Anatomy of a cyberattack
In the second of a series of three articles focusing on fraud, we look at the steps taken by fraudsters to perpetrate a cyberattack.
Cybercrime is big business. The global impact now exceeds $450 billion a year as crime, extortion, blackmail and fraud move online.
And as technology becomes more sophisticated, so do hackers and the tools they use to get their hands on sensitive data. Criminals are targeting the systems and operating software of businesses, governments and key infrastructure in a coordinated and systematic manner.
The financial services industry is a routine target for cyber criminals, more so than any other. Over the past few years, we’ve seen a rise in cyberattacks and data breaches, as cyber criminals successfully infiltrate companies using everything in their toolkits - from malware and ransomware to social engineering tactics.
There has been a 1,700% increase in cyberattacks reported to the FCA since 2014.
Source: Financial Conduct Authority
Banks under attack
There have been numerous attempted cyberattacks aimed at manipulating bank payment systems - often with a similar modus operandi. These attacks are followed by compromises of the bank systems over a period of many months, allowing attackers to become familiar with the bank security defences and best cash-out channels.
Cyber criminals seek to corrupt the local environment and payment processes of financial institutions by obtaining valid operator credentials and injecting fraudulent transactions directly into back-office systems. This compromises the back office itself and defeats the very business controls that would ordinarily prevent fraudulent activity.
What is the modus operandi of a cyberattack?
Cyber attackers don’t want you to understand what they’re doing. The less you know, the more opportunity they have to fraudulently extract funds from your organisation. A skilled and determined cyber criminal can use multiple entry points to navigate around defences, breach your network in minutes and evade detection for months.
This is how they do it.
- Cyber Security
5 ways you could fall prey to payments fraud
- Cyber Security
SWIFT report shares insights into evolving cyber threats
Combatting cyber fraud in Asia-Pacific
Protecting your payment operations against fraudulent attacks.