Rise of Cyber-Attacks on Banks

39% rise in data security breaches at banks, as they tend to be the primary target for data breaching and stealing money. Earlier, the hackers used to burgle through credit cards and individual bank account details, but now they are directly stealing money from the banks by thrusting into the bank’s network using phishing emails, denial-of-service and other techniques. Recently, over 35 USA banks have been breached and have lost hundreds of millions of dollars.

 

US Regulators have been Warning about the Rise of cyber-attacks on Banks

Over the years, the cyber-attacks have gradually advanced over financial organizations.  In 2014, the FFIEC, US regulators and financial supervisors warned banks about the rise of cyber-attacks. Recently, they notified New York banks to tighten their security to avoid Armageddon of cyber-attacks on banks, which could crash the USA financial market due to the increase of vulnerabilities in cyberspace and said that defending the most crucial data is the best way to deal with threats. As technology giants are investing into IoT, shaping information that is connected online, making criminals turn to flexibly attacks on systems and crack into the weaker systems.

Lawsky’s warning of a cyber-attack on Wall Street follows a report last week warning of a band of international cyber crooks who have taken to infiltrating the banks’ internal systems instead of going after their customers.

 

39% Rise in Data Security Breaches were in Financial Organization

After analyzing Identity Theft Resource Centre theft data, which is confirmed by various media sources and state government agencies, I’ve researched and generated reports comparing 2014 with 2015 in terms of breaches reported, types of attacks, the most impacted industries, and the most targeted states in the USA.

yoy breaches comparision of Jan - oct 2014 to Jan - Oct 2015

In a YoY comparison of Jan – Oct 2014 and same time period in 2015 ITRC cyber-attacks data, online breaches on financial organizations have increased by 39%.

 

Jan to Oct 2015 Cyber Attacks Report

Electronic Data Breaches through OCT 2015

There have been a total 548 online breaches reported. The number of breaches accounting for the banking sector was 57 until Oct 20th, 2015, accounting for 10% of the total number of successful attacks and 5,052,428 records were exposed. The highest number of records compromised was at Scottrade, a brokerage and banking services firm which had 4,600,000 records compromised.

 

2014 Cyber Attacks

2014 Electronic Data Security breaches in different industries

Reportedly, In 2014, the total number of attacks on governments, businesses, banks and health care industries was 674.  In spite of tighter security in the banking sector, 6% of the successful security breaches were at banks, credit unions and other financial firms. The highest number of records exposed was at JPMorgan chase estimated at about 1,000,000.

 

Top Most Cyber Attacks Executed States in USA

2015 USA States breaches

 

From the above graph, Jan to the 20th of Oct, 2015, The most electronic data breaches carried out were on New York banks. According to ITRC, There were 15 breaches that executed at NY banks alone out of a total of 57, accounting for 26% of total breaches. California banks followed next, where 11% of effective electronic breaches took place.

 

2014 - top most cyber attacks executed states

In 2014, New York’s banks have comparatively the highest number of electronic attacks.  There were 9 breaches carried out which is 21% of the total of 43 successful attacks.

California ranks second on the list. There were 6 internet attacks on financial firms. Right behind the two states is Georgia, where 4 electronic attacks were successfully planned, according to ITRC.

 

Major and Latest Cyber-Attacks which Breached the Data Security of Popular Banks

  • TD Bank Data Breach
    On March 21 2013, TD Bank was a victim of an online data security breach that failed its online and mobile banking systems, but the bank confirmed there was no loss of customers’ information.

Impact on TD’s Network
Because of the prolonged online system failure of the bank, customers complained about it on social sites.

Social Media Interaction about TD Bank's breach

 

  •  ST Mary’s bank
    Cyber gangs successfully breached St. Mary’s bank accounts and stole overall 25k, but the bank refunded compromised accounts right away. It seems the card accounts detail was stolen from a large national retailer and then sold online.

Initially, the bank noticed unusual small amount transactions which were test run transactions by hackers on different debit cards and later on after investigating further, it was found that a higher amount (100 USD) transactions were successfully attempted making the bankers promptly disable around 5,000 cards and dispatch new cards to avoid future fraudulent loss.

 

  •  JP Morgan Chase

An attempted cyber-attack successfully breached the data security of JP Morgan Chase bank compromising 76 million family accounts and 7 million SB accounts. As it is one of the largest banks in the nation possessing sensitive financial data of many businesses and individuals, the data thieves were able to steal JP Morgan Chase account holders’ names, addresses, phone numbers, emails and other details, but the bank didn’t find any kind of fraud in their customers’ details.

Also, the hackers breached the bank’s corporate challenge website, which runs a series of races for charity, to get participants’ contact information and other details. Initially, the bank authorities did not notice the hack into their network until they found an external encroachment which was noticed after a week.

