According to security researchers and judging by some of the most well-known cyberattacks on banks in recent years, the main techniques and tools used by cybercriminals to attack these types of institutions are: Denial of Service (DoS), malicious codes at point of sale (PoS) terminals or ATMs, exploiting vulnerabilities and even using tools for targeted attacks. In addition, techniques such as watering hole began to be used, where websites are altered to carry out malicious activity, while users who usually visit the pages are unaware that they are facing a threat.
Once the attackers identify their target, they usually modify a site that they estimate will be visited by the potential victim through the insertion of code snippets on the page; in this way the visitor is redirected to a malicious server.
Regarding attacks directed at users, the main technique used is phishing, which seeks to obtain the users’ banking information in order to monetize it, either through the exploitation of that data by the attackers, or well through its sale in large databases.
Some cyberattacks that happend on banks
▸Cybercriminals steal $6 million from Russian bank
In February 2018, Russia’s central bank revealed that in 2017 a group of attackers stole the equivalent of $ 6 million from a local bank using the international messaging system SWIFT. The attackers reportedly compromised an employee’s computer before using SWIFT to transfer funds to their own accounts. This cyber attack is similar to the one that occurred against the Bangladeshi central bank account located at the Federal Reserve Bank of New York.
▸Cyber robbery to Bangladesh bank
In this event, criminals stole $ 81 million from a Bangladeshi bank by using malicious code detected by ESET as a variant of Win32 / Agent.XZH. It is a highly complex code that presents sophisticated functionality and that allowed cybercriminals to access the messaging software used by more than 11,000 banks and financial institutions in more than 200 countries known as SWIFT Alliance Access
▸DDoS attacks on Greek banks
This event that took place in 2015, three Greek banks were the target of distributed denial of service (DDoS) attacks in which cybercriminals from the group calling themselves Armada Collective demanded the payment of a ransom in bitcoins.
▸DDoS attack on the online platform of an HSBC
In January 2016, the UK subsidiary of HSBC bank revealed that its site’s online services were targeted by DDoS attacks. Although the institution assured that it was able to defend itself successfully, its systems were out of service for a time.
