Hackers stole more than 21 million rubles from a Russian bank

Image: Unsplash

Law enforcement agencies completed a preliminary investigation into the theft of 21.5 million rubles from one of the Russian banks. The unnamed financial institution is located in Yakutia. Its infrastructure, including ATMs, was attacked using a Trojan to gain remote access, the attackers converted the money into cryptocurrency and brought it abroad.
')

What happened

According to the Ministry of Internal Affairs, in July 2017, two criminals with accomplices with the help of malware received remote access to the bank’s systems and its ATMs and stole 21.5 million rubles.

Law enforcement officers detained two unemployed residents of Moscow. They are accused of the fact that in 2017, with the help of accomplices, they managed to hack the bank’s network and install malicious software on computers. As a result, they managed to attack the company's ATMs and steal tens of millions of rubles from them.

Statistics cyber attacks on the field of finance

Despite such news, according to statistics, the security situation in the financial sector is gradually improving. For example, in 2015, in its study , the Group-IB company told that in a year the criminals withdrew nearly 100 million rubles, or 400 thousand per day. At that time, there were about 70 attacks per day.

The Security Directorate of the Central Bank of the Russian Federation in June 2016 brought its statistics on attacks against financial institutions. According to these data, in 2015, more than 20 hacker attacks were committed on Russian banks.

According to the most recent statistics, FinCert - a division of the Central Bank on cyber security in the financial sector - from January to August 2018 targeted attacks on banks brought 76.5 million rubles to criminals. A year earlier, cybercriminal revenues amounted to 1.08 billion rubles, and this despite the increase in the total number of attacks (22 in 2018 against 20 last year).

According to FinCERT experts, the damage caused by hackers is reduced due to the successful counteraction to their work by the security services of financial companies and law enforcement agencies - for example, one of the leaders of the cyber grouping Cobalt, who stole 1.16 billion rubles from 240 Russian banks, ended up in prison. As a result, the criminals' earnings fell by almost 20 times.

Do hackers attack the stock market

Sometimes criminals succeed in carrying out a successful attack with serious consequences for companies engaged in exchange trading. For example, in 2015, hackers attacked Kazan Energobank with Trojan Corcow. With his help, they managed to seize control of the computer in the network of the bank on which the trading terminal was installed. This allowed criminals to make unauthorized operations on the purchase and sale of currency on the Moscow Stock Exchange. As a result of manipulations, in 15 minutes the ruble exchange rate fell by 15%, and the company lost 244 million.

Attack and end users of software for stock trading. According to a study of software security for trading on the stock exchange, in 61% of applications, an attacker can gain control over the personal account of the user of the trading terminal, and in 17% of applications, the displayed quotes and charts can be changed. In the first case, the hacker can perform unauthorized operations, and in the second, mislead the user and force him to take the wrong investment decision, leading to losses.

Brokerage hacking statistics are not publicly available. Moreover, in the case of attacks on stock exchanges or broker companies, it is extremely difficult for hackers to count on immediate earnings. Burglars can take advantage of the stolen information for dishonest trade, but this is already a rather complicated scheme, which not every attacker can do. Most cybercriminals prefer to follow the path of least resistance.

Moreover, thanks to the work of the Central Bank of the Russian Federation, the security system on the Russian stock exchanges is built quite well. In 2015, our own information security center was established here, actively exchanging information with banks and stock exchanges. In 2016, the Moscow Exchange fully switched to a new information architecture and updated equipment to minimize losses from technical failures.

In addition, the brokerage companies themselves are working on user security. For example, users of the SMARTx trading terminal from ITI Capital can activate a specialized risk management module. It allows you to set restrictions for violation of which - for example, a certain loss is achieved - the sending of new orders and the opening of new positions is prohibited.

Ultimately, the complexity of hacking and withdrawing brokerage systems makes cyber attacks in the field of stock trading not too profitable for cybercriminals.

At the same time, the main "vulnerability" of most systems are most often users, therefore, they are most often attacked. For example, if the number of cyber attacks on banks is a couple of dozen per year, then the number of cyber attacks on customers goes to thousands - in 2017, Sberbank recorded about 5 thousand attacks on its customers every week.

To prevent such attacks, users should use a “clean” computer for trading on the stock exchange, which is not normally used for web surfing. It is also worth using two-factor authentication for the login to your personal account on the broker's site, and not to transfer data for access to trading accounts to third parties.

- German Grigoryan, Head of DMA ITI Capital

Other materials on finance and stock market from ITI Capital :

• Western securities analysis tool
• Analytics and market reviews
• Purchase of shares of American companies from Russia
• Huawei overtook Apple in terms of sales. The capitalization of the American company still reached $ 1 trillion
• Analysts: Microsoft's capitalization could reach $ 1 trillion
• Mass media: large-scale cyber attacks accelerated the growth of capitalization of information security companies
• Bloomberg: Hedge Funds Recognize Brexit Results Before Others And Earn Billions