Pages

23 August 2018

FBI Issues Warning About The Potential For A Global ATM ‘Cash-Out’

By Cyber Thieves
Source Link

The FBI this morning/August 17, 2018, issued an alert, warning banks of “an imminent threat to their ATM-cash-machines,” which could allow cyber thieves to fraudulently withdraw cash in a global ‘black Friday,’ for the darker digital angels of our nature. According to Yahoo News, the FBI issued a confidential alert, warning international banks that criminals are plotting a concerted, global malware attack on ATM cash machines in the next few days.” The FBI warned about a “highly choreographed [cyber] fraud scheme known as “jackpotting,” in which cyber thieves hack a bank, or payment card processor; and, use cloned cards at cash machines around the world,” to fraudulently steal millions of dollars with the click of a mouse. 

Charles Henderson, who is the Global Head of IBM’s Elite, X-Force Red, an internal hacking/testing/wargamming laboratory that works with corporations on cyber security concerns, was interviewed on CNBC’s Squawk Box this morning about this new FBI warning. When asked “How would this really work?,” Mr. Henderson replied that “there are really two factors in this attack that are really important. The first,” he said, cyber thieves “are getting both aggregation of personal account data and pins, so that they are able to do the attack at scale. The second factor, and this is really key,” Mr. Henderson said, “is the raising of the daily withdrawal limit on those accounts — so, they’re getting a ‘higher return on investment — per attack. Cyber criminals are running a business, he said, albeit fraudulent. And, just like any business, they are always looking at ways to maximize their profit, or return on investment per action/operation.

“Is my account at risk?” Mr. Henderson was asked by one of the Squawk Box commentators. Any connected account, anywhere in the world is of course — vulnerable to a clever/sophisticated hacker, Mr. Henderson observed. Having said that, Mr. Henderson added that “most banks, especially Federally-Insured banks,” have a higher level of cyber security protection — making the compromise of your personal account less likely. And, even though you digital account may be at risk, your money is not — because it is backed up,” he said — at least to a high enough level for the overwhelming majority of us. 

Alas, as I have written many times, the Internet-of-Things is also the Internet-of-Threats, and the more digital exposure you have, the more digital vulnerabilities you incur. Obviously, the bigger financial institutions almost certainly have really good cyber security protocols in place, to mitigate this kind of Cyber Financial Black Swan. There are no digital silver bullets. But, not using these kinds of services is not practical. Therefore, one must always practice best cyber hygiene practices — i.e., use strong password protection, and regularly change your password, use a separate laptop/device that is solely dedicated for your web-based financial transactions…and nothing else; lower the level of the amount of money that can be withdrawn from your account on a daily basis; regularly check your account balance/s, and, consider purchasing services like LifeLock, etc., to provide an added layer of protection for your financial assets. RCP, fortunascorner.com

No comments:

Post a Comment