Cyberhack Steals $31 Million in Assets

Hackers stole 2 billion rubles, about $31 million in U.S. dollars, from the Russian Central Bank last week. They fell short of their targeted goal of about 5 billion rubles ($78 million dollars), but still enough for a good haul. Such big heists provide additional financial assets for attackers to acquire more resources for future attacks.

Image for post
Image for post

Although few details are being shared at this time, there is unconfirmed speculation this attack leveraged falsified client credentials. Bank officials were able to intervene and limit the losses. However, the thieves may have also targeted private banks as part of this digital robbery. The Russian federal security service (FSB) indicated that servers located in the Netherlands were acting as command and control centers for the attack and belong to a Ukrainian hosting company. The location of servers participating in such attacks don’t necessarily mean that country was involved. Hackers typically use servers from all over the globe in their attacks, in efforts to keep their identity secret.

Motives are still unknown. The FSB made it clear they are worried this may be part of a larger coordinated attack intending to destabilize Russia’s financial system. Others speculate it may be part of a team operating out of North Korea that is trying to bring down global banking systems. Nobody know for sure just yet.

Banks are great targets and many of their systems are not holding up well against well-funded and sophisticated attackers. Recent attacks against the SWIFT network highlighted weaknesses to the tune of $81 million dollars in February, when a Bangladesh bank suffered losses. Some of that money was later traced to casinos in the Philippines.

In June, the International Monetary Fund (IMF) released a report which highlighted the risks to the stability of entire financial sectors:

Image for post
Image for post
Excerpt from IMF report on the Financial System Stability Assessment of the U.K.

Attackers are bold in the size of heists they are attempting. For the average cybercriminal, banks are an appealing target for one simple reason: they have lots of money which can be stolen by digital means. At this scale, nation-state actors can undermine economies and embarrass political leaders as part of a strategic campaign against their adversaries. Overall, there is no shortage of threats and risks.

Image for post
Image for post

It is a safe bet banks will continue to be targeted, security measures will attempt to close gaps, and law enforcement agencies will step-up their activities to track and prosecute offenders. This game continues to be hyper-active.

Interested in more? Follow me on Twitter (@Matt_Rosenquist), Steemit, and LinkedIn to hear insights and what is going on in cybersecurity.

Written by

Cybersecurity Strategist and CISO specializing in the evolution of threats, opportunities, and risks in pursuit of optimal security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store