Altaf Halde, managing director (South Asia) Kaspersky Lab India, shared the following comments on the recent cyber security issues involving SBI ATMs.
“It is an ongoing investigation at the moment. However it’s important to note that when it comes to notifying victims and helping to mitigate the threat, Kaspersky Lab’s practice is to collaborate with local CERTs and law enforcement agencies,” said Altaf Halde.
Altaf Halde says effective public-private partnerships are absolutely essential in the fight against cybercrime to maintain global security. As we are seeing more and more sophisticated attacks – many of which have a global impact – partnerships and information exchange between cybersecurity companies and the private sector are becoming increasingly valuable.
Kaspersky Lab says it cannot confirm or deny breach at SBI. But usual “modus operandi” in such incidents with attacks against banks is – spearphishing email with malicious attachment. After initial infection the attackers uploads to the victim additional tools and started lateral movement inside banking internal network. It takes few weeks for them to gain access to bank servers and system administrators account. After that, they can make a money transfers – and cashing out via different ways – SWIFT transfers, from ATM, etc.
A few months ago, a research by Kaspersky Lab revealed the ATM machines’ outdated communication standard leaves them open to attack. ATMs can be easily hacked, malware can be installed & funds could be stolen. Almost any ATM in the world could be illegally accessed and jackpotted with or without the help of malware. The main reason for this is the widespread use of outdated and insecure software, mistakes in network configuration and a lack of physical security for critical parts of the ATM.
The results of the research shows that even though vendors are now trying to develop ATMs with strong security features, many banks are still using old insecure models. This makes them unprepared for criminals actively challenging the security of these devices. This is today’s reality that causes banks and their customers huge financial losses.
Many ATMs studied by Kaspersky were running Windows XP, which is no longer supported by Microsoft. This means their security isn’t up to date and malicious malware can be installed without too much effort.
Additionally, one of the key topics of Kaspersky Lab’s Cyber Security Weekend for Asia Pacific Countries that took place earlier this month in Indonesia was financial cyber security. The company’s experts and guests discussed financial threats that are currently on the rise globally and starting to penetrate the APAC region.