We note a rash of rapidly escalating cyber attacks against banks and European financial institutions. Some of the following events are under way and verifiable, and others are alleged and not verifiable. We present these to demonstrate what appears to be an increasing trend of financial insecurity in the face of well organized attacks intended to steal money from both individual and business accounts. Our readers will be well advised to closely monitor their accounts for spurious transactions and to guard their assets closely. Assertions of "secure" institutional computer systems are obviously not true and the institutions know it. Not a day passes without more tales of successful cyber penetration or near misses where millions of dollars and hundreds of thousands of identities were compromised. This problem is not going away and teh larger the institutional data base and the more geographic distances involved, the greater the certainty of successful attack.
We have also included a few non financial citations to round out the subject.
Cyber soldiers often work under the direction and with direct support from national governments, and thus have access to funding, facilities, the most modern equipment, and legal shelter within the borders of their masters. Nations may attack individuals, corporations, or other national interests. Consider how the use of drones has rendered borders irrelevant in many cases. Financially targeted cyber attacks are likewise able to cross borders. No one is safe unless their computer system is physically disconnected form the world wide web.
We also remind our readers that there is no substitute for backing up vital data. This mostly simple repetitive neglected act is the source of much pain and is completely unnecessary. Do the easy things now and the hard things may never become a problem at all
Now the US federal government has deseminated warnings about widespread virus infection that could cause computers to be unable to access the internet. Remember that in seige warfare the beseiger often has the advantage over the beseiged. We cannot see how the cyber war is any different. It will go on without pause.
As a special service to our readers we have located an official site where you can find more information about the current DNS cyber threat. (read more)
From Zero Hedge: McAfee and Guardian Analytics have uncovered a highly sophisticated, global financial services fraud campaign that has reached the American banking system. As this research study goes to press, we are working actively with international law enforcement organizations to shut down these attacks.
Unlike standard SpyEye and Zeus attacks that typically feature live (manual) interventions, we have discovered at least a dozen groups now using server-side components and heavy automation. The fraudsters’ objective in these attacks is to siphon large amounts from high balance accounts, hence the name chosen for this research: Operation High Roller.
From ZD Net: Michael Sentonas, Asia-Pacific vice president and CTO of McAfee, later told ZDNet Asia that a number of popular banks and credit unions across Asia-Pacific were also targeted as part of this operation. Australia, for instance, was a target because the security vendor found victim logs linking to one popular bank and other credit unions in the country, which indicate there were attempts at making fraudulent transactions.
From H Security: McAfee said that the criminals used heavily modified versions of the ubiquitous ZeuS and SpyEye online banking trojans for their fraudulent campaigns. The security specialists added that they identified a total of 426 previously unknown spyware variants that used rootkits to avoid being detected by virus scanners. Reportedly, the criminals used online search and other methods to establish which financial institution was used by their targeted victims, and then sent victims a link to a specially crafted web page that infected their system.
From Info Security Magazine: To avoid becoming a victim of these attacks, Marcus advised individuals to educate themselves about phishing and spearphishing attacks, particularly how to recognize fraudulent emails. In addition, individuals should make sure that their devices and networks are properly protected. Banks should look at implementing backend anomaly and fraud detection technologies, he added.
From Reuters: "There have been lots of breaches in every industry that have never been publicized," said Shawn Henry, the FBI's former top cyber cop, who joined a new cyber security company, CrowdStrike, in April. Henry said the FBI was working on 2,000 active cyber cases when he retired from the agency in March. "There's only a handful of cases that anybody has ever heard about," he said. U.S. government officials and cybersecurity consultants have been raising alarms about the growing sophistication of attacks on private and government computer networks.
From Heritage Foundation: The government’s track record on cybersecurity does not inspire confidence that it can devise effective cybersecurity regulations for the private sector. Cybersecurity for the nation should be a cooperative effort between the private sector and the government, with each contributing in its own way. Onerous regulations are not the solution to the ever-expanding reality of cyberthreats.
Nations experience cyber attacks regularly
From Tehran Times: Moslehi stated, “We were informed that a massive cyber attack would be carried out on Iran’s nuclear facilities, and therefore, we made every effort to detect it.”
From NZ News: "We have never seen a strong attack like this before," the paper quoted Jong Seok-Hwa, chief investigator of the national police force's Cyber Terror Response Center, as saying. "We will find out the origin of the hacking and take necessary measures." Unidentified officers were quoted as saying they are investigating possible North Korean involvement. Police and the newspaper could not immediately be reached for comment. The Korea JoongAng Daily said the hacker connected to the website by typing in a domain address used only by employees.
It said the two papers are using a temporary server, and plan to normalise production as soon as possible by backing up lost data and installing a new operating system.
From The A Register: The Australian government has refused to confirm or deny the breach, nor did it confirm to News whether or not ASIO would launch an immediate investigation into the incident. The News report says the attack has compromised the email accounts of ten federal ministers, including the PM, providing access to “thousands” of emails....Morgan Stanley was hit by a “very sensitive” breach to its network by the same attackers who penetrated computer systems maintained by Google and dozens of other companies, according to leaked emails reviewed by Bloomberg News...
From Net-Security: Internal sources say that some of the files were redirected to Chinese sites, but concede that this fact doesn't say much. Chinese hackers and the Chinese government have lately been tied to a number of cyber attacks targeting government systems around the world but, as always, there is no incontestable proof of their guilt. The growth of the economic power that the Republic of China wields is seen as a threat by all the major Western economies and is behind the speculations about the attacks.
From Money News: Eleven people were arrested in the United States, the Federal Bureau of Investigation and the Manhattan U.S. Attorney's office said. The thirteen others were arrested in countries from Britain to Japan, the authorities said. Officials in Australia also conducted searches. "Clever computer criminals operating behind the supposed veil of the Internet are still subject to the long arm of the law," Manhattan U.S. Attorney Preet Bharara said. During the operation, the FBI said, it not only monitored the hackers' activities but also contacted "multiple" people and institutions hit by the hackers and showed them how to repair their security breaches and protect themselves in the future.