Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India

Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

- 1513114757 2882 - Cosmos Bank hit by Rs 940 mn cyber hack; probe finds Hong Kong as source –

Credits: Business Standard

Cybercriminals have stolen Rs 940 from  Bank, after attacking the server at its headquarters in Pune on August 11 and 13. According to the FIR filed by the bank’s management at the Chatushrungi police station at 1 am on Tuesday, the exploited malware vulnerability in its automated teller machine (ATM) switch system.

A senior officer of Pune  police said the money trail had taken them initially to an account of ALM Trading at Hang Seng Bank in Hong Kong. Preliminary investigations revealed that the money had been withdrawn from ATMs in 28 countries.

Cosmos is one of the oldest cooperative  in the country, established in 1906.

The investigation being conducted by the cyber cell of Pune police will get technical support from the Maharashtra Computer Emergency Response Team, which is also conducting a parallel probe.

According to sources, hackers transferred Rs 805 million from bank accounts at Cosmos Bank to a foreign bank in 14,849 separate transactions through debit cards. Then, they conducted another attack to steal Rs 139 million through the SWIFT network.

The bank’s VISA and RuPay debit card systems, supported by the National Payments Corporation of India, were also compromised. The personal and financial information of about 500 customers was stolen. Police officers said this number could rise. The bank has shut down its internet banking operations and website.

The police officer said, “Based on the transactions, the origin of the attack is Hong Kong. We are studying the malware to see where else it could have been introduced and which institution might be attacked next.”

said banks needed to be better prepared to deal with such malware campaigns. “Malwares used in cyberattacks now are fairly advanced and have the ability to suppress alerts. Banks need to have end-to-end cyber to prevent such attacks,” said Siddharth Vishwanath, partner and cybersecurity advisory leader at PwC India.

He added that larger banks had a more elaborate cybersecurity, but smaller, cooperative banks did not.

The Reserve Bank of India (RBI) has instituted a clear cybersecurity framework for financial institutions. A quick look shows this is addressed only to scheduled commercial banks (and rural banks), non-banking financial companies, small finance banks and payments banks. There is no specific cyber-security guideline for cooperative banks.

For instance, the guidelines call for all commercial banks to have a board-approved cyber-security policy. A chief information security officer should be appointed to the board and a clear cyber crisis management plan should be put in place, in addition to information and data security.

Experts, both in the private sector and in the police, said it would usually take between one to three weeks to conduct a thorough analysis of the attack to understand how it was done. However, even after identifying the and origin of the attack, the legal proceedings were extremely difficult, time-consuming, and involved other jurisdictions.

In March 2017, Quick Heal Technologies notified bank management of the vulnerability on its website. In its report, Quick Heal said banks must update their “Windows Operating Systems with the latest security patches and use security solutions.”

Most cyberattacks or hacks take place because of the lax attitude from institutions when it comes to ensuring their computer networks are secured and are updated with the latest operating systems and security protocols.

PwC’s Vishwanath said while an information technology or security audit was required across the cooperative banking industry that was only a step in addressing the larger problem of a fundamental under-investment in cybersecurity solutions.

- logo16 - Cosmos Bank hit by Rs 940 mn cyber hack; probe finds Hong Kong as source –

www.extremehacking.org

Sadik Shaikh | Cyber Suraksha Abhiyan, Ethical Hacking Training Institute, CEHv10,CHFI,ECSAv10,CAST,ENSA, CCNA, CCNA SECURITY,MCITP,RHCE,CHECKPOINT, ASA FIREWALL,VMWARE,CLOUD,ANDROID,IPHONE,NETWORKING HARDWARE,TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking,Center For Advanced Security Training in India, ceh v10 course in Pune-India, ceh certification in pune-India, ceh v10 training in Pune-India, Ethical Hacking Course in Pune-India



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here