Over 100 banks hit by sophisticated cyberattack: report

February 14, 2015
Hackers had such advanced access to the banks' systems that they could force ATM machines to dispense cash at specific times and locations where hackers could pick it up

A sophisticated global cyberattack struck more than 100 banks in 30 countries stealing hundreds of millions of dollars, The New York Times reported Saturday.

Citing a soon to be released report from computer security company Kaspersky Lab, the newspaper said the attack involved that gave long-term access to banking systems.

A group of Russians, Chinese and Europeans was able to siphon off around $300 million in one of the world's largest bank robberies, the report said.

The money was transferred to bank accounts around the world in small-value amounts to avoid detection.

Hackers largely focused on banks in Russia, but millions of dollars were also taken from banks in Japan, the Netherlands, Switzerland and the United States as well, the Times said.

Hackers had such advanced access to the banks' systems that they could force ATM machines to dispense cash at specific times and locations where hackers could pick it up.

Explore further: Several US banks attacked by hackers who hit Chase

Related Stories

Several US banks attacked by hackers who hit Chase

October 8, 2014

Several US financial institutions were targeted by the same computer hackers who breached the systems of JPMorgan Chase earlier this year, sources familiar with the matter said Wednesday.

US penetrated N. Korea computer systems in 2010: report

January 19, 2015

The United States secretly penetrated North Korea's computer systems four years ago—a breach that allowed Washington to insist Pyongyang was to blame for the recent cyberattack on Sony Pictures, the New York Times reported ...

Anthem: Hackers tried to breach system as early as Dec. 10

February 7, 2015

(AP)—The hackers who stole millions of health insurance records from Anthem Inc. commandeered the credentials of five different employees while seeking to penetrate the company's computer network—and they may have been ...

Recommended for you

Galactic center visualization delivers star power

March 21, 2019

Want to take a trip to the center of the Milky Way? Check out a new immersive, ultra-high-definition visualization. This 360-movie offers an unparalleled opportunity to look around the center of the galaxy, from the vantage ...

Physicists reveal why matter dominates universe

March 21, 2019

Physicists in the College of Arts and Sciences at Syracuse University have confirmed that matter and antimatter decay differently for elementary particles containing charmed quarks.

24 comments

Adjust slider to filter visible comments by rank

Display comments: newest first

Returners
1 / 5 (1) Feb 14, 2015
Wow. ATM machines can be hacked via remote access.

Must require case management level password access huh?

Check for inside jobs, and anyone possibly receiving a payoff.

That's where I'd start anyway.
dbsi
5 / 5 (2) Feb 14, 2015
Inside job in 100 banks in 30 countries? Bugs and their exploits are more likely to achieve such a distribution.
kochevnik
1 / 5 (4) Feb 14, 2015
Nothing to see here move along....

Piss off programmers who wrote your micro$soft operating systems by sponsoring NAZIS at their border then see what happens. Simply brilliant
Returners
1 / 5 (1) Feb 14, 2015
Inside job in 100 banks in 30 countries? Bugs and their exploits are more likely to achieve such a distribution.


Too much information available on public networks. Once the hackers got in somewhere they must have found the access codes or software to partner banks and organizations, and planned an attack on all of them at once. Something like that might be accomplished with a single defector, doesn't require an inside person in every bank, just one inside person in one bank at the right place and time.

kochevnik
1 / 5 (2) Feb 14, 2015
Crackers, not hackers
_oc_oofenshmirtz
3 / 5 (2) Feb 14, 2015
Esos no son hackers, son cibercriminales.
Osiris1
3 / 5 (2) Feb 15, 2015
Your money that you gave to the banks now going to buy bullets for ISIS to hurt our troops....perhaps even your son or daughter. Still wanna give your money to banks. Banks pay NO interest, but WILL charge you PLENTY to operate a checking account. They lose enough all by themselves by taking flyers on the casino known as the 'derivatives market'. That is akin to betting where the next pigeon will land on a sidewalk.
alfie_null
5 / 5 (2) Feb 15, 2015
Inside job in 100 banks in 30 countries? Bugs and their exploits are more likely to achieve such a distribution.

Too much information available on public networks.

Advocating security through obscurity is not a good way to impress us with your acuity on IT security. I'd tend to agree with dbsi. ATMs, which have been around for years, are a harbinger of the Internet of Things to come. Where we have a multitude of embedded devices running insecure software that can't be patched. All too many ATMs run horribly obsolescent operating systems like Windows XP. Operating systems that have known vulnerabilities and which cannot be patched.

