Friday, October 05 10:31:43
Irish banks are being warned to guard against organised cyber hackers after IT multinational security firm EMC uncovered a plot to launch a massive orchestrated cybercrime campaign on 30 financial institutions in the US.
RSA, EMC's security division, has uncovered plans by a cyber gang to launch a Trojan attack spree on the banks this autumn, making it the largest ever organised banking-Trojan operation.
A Trojan is a type of malware that masquerades as a legitimate file or program, giving the hacker unauthorised access to a computer to steal information.
The cyber gang plans to deploy the Trojan in an effort to complete fraudulent wire transfers through man-in-the-middle manual session-hijacking scenarios.
Previous incidents involving this Trojan, known as Gozi Prinimalka, handled by RSA appear to corroborate the cyber gang's claims that, since 2008, their Trojan has been at the source of siphoning US$5 million from US bank accounts.
Jason Ward, EMC's Country Manager, described the attempted heist as a 'wake-up call' for Irish banks which need to take urgent steps to protect themselves against new cyber threats that are persistent, dynamic and intelligent.
'Today's IT organisations are in a constant state of compromise from new sophisticated cyber threats,' said Mr Ward. 'The world's cyber threat landscape is evolving at pace. Of the 60 million variants of malware in existence today, one-third were created last year. Increasingly, the human firewall is being breached, with cyber criminals shifting their focus from technology to people in a bid to infiltrate companies and governments by exploiting our weaknesses,' he said.
In a boot camp-style process, accomplice 'botmasters', who control pieces of malware, are selected and trained, becoming entitled to a percentage of the funds they siphon from victims' bank accounts into mule accounts controlled by the cyber gang. Each 'botmaster' selects their own 'investor' who will put down the money needed to buy equipment for the operation - servers, laptops and so on - with the incentive of sharing in the illicit profits.
The gang and a long list of other accomplices will reap their share of the spoils, including the money-mule herder and malware developers.
'This plot shows that Irish organisations, including banks, need to defend themselves from attack through intelligence-driven information security, collecting reliable cyber security data and researching prospective cyber adversaries to better understand risk and learn about why and how attacks occur. New skills must be developed in the IT team to produce and analyse intelligence and identify normal and abnormal system and end-user behaviour. Organisations must continuously monitor IT systems, restrict network access to privileged users, limit or block access to high-risk websites or social networks, and make investment in IT security an executive leadership priority.
'We need to stay ahead of a new generation of cybercriminals whose sophisticated attacks are part of a pattern of organised crime, espionage and terrorism,' said Mr Ward.