Multiple banks slammed by hackers: Key lessons learned

When Kaspersky unveiled a major cyberattack that hit several banks for almost a billion dollars, there were several parts of the announcement that intrigued cybersecurity experts and businesses in general. 

Here are four interesting developments that could signal a shift in how cybercrime goes forward in coming attacks.

1. The hackers were patient

We know that some attackers will go to great lengths to conceal their activity once they infiltrate a network, but by Kaspersky’s account, these hackers went to extraordinary measures to do so.

The attackers lurked for months, taking screenshots, keystroke captures and even video to learn how day-to-day business would usually work. They then waited until they could identify an administrator in action.

Using that information, they were able to establish patterns and make their moves undetected.

With that kind of patience, they were able to land as much as $10 million in cash from several banks the world over.

2. Information wasn’t the target

For years now IT has emphasized that any information hackers can get their hands on is valuable. It can be used to steal identities, be leveraged into stealing money, etc.

But these hackers didn’t seem to be after information at all. Money was the only goal, not the end goal.

As a result, no customers were caught in the middle of the attack. The attackers went after banks directly through fund transfers and ATM thefts.

3. It all starts with phishing

Like many attacks, this one allegedly started with simple phishing techniques against front-line employees (in this case, tellers). They used these employees to deliver malware onto the banks’ systems.

If the figures are to be believed – and more on that in a second – it represents almost a billion dollars in losses due to some old-fashioned social engineering tactics.

4. We’ll never know everything about the attack

When it comes to disclosing losses from a cyberattack, most companies aren’t willing to share all the details. (The “very advanced cyberattack” line seems to be almost standard at this point.)

And the security companies who analyze these attacks are fond of overstating or using loaded language (there are are a lot of totals included in the statements “up to 100 banks” or “up to $1 billion in losses).

The truth is, we may never know what happened. But we can be sure it was a huge attack with devastating affects for most companies that were hit.

Don’t get caught up in dollar figures. An attack of any size can be crippling depending on who is hit and when.

Make Smarter Tech Decisions

Get the latest IT news, trends, and insights - delivered weekly.

Privacy Policy