Cybercrime is incredibly profitable, which is why hackers continue to refine their techniques. Although many are content to extort consumers and end users with low-level malware and ransomware, others aim much higher, looking for the opportunity to score several million dollars from a single attack.

Here are some of the top attacks of recent years – and how you can avoid falling victim to similar attacks.

The world’s biggest bank raid (to date)

Between 2014 and 2016, Russian hackers managed to compromise more than 100 banks worldwide, stealing over £650 million ($861 million USD). The attack began by tricking bank employees into accessing and installing malware which spread itself across the company network.

The malware collected sensitive information like usernames and passwords which the cyber criminals were then able to use to access banking systems. The gang transferred millions of pounds into other accounts they owned, and even dispensed cash remotely from ATM machines without bank cards.

Avoiding a repeat: In this instance there were a catalogue of problems at each of the affected banks. First, employees were tricked into installing malware, suggesting a lack of training and awareness of the social engineering techniques used by hackers. Second, internal anti-malware defences were clearly not up to the task, allowing tools to remain in place undetected for months.

To avoid a similar breach, your business needs to:

  • Train employees to identify suspicious emails, website and applications, and to respond appropriately.
  • Implement anti-malware at every endpoint to prevent hacking tools being installed.
  • Implement a defense in depth strategy where your valuable systems and data are not only depending on one security system but rather a layered approach.
  • Implement a sound vulnerability and patch management program that routinely tests the security of your systems.

The petrol station card skimmer

Credit card skimming remains popular with criminals simply because it works. Back in 2007 an international criminal gang installed card skimming devices in 200 UK petrol stations, along with hidden cameras to capture customer PINs as they were entered.

These details were then used to create cloned credit cards which were sold on to other criminals. The ensuing criminal investigation found that the money raised was being used to fund the Liberation Tigers of Tamil Eelam, a Sri Lankan separatist group.

Because of the prevalence of card skimming fraud, the PCI DSS security standard, which governs card payment systems, has evolved significantly to help prevent physical attacks against ATMs and POS terminals.

Avoiding a repeat: A basic check of the compromised card reader terminal would have revealed something was wrong. However, staff working in the petrol station had not received any training about identifying and reporting suspicious modifications, and so the skimmer remained in place.

Point of sale devices

10 years later these same basic card skimming principles still work. To avoid a similar breach, your business needs to:

  • Train PoS (Point of Sale) employees to spot the signs of terminal tampering and how to respond when a potential problem is identified.
  • Implement a physical inspection routine of terminals at the start of every shift to identify tampering as quickly as possible. 

ZeroRisk PINpoint from Advantio can help with both.

Unavoidable responsibilities

These are just two cases of fraud – the same kind of attacks are taking place every day. Under PCI DSS every business handling payment card information is required to prevent data exfiltration and terminal tampering – so you must act now. 

Learn more about how ZeroRisk PINpoint from Advantio helps your organisation to better protect payment card-reading devices.

 

Marco Borza

Written by Marco Borza

I am the Founder of Advantio.
Technology has been my passion since I was a kid; when I first heard the handshake of an old 300bps modem I realised security would be key in an interconnected world. Since then it has become my passion and primary focus.
The reason why I've started my own business is to make IT Security simple.

Certifications: CISSP / CCSA (Checkpoint) / ITIL Foundations / ACSA (ArcSight)/ Linux+/ PCI-QSA / PA-QSA