How a Robust and Secured Network like JP Morgan Bank’s was Cracked

The hackers gathered a list of applications that are running on JP’s computer network and by intense evaluation they determined vulnerable points on them that have helped them break into the bank’s network.

 

  • Bank of America

In 2013, a bizarre cyber-attack on Chelan County Hospital No. 1’s payroll system, the hackers successfully added fake names and authorized three fraudulent payments worth roughly $1.03 million to bogus people through the Bank of America.

On September 18, 2012, Bank of America’s website was hit by a cyber-attack, which slowed down the website and many users were not able to access it. Cyber-gangs have targeted the domain name service infrastructure, maybe to divert genuine requests to distrustful websites.

 

  • 360,000 Customers Data and Millions of Dollars Stolen from Citi Bank Security System

In May 2011, Citigroup was hit by a major cyber-attack that successfully cracked the network and stole 360,000 customers’ data and about $2.7 million was stolen from approximately 3400 accounts.

How the Citibank’s Security System was Compromised

The cyber-thieves logged into the credit card section of the Citibank website through credit card login details and leaped between the different accounts by using other account numbers. The hacker’s system automated this procedure allowing them to capture confidential information.

In the spree of cyber-attacks, they attacked Citigroup, E*TRADE Financial Corp., Regions Financial Corp, HSBC Holdings and ADP but couldn’t breach their digital security system.

 

  • ST. Louis Bank  

On April 24, 2015, the Federal bank of St. Louis was the target of a cyber-attack. Data thieves tried to crack its website security using malware and diverted it to one of their fraudulent websites to capture visitors detail. But the bank confirmed that the official website was not compromised but instead, it was redirected to an imitated webpage ‘research.stlouisfed.org’. The cyber-criminal used malware to capture the visitors details to breach accounts, but the  [F2]

 

Common Banks’ Network Vulnerabilities are a doorway for a successful breach.

  • Traditional firewalls – As many banks opt for the latest technology trends to stay competitive and offer the best customer service, banks with traditional firewalls are highly unsafe and vulnerable to advanced hacking techniques. Advanced Denial of Service attacks can easily go through traditional firewalls It’s one of the preferred techniques used by cyber-crooks to slow down the server or website. In the latest Internet attacks, investigations by security firms found that many financial institutions have been targeted by DDOS attacks.  RiskIQ found in a survey that 60% of banks’ assets are on the other side of the firewall and such traditional security can be vulnerable to attacks.
  • Unfiltered inputs – In DDOS attacks, hackers can use strings like %s and %x format tokens to access the memory from an unauthenticated address, SQL and other language scripts that assume queries with tokens such as valid int*.
  • Web security vulnerability – The hackers inject perfectly crafted malicious SQL queries through web applications with an intention to illegitimately access critical bank data. Such malicious data queries trick the application to execute and generate unusual queries letting hackers access the database. Web App doesn’t evaluate a direct web request to authorize an authenticated user to access all or certain data.
  • Overlook authorization – For a weak application authorization, the attackers could gain high-privileged authority to perform malicious tasks through forceful browsing using hacking tools, which help them gain privileges of critical users. They approach using direct URL entry and forcefully try to gain access to database.
  • Software with flaws – There are billions of apps that are vulnerable to breaches and reportedly, 80% of vulnerabilities are in 3rd party applications and the vulnerable software in the banks’ network can let hackers exploit and crack security. In a breach at JP Morgan Chase, the cyber-hackers acquired a list of applications being used by JP Morgan’s computers, and tried to figure out the vulnerabilities in them to successfully breach into the bank’s network security.

 

How Cyber-Gangs Successfully Intruded into the Banks’ Network

  •          Phishing emails with malware – The Carbanak hackers have stolen more than $1bn and Sony hackers breached data through phishing emails. The cyber-criminals send email with malware to employees of the targeted organization. When the recipient downloads the attachment, the malware is spreads throughout the corporate network and it helps to update the hackers about the critical activities of administrators.
  •          Phishing websites –  Imitating an actual website and diverting traffic from the official website
  •          Exploiting vulnerabilities
  •          Customized tools to intercept network traffic, scan network devices, and connect to various network services using domain authentication.
  •          Denial of service attacks
  •          DNS hijacking
  •          Malicious iFrames
  •          Configuring remote high-speed logging

 

What makes Banks the Prime Target for Internet Attacks?

According to Websense Security Labs, the average number of internet attacks on financial institutions was four times higher than other businesses.

Financial Institutions have been a prime target for cyber-thieves, as banks are a great source to steal money and customers’ data. Moreover, the breached customers’ data can be used for monetary gain.

Leave a Reply

Your email address will not be published. Required fields are marked *