Information Security News mailing list archives
Hollywood lie: Bank hacks take months, not seconds
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 5 Jun 2019 10:06:49 +0000 (UTC)
https://www.zdnet.com/article/hollywood-lie-bank-hacks-take-months-not-seconds/ By Catalin Cimpanu Zero Day ZDNet News June 4, 2019A report published today by cyber-security firm Bitdefender gives one of the best views we ever got into the inner-workings of a modern bank heist, and more particularly, a bank heist carried out by Carbanak, a group of hackers responsible for stealing more than one billion euros from banks all over the world.
Methodical, slow, and paying close attention to not getting discovered, a Carbanak hack is like a slow burning fire that makes its way across a forest.
Unlike Hollywood movies where bank cyber-heists happen within seconds, in the real world, hackers spend weeks inside banks' IT systems, gathering intel, and preparing for the day when they're ready to spring into action and steal funds.
Everything about a modern-day bank cyber-heist is... boring, even the hacking, which involves good ol' techniques like spear-phishing, vulnerability scanning, domain controller compromise, lateral movement, and the use of off-the-shelf, legitimate tools like Cobalt Strike.
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Hollywood lie: Bank hacks take months, not seconds InfoSec News (Jun 05)