New details from international security company Group-IB show how cybercriminals are no longer looking to just steal from one bank. Instead they chain their attacks to improve their chances of success.
If you were to hack into Bank A, one of your goals is to figure out how to steal from Bank A. But then you remember that Bank A does business with Banks B, C, and D. So, why not gain access to Bank A’s email system and use phishing attacks to trick users in the other three banks, gain access to each, and then repeat the process?
That’s exactly what cybercriminals in Russia are doing, according to Group-IB’s Computer Forensic Lab.
One of the reasons, according to the report, is that Russian banks are easy targets:
- 74% of banks weren’t ready for an attack
- 80% have no logging depth to investigate an attack
- 70% have insufficient staff to investigate infections or attacks
Looking past Russian banks, cybercriminals are gradually appreciating the value of the access they’ve achieved with each victim company and are becoming more and more creative on how to leverage the access they have to maximize the revenue they can generate from their actions.
Organizations need to protect themselves and be ready for attacks such as these with a layered security defense in place that protects against phishing attacks, malicious links, suspicious attachments, and other tactics employed using social engineering.
Security Awareness Training fills in the security gaps left by endpoint protection, antivirus, and email gateways. Elevating the user’s understanding of the need for an always-on vigilance where they are constantly scrutinizing content in email, on the web, in chat sessions, and more – all in an effort to ensure the security of the organization and its data.