Here’s a news story offering a reminder of the huge financial damage lax IT security can cause.
The South African Postbank recently had $5.2 million easily stolen by cybercriminals over a 72-hour period.
No masks, handguns or stick-ups were required for this heist. The robbers merely opened accounts at the bank, then hacked into an employee’s computer and used stolen credentials to transfer millions to the new accounts, MSNBC reports.
After the transfers were made, they just went to ATMs across the country — over the three-day holiday weekend when they had a lower chance of being noticed — and withdrew the cash.
Criticism is being directed at the bank’s poor IT and its lack of security protections. While it’s not yet clear exactly how the criminals stole the credentials to infiltrate the bank’s network, some observers have suggested the problem may have started with giving low-level employees greater access privileges than were needed.