Bangladesh Bank Heist
PHISHING remains the ultimate entry used by sophisticated cybercriminals, Kaspersky pointed out, thus, it warns of repeating the $81-million cyber heist.
Amidst the increased use of online banking and e-wallet in the region fueled by the pandemic, Kaspersky offered a reminder. It said banks and financial services in Southeast Asia (SEA) to learn from the lessons of previous cyberattacks like the costly $81M cyber heist incident in 2016.
The global cybersecurity company conducted an online conference with select media from the region. It highlighted how the financial sector can utilize comprehensive threat data to beef up their defenses against sophisticated cybercrime groups such as Lazarus. It described as “the infamous cyber gang allegedly behind the multi-million dollars Bangladesh Bank Heist.”
Lazarus cyber threat group
In a previous report, Kaspersky has since revealed that malware samples relating to Lazarus group activity appeared in financial institutions, casinos software developers for investment companies, and crypto-currency businesses. The cybersecurity firm discovered their activities in several countries globally, including Indonesia, Malaysia, Thailand, and Vietnam, among others.
There are lessons in past events, as Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky, pointed out.
“The past offers us warnings which we must heed to be able to build a safer today. This applies to the financial sector and all other organizations especially when it comes to cybersecurity.
“More than four years after the world has witnessed one of the most successful cyber heist to date, it is essential for banks and related institutions in Southeast Asia to understand how they can leverage on threat intelligence to foil any sophisticated attempts against their systems.”
“For instance, our cybersecurity researchers have been monitoring the Lazarus group closely for years. Through this intelligence, our solutions can detect the possible malware they may use suppose they try to get into a banking system. We can block them, analyze the malicious file, and alert the organization’s IT team on which tactics and techniques to look out for based on the group’s previous attack behavior, saving possible multi-million losses financially and professionally.”
Human factor in cybersecurity vital
The $81 million cyber heist also resulted to multiple lawsuits, reputation losses, billions of fine, one indictment and arrest, and several top bank officials’ resignations and even terminations.
Aside from threat intelligence, Kaspersky also noted the importance of human factor when it comes to securing financial systems. The global cybersecurity cited a report which proved that the cyber heist started with a series of spear phishing emails, one was unfortunately clicked by an unsuspecting bank employee.
Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer.
The threat of phishing and spear-phishing remains present as Kaspersky’s network has detected 40,511,257 during the first five months of 2020, globally.
To improve banks’ and financial organizations’ cyber defenses, experts in Kaspersky suggest the following:
- Integrate Threat Intelligence into your SIEM and security controls in order to access the most relevant and up-to-date threat data.
- Conduct regular security training sessions for staff, ideally a personalized one like Kaspersky Adaptive Online Training (KAOT) which uses a cognitive-driven approach, taking into account the abilities and needs of each and every learner.
- Use traffic monitoring software – like Kaspersky Anti Targeted Attack Platform (KATA).
- Install the latest updates and patches for all of the software you use.
- Forbid the installation of programs from unknown sources.Perform regular security audit of an organization’s IT infrastructure
- For endpoint level detection, investigation and timely remediation of incidents, implement EDR solutions such as Kaspersky Endpoint Detection and Response which can catch even unknown banking malware. (Kaspersky)