It's nothing like "a single defector". Cyber-criminals are organizations of a considerable number. Some specializing in finding exploits, some specializing on finding exploitable devices, some specializing in phishing and social engineering, etc.
big_hairy_jimbo
not rated yet Feb 15, 2015
Thats it Alfie_null. Good old XP!!!!!!!! A USB wireless dongle here and there, and bingo!!!!!
Returners
1 / 5 (1) Feb 15, 2015
It's nothing like "a single defector". Cyber-criminals are organizations of a considerable number. Some specializing in finding exploits, some specializing on finding exploitable devices, some specializing in phishing and social engineering, etc.


I didn't say it was one person. I don't think one person could hit this many systems in so many companies at once.

All I said is I think they have a defector. It makes sense.

they probably planned and simulated this for a year or two.

What do you think normal viruses and botnets are for? Just to steal information about John Doe's $100 savings fund from his unprotected PC? No. They are dry runs and prototypes for bigger attacks. Even if they are a prank, a prankster is never satisfied and does something bigger, so whether it's a mastermind or a prankster, they've been practicing this for a long time on every scale of attack.

This is straight out of "Entrapment" except more realistic.
Returners
1 / 5 (1) Feb 15, 2015
They stole much of this as cash. So I don't know how much cash an ATM has loaded on-hand, but that implies as many as 100 or more accomplices. Even if they divided the money 100 ways they'd each make three million dollars, but you wouldn't need that many. With that advanced access to the machines, each person could hit 20 or 30 machines in a day (don't know how many were hit) and have the botnet or virus/etc program them to dispense their entire fund. I don't know how that could go undetected long enough for each person to take you know hours between the first and last machine, unless they had literally complete control of the network. There should have been some sign they were under attack, like that mysteriously empty ATM that was just counted a few minutes ago....

I guess we'll find out after the investigations are complete, but there must be hundreds of dummy accounts involved in the transactions, possibly tens of fakes per chain of transactions.
Returners
1 / 5 (1) Feb 15, 2015
An ATM isn't even supposed to be able to dispense more than $300 on a single transaction in most cases. So they somehow tricked the ATMs into performing scores of transactions within seconds, even though there's no reasonable way that many physical transactions could have happened that fast. There should be some sort of "read-only" external timer that limits how soon the next transaction can happen, so that even if the ATM were hacked it wouldn't allow the transaction to happen.

Put a read-only timer on the little rotating hatch and have the hatch on a separate network from the main network. The counter machine should be timed so that it has a physical barrier preventing it from performing more than one transaction per so many minutes, and the hatch cannot be opened unless an external button is physically pressed. This would prevent the "walk up and take everything" type attack, because it would take an hour to drain an entire machine that way.
bluehigh
1 / 5 (1) Feb 15, 2015
An ATM isn't even supposed to be able to dispense more than $300 on a single transaction in most cases.


Where did you get that idea from? A U.S. based limit?

I can get as much as the machine has available. In Sydney AU, I have on occasion withdrawn $2000 with no problem. Often over $500.

Returners
1 / 5 (1) Feb 15, 2015
Where did you get that idea from? A U.S. based limit?

I can get as much as the machine has available. In Sydney AU, I have on occasion withdrawn $2000 with no problem. Often over $500.


Hmmm. I probably need to ask the desk, but my bank only allows $300, and the bank I had before that was only $300.

Maybe I just have a crappy account because I usually don't have a lot of money lying around.

I used to make large deposits for a financial company one time, so I know they take large deposits at the drop box, but I never got to make large withdrawals from the atm. Maybe I have a crappy bank then. They are pretty big bank though, but I'll leave their name alone for now.
bluehigh
1 / 5 (1) Feb 15, 2015
Anyway, it's a middleman attack. Some pissed off tech in a data centre. So whats a few hundred million dollars. Annoying maybe but just petty cash.
bluehigh
1 / 5 (1) Feb 15, 2015
Just don't ask why I withdraw $500 cash or more late at night occasionally ;-)
oldfriends608
not rated yet Feb 15, 2015
Isn't it time we went back down the ladder look at were we've gone wrong repair/alter climb up again slowly.
Big q. is do we really need money? How many problem does it solve and cause, murders and fight, because of it, greed, it give greed power and control to only a few. NOBODY can take it with them, you leave it behind for others to abuse and create more problems.
A time will come when Man will dispense with money.
We spend trillions or rather waste trillion on things we know little about, creating chemical, weaponry, to destroy ourselves and research space when we haven't got the technology, or the equipment to follow anything up in space, its taking us 12yrs + to get to Pluto, the next nearest star is 4.7 light years away, come on wake up, lets get our plant sorted out first. So people can live without poverty.
big banks are helping the mega rich to evade taxes which could help solve the worlds problems.
We all forget the universal law of Karma, and our spiritual self.
Returners
1 / 5 (1) Feb 15, 2015
oldfriends608:

No currency systems produce other problems. Barter is even more relative and abuseable than Currency in many cases.

