's offices were closed. 4/21/2020
  • 3. 3H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Dridex take down operation and revival Dridex is a banking malware that has been seen most active between late 2015 and early 2016 At Oct 2015 UK’s National Crime Agency (NCA) in cooperation with Federal Bureau of Investigation (FBI) and Europol coordinated a take-down activity by ‘sinkholing’ infected computers’ traffic Before this operation there was an £20m of estimated losses in the UK alone (source: Europol) The cybercriminals were believed to be based in Eastern Europe and target end users via documents delivered by e-mail addresses that seem legitimate Despite its declined activity, Dridex malware continue to evolve and remains a serious threat to end-users of financial services 4/21/2020
  • 4. 4H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Volusion case Volusion is a company that provides e-commerce software and marketing and web design services to SME’s At October 9, 2019, Check Point security researcher Marcel Afrahim discovered that a malicious JavaScript file was injected in the checkout page of e-commerce sites to extract credit card information The attackers used Typosquatting and code injection (source: Zdnet) March 19, 2020 “Fraudsters have currently generated $1.6 million USD in revenue from these stolen payment cards, with the breach potentially exposing up to 20 million records.” Experts believe that cybercriminals operating under the moniker “Magecart” are behind this attack
  • 5. 5H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Bank of Valletta February 2019 various news outlets reported the hack of Bank of Valletta (BOV), one of Malta's biggest banks The hack took place on February 13, 2019. Using malware planted on the bank's internal servers, hackers transfered €13 million ($14.7 million) from the bank's internal systems to accounts in the UK, the US, the Czech Republic, and Hong Kong Security analysts believe that EmpireMonkey cybercrime group is believed to be behind this attack A number of accounts were used to receive those funds, one of them was in the UK and was held in Belfast. Around £800,000 was transferred. Attackers used macros to copy wscript.exe to another file 4/21/2020
  • 6. 6H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY ECB bring down reporting dictionary ECB discovered that Banks’ Integrated Reporting Dictionary (BIRD) website 15 August 2019 was breached (source: ECB - https://www.ecb.europa.eu/press/pr/date/2019/html/ecb.pr190815~b1662300c5.en.html) The breach was discovered after routine maintenance As a result, it was possible that the contact data (but not the passwords) of 481 subscribers to the BIRD newsletter may have been captured. The affected information consists of the email addresses, names and position titles of the subscribers. Attacker can use this data for further activities (conduct spear phishing attacks to high rank officials, management staff) 4/21/2020
  • 7. 7H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Binance Security Breach (Source: Company’s own website) Binance is a cryptocurrency exchange headquartered in Malta with significant presence in Asia The company disclosed the security breach on May 7, 2019 The hackers were able to withdraw 7000 BTC, worth worth nearly $41 million at the time of the incident Binance said hackers used various techniques --such as "phishing, viruses and other attacks"-- to gain access to user accounts, including "API keys, 2FA codes, and potentially other info." As a result, the cryptocurrency exchange had to suspend operations The company said it will compensate affected customers through its Secure Asset Fund for Users (SAFU) 4/21/2020
  • 8. 8H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Edenred Payment Solutions malware incident Edenred Payment Solutions is a French company specialized in prepaid corporate services (known for its Ticket Restaurant offering) The company disclosed that it detected malware in its IT infrastructure on 21 November 2019 (source: Edenred) Edenred was able to put back its systems into service on 23 November 2019 The company notified the authorities There is no indication of theft of personal data which would have a significant impact given that the company operates in 46 countries and managed 2.5 billion transactions in 2018 4/21/2020
  • 9. 9H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Sberbank Data Leak Sberbank is the largest bank in Russia operating in Russia, Europe and at many post-Soviet countries. The bank reported a possible data breach in 2 October 2019. The event was reported by popular news outlets as well Personal information of up to 60 million credit card holders were leaked in an incident that is probably the largest data leak in Russian banking. The data went on sale in online black market. Reportedly snippets of 200 customers were offered to potential “customers” for testing The database was offered being offered per line for 5 Russian Ruble (US$0.076) or in total 300 million rubles ($4.6 million) The bank believes that the leak can be attributed to an insider 4/21/2020
