Saturday, April 13, 2024
HomeSECURITYHackers robbed bank customers for 4.5 billion rubles in the first three...

Hackers robbed bank customers for 4.5 billion rubles in the first three months of 2023


Hackers robbed bank customers for 4.5 billion rubles in the first three months of 2023

The Bank of Russia reported 2.7 million transactions without the consent of the client, of which 252.1 thousand were successful for attackers.

According to report Bank of Russia, in the first quarter of 2023, credit institutions prevented the theft of funds in the amount of 712 billion rubles, reflecting 2.7 million transactions without the consent of the client. 252.1 thousand attacks were successful, as a result of which 4.5 billion rubles were stolen. Most of the victims were individuals who lost money in 251.5 thousand cases. Corporate clients of banks were subjected to 655 attacks, while credit organizations themselves were not affected by the actions of hackers.

How reported in the Bank to Kommersant, in 2022 the number DDoS-attacks on the infrastructure of credit institutions increased significantly, but banks were able to cope with them thanks to effective interaction with the regulator and other departments. However, such attacks still pose a threat to the stability of the banking system, especially if carried out by politically motivated hacktivists.

According to Servicepipe, a company specializing in protection against DDoS attacks, the number of such attacks in the first quarter of 2023 decreased by 15-20% compared to last year. However, already in 2023, cases of unavailability of the services of the largest players due to DDoS attacks were recorded.

Another type of cyber incident that is relevant for credit institutions is SMS bombing. This is an attack in which attackers request the sending of a large number of SMS on behalf of bank customers, for example, to enter Internet banking. As a result of such activity, banks’ expenses for SMS payments may increase three to five times. The purpose of such attacks is to cause financial damage to banks or discredit their reputation.

However, the most common way to attack bank customers is to social engineering, that is, the manipulation of human emotions and trust. According to the Bank of Russia, such attacks account for more than half of incidents. The number of cases where malicious software is used by attackers (hackers traditionally use it when attacking banks) has decreased by 16% since last year. In absolute terms, this is 75 times per quarter, which is 0.03% of the total volume of attacks.

Experts emphasize that credit institutions should not relax and must constantly improve their level of cybersecurity. Hackers have not lost interest in attacks on banks, as this is one of the most profitable types of cybercrime. In order to carry out successful attacks on the systems of financial institutions and obtain financial benefits, attackers need to be very highly qualified and have a deep understanding of the internal business processes of such companies.

The growing security of credit institutions is forcing hackers to change tactics. The Bank of Russia believes that cybercriminals have already switched from complex attacks using different tactics and techniques to attacks related to the exploitation of vulnerabilities in software used by organizations.

According to experts, in 2023 the trend of attacks by bank counterparties will also continue in order to penetrate the bank through them. The Central Bank also records attacks on a third party. Also, experts consider one of the main threats to credit institutions – attacks through financial applications that are integrated into ecosystems. In addition, attackers can create fake versions of online banks in app stores and false pages on social networks.

Attacks by internal intruders are also relevant for credit institutions – in 2023, many requests from companies were related to incidents in their internal infrastructure, including personal data leaks.

It is noted that in 2023, mobile devices of banking customers are likely to be hacked using remote access, as well as being able to set up SMS and call forwarding. Access to device management is achieved through social engineering, phishing, and malicious applications. Attacks through the SBP will not lose their relevance, when attackers forge QR codes or links to pay for purchases.

Source link


Please enter your comment!
Please enter your name here

Most Popular