Banks fear the proliferation of cyber-attacks against cash machines. Ten days after a digital "hold-up" in India, the case of the ATM hacked. At the beginning of the summer, the FBI sent a confidential note to US banks. The police warning them of the risk of computer attacks targeting cash machines. Referred to as "ATM Cashout" or ATM hacked, the operation finally hit India on August 11th. In less than two hours that day, more than 805 million rupees (about 10 million euros) were withdrawn from more than 2,100 ATMs in 28 different countries.
It turns out that the 15,000 withdrawals made this Saturday were the work of accomplices of a network of hackers. They managed to penetrate the computer networks of the targeted bank. The scenario here is exactly the main fear of the US federal agency. The attackers, not yet identified, managed to "corrupt" the systems governing the IT networks. But they also managed to connect to the Swift interbank network. Hence fraudulently transfer an additional 139 million rupees (1.73 million euros) to a bank in Hong Kong on 13 August. Cosmos Bank, headquartered in Pune in the heart of India, is the second-oldest banking group in the country. Founded in 1906, it now has some two million customers. His internet services were immediately disconnected while cybersecurity experts determined whether the attack was circumscribed.
ATM hacked, a threat "more devastating than the previous ones"The Indian police mobilized a team of ten investigators on this file. The images recovered from the looted distributors are being scrutinized. Indeed they are searching to identify possible accomplices in this ATM hacked case. A "cyber" unit is trying, for its part, to understand more precisely the modus operandi of attackers. More precisely the type of malware used and how to track down suspicious financial flows. The consulting firm PricewaterhouseCoopers was also tasked with an audit to ensure that the fraud was not larger. Banks are regularly the target of sophisticated hackers. Another Indian institution, the City Union Bank, was the subject of a virtual hold-up, worth nearly $ 2 million, last February. IT managers in many financial groups think that unfortunately, the phenomenon will gain momentum in the months to come.
ATM hacked and techniques"The threat of attack spotted by the FBI is indeed different and more devastating than the previous ones. Criminals infiltrate into the bank's IT infrastructure to steal and clone bank cards, remove fraud controls and limits withdrawal. Then they coordinate large-scale ATM withdrawals to steal large sums of money" confirmed Jean-Christophe Vitu, CyberArk's vice president for Europe, Africa, and the Middle East. These techniques are well known, even if they have been perfected. "In 2008, an attack targeted the Royal Bank of Scotland (RBS) and allowed to steal $ 9 million in less than 12 hours, via more than 2,100 ATM hacked. Since then, hackers targeting financial institutions have followed one another, including the cyberbanking of the Central Bank of Bangladesh in 2016 and more than $ 81 billion stolen. Common points of these targets: poor security of the IT infrastructure, especially access privileges. In the majority of the cases, hackers break into the networks by masquerading as business executives. Then after by having contaminated their mailboxes, it allows them to access the heart of the system.