  • 10. 10H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY €24 MILLION CRYPTOCURRENCY THEFT On 25 June 2019, Europol announced the arrest of 6 individuals for cryptocurrency theft (source: Europol) Arrests were made after a joint operation of UK’s South West Regional Cyber Crime Unit (SW RCCU) with the Dutch police (Politie), Europol, Eurojust and the UK’s National Crime Agency (NCA) This was the result of a 14-month long investigation The theft, which targeted users’ Bitcoin tokens, is believed to have affected at least 4 000 victims in 12 countries Cybercriminals used typosquatting to spoof a well-known online cryptocurrency exchange to gain access to victims’ Bitcoin wallets 4/21/2020
  • 11. 11H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY GozNym Gang Arrested On May 16, 2019, Europol, the U.S. Department of Justice (DoJ), and six other countries, dismantled a group of international cyber criminals that is associated with GozNym malware The gang used GozNym malware to steal an estimated $100 million from 41000 victims and their financial institutions GozNym is a hybrid banking malware designed to capture victims’ online banking login credentials. It has been used since 2016 to target Polish, German and U.S. online banking The international operation included searches in Bulgaria, Georgia, Moldova and Ukraine. This led to criminal prosecutions in Georgia, Moldova, Ukraine and the United States. 4/21/2020
  • 12. 12H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Retefe: a 5 year long banking malware Retefe is a special banking malware that has been seen active between 2014 and 2019 It is a special piece of banking malware that is primarily targeting German, Swiss and Austrian individuals It has been initially discovered in 2014 by Trend Micro The malware operators used advanced methods to redirect users to spoofed internet banking sites in order to steal banking credentials Over the course of time, the malware has evolved from using proxies to Tor network and stunnel (secure tunneling) to redirect users in spoofed sites to achieve its illicit perposes 4/21/2020
  • 13. 13H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Metro bank (UK) hit by cyber attack On January 31, 2019 news outlets reported a cyber attack against Metro bank PLC in UK Sophisticated hackers exploited a flaw in SS7, a signaling protocol for telecom operators. They were able to intercept sms text that was used in 2-factor authentication (2FA) in e-banking This exploitation gave them the ability to perform banking transactions protected by 2FA The bank officials said that a small number of customers were affected As a result the bank’s risky assets raised by $900 million 4/21/2020
  • 14. 14H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY The Evercore security breach Various news outlets reported the security breach on Evercore (source: The Times) Evercore investment bank, headquartered in New York with a global presence was reportedly hacked in November 2018 The hack was the outcome of a successful phishing attack to one of the bank’s junior administrator in London The hackers got access to the administrator’s inbox and reportedly extracked 160.000 data objects like sensitive documents, invitations and emails Sources close to Evercore said there is no evidence of data misuse out of this hack 4/21/2020
  • 15. 15H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Cobalt group activity Cobalt is a cybergang targeting financial institutions (e-payment systems, ATMs, SWIFT) since at least 2013 The group mainly targets banks in Eastern Europe, Central Asia, and Southeast Asia Cobalt is likely associated with Carbanak remote backdoor Banks in more than 40 countries have been allegedly attacked by Cobalt group and the overall losses are estimated to be above EUR 1 billion (Source: Europol) The leader of the cybergang was arrested in March 2018 following an international operation between Europol, US FBI, the Romanian, Moldovan, Belarussian, Taiwanese and Spanish authorities 4/21/2020
  • 16. 16H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY DarkVishnya: Eight banks hacked in Eastern Europe According to Kaspersky, at least 8 banks were hacked from the inside between 2017 and 2018 The attacks, nicknamed DarkVishnya were executed with the use of inexpensive netbooks, Raspberry Pi and Bash Bunny Attackers didn’t use any of the traditional delivery methods like phishing emails. Instead a visitor pretending to be a courier or a job seeker connected the device to the banks’ network The device offers remote access to the attackers via e.g. a 3G/LTE modem This type of attacks are difficult to detect because there is no infection in the banks IT equipment 4/21/2020
  • 17. 17H2020 FINSEC – DIGITAL FINANCE ACADEMY FOR SECURITY Lessons learned The increased use of e-transactions in today’s finance leads to more opportunities for cybercriminals Organized cybercrime gangs are difficult to dismantle as often the developed malware will be re-used by new cybergangs Law enforcement operations need international cooperation as often cybergangs are setup worldwide and rely on remote hacked infrastructure for their activities Cybercriminals utilize different techniques to evade detection They evolve their modus operanti in accordance to current IT trends 4/21/2020