I'd prefer some sort of multi-standard system, where a certain percentage of the "dollar" would be defined by a measure of different types of resources.
"Energy" ~50% itemized and averaged
"metals" and lumber maybe 25% itemized and averaged
"Foodstuffs" 25% itemized and averaged.

Have a law where the government can't re-assign more than 1% from each group, nor add more than one group, every year.

This would prevent:
-Spectator abuse.
-"Scalping"
-Anomalous market crashes (caused when relative values of things, such as energy or housing, collapse with respect to one another).

I disagree with the way materials are valued.
Some argue that ancient coins were valuable due to the rarity of the material. I disagree. Money should be valued by it's functionality of the face value material, not sentimental value.
Returners
1 / 5 (1) Feb 15, 2015
In the future, as wind and solar energy become a larger market share, you will not transport "fuel". You will only transport ELECTRONS/Charge (possibly photons) as energy to the destination via electric cable or maybe microwave laser for some wireless energy transfer. You won't buy a gallon of gasoline, you will just buy "charge".

The price of certain things (a base Electricity price) will be defined as a constant with respect to the Dollar, instead of something to be manipulated by the "Market".

The "Market" is a problem, even though it promises "freedom" on the surface, it concentrates all wealth and power in the hands of a few, creating de facto bondage.

What do the wealthy do in America? They use government roads, government grants etc to start businesses, then when they strike it even richer, instead of paying taxes to re-pay the people who funded the government, they EXPATRIATE to another country.

Well, I'll be going for dual citizenship I think.
Returners
1 / 5 (1) Feb 15, 2015
The point isn't about nationality or patriotism, it's that they evade their economic responsibility to the group, because the group funded their success, and they go to another country, where they pay a lower tax rate. Well of course the ohter country can undercut our taxes when they constantly get to take the rewards of our nation's investments.

They think because they once got a 100k grant from the government to start a business, and it boomed viraly like some internet companies, that it somehow entitles them to control 10 billion and 100 billion dollar sectors of the economy and pay no taxes.

Rigg:

That is tyranny and, betrayal of the public trust, and that is unregulated capitalism.
Returners
1 / 5 (1) Feb 15, 2015
The way to handle that is simple:

If a company expatriates, they forfeit their U.S. patents to the government.

The constitution protects citizens from "unreasonable searches and seizures".

There is no bill of rights for corporations who move their official nationality and official headquarters to another nation, least of all when there is only ONE employee working at the official headquarters, and it's a minimum wage greeter paid to string media or investigators along.
shoebox22
1 / 5 (1) Feb 15, 2015
makes me wonder if this has been done before and this is the first time they were caught, it is possible that it happened before and the banks didn't know and covered it up some how, now there are footprints left from the bank attack, most likely an inside job.
Buzz1961
1 / 5 (1) Feb 15, 2015
@Returners - My thought is that banks (in the US at least) limit ATM withdrawals primarily for security and loss prevention reasons; While I would like to think that in an altruistic world it is to prevent customers from having their account ransacked in the event of the theft of their debit card or strong armed robbery via ATM. It is more likely done in order to deal with issues just like this article addresses - a typical ATM machine can hold as much as 10,000 bills. Assuming all $20 denominations, that is $200,000 in one machine alone, which represents a very large amount of money "at risk". Put less money in a machine to reduce the risk and then limit the amount per single transaction in order to maximize the number of people who can use the machine between deposit intervals and you've greatly reduced your overall risk.
dbsi
not rated yet Feb 16, 2015
".....The gang, which Kaspersky dubbed Carbanak, used computer viruses to infect company networks with malware including video surveillance, enabling it to see and record everything that happened on staff's screens......" (→bbc.com)

...so very unlikely an insider job ;-)
but again, bugs & vulnerabilities and their exploits, plus maybe more incompetence than you would expect.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.