Submitted by Micah Smith on Mon, 01/15/2018 - 13:35
Money Taker and the local bank shake-down
Money Taker and the local bank shake-down

Have you been receiving advice from the more progressive of your friends to switch to small local banks or credit unions? It’s starting to become a bit trendy to revert to smaller organizations.

It isn't clear yet if it’s due to the scandals and the environmental issues that surround the top lenders that people decide to close their accounts, or perhaps because of the lowered fees and incentives in smaller banks but the public are speaking, loud and clear and with their feet towards independent banks.

Unfortunately another factor that is also loud and clear, is the clear disadvantage of switching to a small local bank - in terms of cybersecurity.

Let me tell you why.

Earlier this month security researcher's uncovered a super secretive Russian-speaking hacking group believed to have robbed more than 20 financial organizations across the world. This group, known as 'MoneyTaker' (it is great when a brand is so appropriately named), has also stolen sensitive documents costing approximately $11 million. The worry is that these could be used in another attack.

Apparently, the group has been attacking banks across the US for the last 18 months without anyone knowing.

How do they do it?  Well, they infiltrate the system of a small bank and get access to all their data. Shortly after this, MoneyTaker will make sure that they can change the data to get quick cash.

They then create all kinds of legal accounts, ordering credit cards etc and a few of their hacker goons go overseas and withdraw the cash from the bank’s ATM machine.  Just before those funds are withdrawn, MoneyTaker, back on hometurf, deletes all overdraft limits and greatly increases the withdrawal limits so the hackers can virtually empty out the ATM without anyone even detecting anything.  

This dear reader is a true cyber- hustle and the Hackers are super-smart. They use tools like Metasploit, NirCmd, psexec, Mimikatz, Powershell Empire and code that was showcased at a Russian hacking conference in 2016, as proof of concept.

During the first attack, they were able to gain access to the largest U.S bank transfer messaging system that was responsible for connecting ATMs of over 5,000 organizations. They stole $500,000 from the US alone, and $3 million from at least 3 Russian banks.

They have been specifically targeting small banks because their cybersecurity teams and resources are so much more limited than the big players.

At least they are not working for the Russian government or so the Group-IB, who are investigating these hackers claim.

It’s still unclear how the hackers were able to infiltrate the networks and systems of these banks so masterfully and without detection. In one case, the access point to one of the banks was the home computer of the system administrator.

This series of incidents clearly show the increased need for cybersecurity at every company. Large cybersecurity firms need to create plans and provide protection that can include smaller firms as well, if they want to protect their money.

Another solution is to deploy cybersecurity AI software that could slowly learn the networks and become more and more secure and precise with eliminating threats, over time.

Either way,  it's time you weighed in the level of cybersecurity at your current bank and thought seriously about how this may affect your personal life and your business.