New research has revealed a sophisticated group of cyber criminals managed to steal $1 billion (£650 million) from 100 financial institutions across the world over the past two years.
The theft has been discovered through a combined effort from Kaspersky Lab, Interpol, Europol and authorities from a number of nations. They have reported that the criminals behind the activity are part of the Carbanak criminal gang, which has members in Russia, Ukraine and other parts of Europe, as well as China.
According to Kaspersky Lab, it is thought the hackers managed to gain access to banks’ networks, stealing up to $10 million in each raid. It took an average of between two to four months for each hack to be completed.
The Carbanak gang were able to infiltrate their victims’ systems through spear phishing, which infected the target with malware. This allowed them to carry out video surveillance on administrator’s computers. By recording the actions of these users, the hackers were able to mimic them and transfer funds unnoticed.
Sergey Golovanov, principal security researcher at Kaspersky Lab’s global research and analysis team, described the theft as a “very slick and professional cyber-robbery”.
Sanjay Virmani, director of the Interpol digital crime centre, added: “These attacks again underline the fact that criminals will exploit any vulnerability in any system. It also highlights the fact that no sector can consider itself immune to attack and must constantly address their security procedures.”
While the primary goal of the Carbanak gang appears to have been to steal money from their victims, it is likely they also gained access to sensitive data that may well have been stolen too.
Hackers also have the potential to destroy any data they encounter and this makes it vital for organisations to protect their information rigorously and be able to recover anything should it be lost.
Despite the numerous benefits of virtualised IT, expert data recovery is a recommended part of a wider disaster recovery plan.