16
Feb
2015

International Hacking Group Steals $300 Million – Global Digital Banking System Not Secure

– Sophisticated “Ocean’s 11” style heist is one of the largest in history

– Hackers remotely accessed bank computers to manipulate accounts and A.T.M.s.

– Banking groups make no comment

– Details expose incredible systemic vulnerability

An international group of cyber criminals have stolen at least $300,000,000 from over 100 banking and financial institutions in 30 different countries across the world – in a heist that has been described as “much more ‘Ocean’s 11′” than “Bonnie and Clyde” by the company investigating the theft.

Banks in Switzerland, the US, Japan, the Netherlands and particularly Russia were targeted in the past two years.

Sergey Golovanov of Kaspersky Lab (New York Times)

Sergey Golovanov of Kaspersky Lab (New York Times)

An investigation into the attacks – which was conducted by Kaspersky Lab, a Russian cyber-security company – began following an incident in Kiev where an A.T.M. started issuing cash spontaneously in 2013.

Kaspersky Lab found the bank’s security system to be drastically compromised when employees opened e-mails purporting to come from their colleagues. The New York Times reports,

“The bank’s internal computers, used by employees who process daily transfers and conduct bookkeeping, had been penetrated by malware that allowed cybercriminals to record their every move.”

“The malicious software lurked for months, sending back video feeds and images that told a criminal group — including Russians, Chinese and Europeans — how the bank conducted its daily routines, according to the investigators.”

The investigation uncovered – though it could not identify – a global network of cyber-criminals using false bank accounts at JP Morgan Chase in the US and Agricultural Bank of China. The figure of $300 million is a conservative estimate and Kaspersky Lab speculate that the true figure may be closer to $900 million.

The malware “allowed the hackers to crawl across a bank’s network until they found employees who administered the cash transfer systems or remotely connected A.T.M.s.”

“The goal was to mimic their activities,” the NYT reports a Kaspersky lab investigator as saying. “That way, everything would look like a normal, everyday transaction,”

Therefore – because no individual “transaction” ever exceeded $10 million and because they were executed from within the target bank’s own system – they went undetected for two years.

No banks have admitted being subject to an attack. The American Bankers Association made no comment on the issue. The New York Times speculates that this is because the attacks are ongoing despite banks being aware of the problem.

The attacks demonstrate a shocking vulnerability in the highly interconnected global banking system. The Kaspersky Lab report gives a fascinating insight into the hackers operation.

“In some cases, they used online banking systems to transfer money to their accounts. In other cases, they ordered the banks’ A.T.M.s to dispense cash to terminals where one of their associates would be waiting.”

“But the largest sums were stolen by hacking into a bank’s accounting systems and briefly manipulating account balances. Using the access gained by impersonating the banking officers, the criminals first would inflate a balance — for example, an account with $1,000 would be altered to show $10,000. Then $9,000 would be transferred outside the bank. The actual account holder would not suspect a problem, and it would take the bank some time to figure out what had happened.”

The investigators have ruled out the involvement of any governments in the scam insisting that it was conducted by an international criminal gang. In this instance the motivation appears to have been simply profit.

However, if a criminal gang can infiltrate the banking system so easily for monetary gain it is very likely that governments hostile to the West could do the same for strategic advantage.

Using the same methodology it is likely that government hackers could devise any number of strategies to manipulate or even collapse the banking system should it prove advantageous. For example, it could orchestrate bank runs.

In previous articles we have covered how many governments are involved in cyber warfare. The US, Russia, Israel and Iran have a track record of attempting to sabotage their rivals with cyber-attacks.

The Western banking system is bloated with debt and very sensitive to shocks. At the same time the biggest rivals to the West, Russia and China, are accumulating gold bullion in astounding volumes.

Certainly if the cold war were to get much hotter it would be in their interest to collapse the western banking system – and with it the bank deposits of ordinary citizens – in a bid to overthrow the dollar with tangible, gold-backed currencies.

The Russians would feel completely justified in so doing given that Russia views itself as a victim of economic warfare instigated by the West.

Owning gold is a hedge against currency collapse. We advocate owning gold in good times and bad not with a view to making profit – though this is possible – but as protection against economic crises. It is essential to own some physical gold held in safe locations outside of the banking system.

 

MARKET UPDATE

Today’s AM fix was USD 1,233.50, EUR 1,081.12 and GBP 801.91 per ounce.
Friday’s AM fix was USD 1,225.75, EUR 1,073.10 and GBP 795.84 per ounce.

Gold rose 0.53 percent or $6.50 and closed at $1,228.50 an ounce Friday, while silver surged 2.55 percent or $0.43 closing at $17.29 an ounce. Gold finished down 0.58% for the week while silver finished strong up 3.22%.

The U.S. has a national holiday today.

Gold racked up its third session of gains Monday as safe haven demand increased ahead of Greece’s talks on the heels of a weaker dollar. In Brussels today, eurozone finance ministers meet Greek delegates again to renegotiate the terms of its 240-billion-euro bailout, as the February 28 deadline nears.

German Finance Minister Wolfgang Schaeuble’s interview with Deutschland radio noted that he was skeptical about reaching a bail-out agreement with Greece.

“From what I’ve heard about the technical discussions at the weekend, I’m very skeptical,” said Schaeuble, whose country is the biggest contributor to Greece’s 240 billion-euro ($274 billion) twin bailouts and the chief advocate of economic reforms in return for financial aid. “But we’ll get a report today and then we’ll see.”

His comments sent Greek stocks and bonds tumbling.

The cease-fire negotiated in the Ukraine is not being implemented in Debaltseve.

Chinese demand from the Shanghai Gold Exchange is being watched before China takes its week long Lunar New Year holiday beginning Wednesday.

In late London trading gold is at $1,233.83 per ounce up 0.37%, silver is $17.35 per ounce up 0.09% and platinum is $1,209.80 per ounce up 0.62%.

 

GoldCore Research

  • Abhishek singh

    i like this guy