Kaspersky: Blame banks for $1b cyber robbery

According to security researchers at Kaspersky Lab, the banking malware known as Carbanak has continued to wreak havoc, as a growing network of cybercriminals aggressively adopt advanced persistent threat (APT)-style attacks, breaking through security defences with assaults, such as spear-phishing emails carrying malicious software.
They estimate that $1 billion has been stolen from financial institutions worldwide over the last two years. B  ut banks and other organisations must bear some of the blame for the success of the Carbanak malware in enabling criminal gangs to steal millions of dollars.

 Kaspersky Lab reports that the Carbanak malware continues to evolve and is one of a number of APTs used to attack banks and other companies.
However, by constantly leaking metadata with critical information on public facing websites and relying on outmoded perimeter security these organisations are handing power to the criminals.
Malicious exploits such as Carbanak that infect systems and render bank vaults defenceless are delivered by spear-phishing emails. Criminals have become astute at manipulating information gleaned from metadata leaked in banks’ outbound or website documents, using it to make these emails appear authentic, convincing employees to open files and infect the system.

Banks’ continued investment in outdated legacy security and underinvestment in innovative cyber security solutions means they are on the back foot while criminals become more numerous, sophisticated and audacious.
They neglect solutions that can now lead to 100 per cent effectiveness against the most common form of threat, which currently comes from documents within email attachments.
Banks need to re-evaluate their current protocols and create policy that only allows the “known good” inside their organisation when an in-bound document arrives, rather than current approaches which are focused on finding and stopping the “known bad”.  The speed at which these criminals are innovating means banks will always be one-step behind if focusing on known common threats.
Kaspersky Lab says file regeneration solutions now available allow only completely clean versions of files into a firm’s system, by recognising only what the manufacturer’s standard lays down and rebuilding it inside an organisation in real time.
Assessing the risk presented by files and mapping that against how the business uses files enables policy and standards to be built that eliminates risk yet delivers business continuity.
The end goal for all banks is to have trust in their security so that their employees do not have to be frightened of clicking on links, downloading documents and opening emails in their day to day jobs. But under the current barrage of attacks and the poor trust in existing security systems, banks simply can’t contemplate this. It’s time for this to change.