The sophisticated attack has been running for over two years, and poses a continued threat for the financial services industry, and is said to usher in a “new and disturbing trend” in cyber crime and risk.
Kaspersky Lab, a global cyber security firm, detected the hack and produced a detailed report on the cyber activity of the hackers.
In a report produced by the company, they noted that while cyber attacks on banks are nothing new, they are “almost always” directed at customers, such as credit card fraud, never the institutions themselves.
“This time attackers are targeting financial entities directly in an unprecedented, determined, highly professional and coordinated attack, and using any means from the target to cash as much money out as possible, up to an apparently auto-imposed limit.”
Between one and nine IP addresses were attacked by the hackers in Australia, according to the detailed the report.
Emma Osgood, senior underwriter of financial lines with AIG Australia said the latest attacks serve as another reminder that cyber risk is real and it is here to stay.
“I think this serves to reinforce the fact that cyber risk is not going away any time soon and businesses need to turn their minds towards managing this exposure.
“As Insurers, this creates opportunities but we need to ensure our offering is kept relevant in light of the ever evolving threat landscape."
Losses per attacked bank “range from $2.5 million to approximately $10 million.,” according to the Kaspersky Lab report which noted that “total financial losses could be as a high as $1 billion, making this by far the most successful criminal cyber campaign we have ever seen.”
The group would access bank networks with their software and wait for four months at a time until they could learn the bank transfer system and then transfer money to their own accounts without arousing suspicion.
The state-of-the-art attacks also incorporated a method of hacking into an ATM so it dispenses money at a certain time voluntarily, allowing the hackers to simply stand at the ATM and wait.
The report stresses that this threat has not yet been dealt with and the attackers, thought to be based in China, Russia and across Europe, are looking for more victims.
“Telemetry indicates that the attackers are expanding operations to other regions, such as Asia, the Middle-East, Africa and Europe.”
Article Extracted from IBO 2015.02.19