20.07.2016, 16:15
Bank of Russia’s FinCERT: First Year of Operation
OREANDA-NEWS. The Bank of Russia publishes today the first final report of FinCERT, its centre for dealing with computer attacks in the financial sector – the establishment set up one year ago to champion cyber crime prevention.
‘Criminal money-stealing schemes are increasingly sophisticated. Swindlers are quick in improving their methods, and the relevant technologies receive upgrades’, notes Artem Sychev, Deputy Head of the Main Office of Security and Information Protection, Bank of Russia. ‘In this context, FinCERT enables productive exchange of information between regulators and market participants so they are aware of any potential computer attacks in the financial sector, as well as any threats to information security and software vulnerabilities’.
FinCERT’s final report summarises data on the commonest cyber fraud schemes and malefactor counteraction techniques, providing recommendations on vigilance to counter swindlers.
Bulk mailing of infected messages currently tops all bank attacks. In particular, frequent are messages sent out allegedly on behalf of the Bank of Russia and FinCERT. According to the report, the most part of successful bank attacks is attributed to the human factor – when careless employees were opening emails of suspicious origin. In doing so, they knowingly bypassed protection tools by disabling the relevant settings, in a way that enabled a malware download into the bank system.
Between June 2015 and May 2016, FinCERT recorded 20+ major cyber attacks on banks’ payment systems. The wrongdoers attempted to steal a total of 2.87 billion rubles. Working in concert with banks and law enforcement agencies, FinCERT acted to successfully prevent a theft of over 1.5 billion rubles. The fact-finding actions resulted in 12 criminal investigations initiated and several criminal groups rendered harmless.
To deceive individuals, cyber criminals will often use phishing sites (spoof websites). These sites offer products or services on behalf of a business or a state agency (offering a check on traffic penalties, online loan applications, etc.) so that the criminals could steal money or the online user’s personal data. FinCERT was instrumental in the blocking, in the course of the year, of approximately 120 phishing RU domains. Each month, FinCERT detects and initiates closure proceedings against 25–30 phishing sites.
The list of most prevalent fraud methods includes mass texting on behalf of the Central Bank or a credit institution (especially common are sms-messages with the use of 8-800 numbers). The call to the number specified in the message is taken by swindlers collecting information on citizens: their surname, name, patronymic, address, bank card number, PIN code, CVV code, etc. They subsequently use the information to steal money form households or sell it to other wrongdoers.
Between the second half of 2015 and first half of 2016, FinCERT saw malefactors increasingly interested in self-service devices, such as ATMs and POS terminals. Based on FinCERT information exchange participants’ data, as many as 100 million rubles were stolen via these devices in the past 8 months. Also, cyber attacks targets include remote banking systems.
Speaking on the outcome of the first year of FinCERT operation, Artem Sychev stated that FinCERT had delivered on its high priority goal of building credibility in the financial community. This is confirmed by today’s wide range of information exchange participants which number more than 300 organisations and include 275 banks, various state agencies (including the Ministry of Internal Affairs and the Federal Security Service), many investment companies, banking software developers, telecom operators, antivirus software providers, etc.
Potential information exchange participants are welcome to go to the Bank of Russia website for more information.
As a next step in the campaign against financial cyber crimes, the Bank of Russia, jointly with the RF Ministry of Finance, initiates several amendments to federal laws. This move seeks to establish an environment that rules out any money withdrawal without the legal holder’s knowledge.
The new most impactful legislative initiatives include a legislative framework for the bank’s right to suspend a money transfer if its conduct suggests the absence of the payer’s consent. Also, the procedure is detailed for the bank’s actions once the evidence is established to the conduct of a transfer without the payer's consent, as well as the refund procedure in case of such unauthorised transfers.
The draft law is currently under public discussions, to be submitted for consideration of the RF State Duma in its autumn session.
‘Criminal money-stealing schemes are increasingly sophisticated. Swindlers are quick in improving their methods, and the relevant technologies receive upgrades’, notes Artem Sychev, Deputy Head of the Main Office of Security and Information Protection, Bank of Russia. ‘In this context, FinCERT enables productive exchange of information between regulators and market participants so they are aware of any potential computer attacks in the financial sector, as well as any threats to information security and software vulnerabilities’.
FinCERT’s final report summarises data on the commonest cyber fraud schemes and malefactor counteraction techniques, providing recommendations on vigilance to counter swindlers.
Bulk mailing of infected messages currently tops all bank attacks. In particular, frequent are messages sent out allegedly on behalf of the Bank of Russia and FinCERT. According to the report, the most part of successful bank attacks is attributed to the human factor – when careless employees were opening emails of suspicious origin. In doing so, they knowingly bypassed protection tools by disabling the relevant settings, in a way that enabled a malware download into the bank system.
Between June 2015 and May 2016, FinCERT recorded 20+ major cyber attacks on banks’ payment systems. The wrongdoers attempted to steal a total of 2.87 billion rubles. Working in concert with banks and law enforcement agencies, FinCERT acted to successfully prevent a theft of over 1.5 billion rubles. The fact-finding actions resulted in 12 criminal investigations initiated and several criminal groups rendered harmless.
To deceive individuals, cyber criminals will often use phishing sites (spoof websites). These sites offer products or services on behalf of a business or a state agency (offering a check on traffic penalties, online loan applications, etc.) so that the criminals could steal money or the online user’s personal data. FinCERT was instrumental in the blocking, in the course of the year, of approximately 120 phishing RU domains. Each month, FinCERT detects and initiates closure proceedings against 25–30 phishing sites.
The list of most prevalent fraud methods includes mass texting on behalf of the Central Bank or a credit institution (especially common are sms-messages with the use of 8-800 numbers). The call to the number specified in the message is taken by swindlers collecting information on citizens: their surname, name, patronymic, address, bank card number, PIN code, CVV code, etc. They subsequently use the information to steal money form households or sell it to other wrongdoers.
Between the second half of 2015 and first half of 2016, FinCERT saw malefactors increasingly interested in self-service devices, such as ATMs and POS terminals. Based on FinCERT information exchange participants’ data, as many as 100 million rubles were stolen via these devices in the past 8 months. Also, cyber attacks targets include remote banking systems.
Speaking on the outcome of the first year of FinCERT operation, Artem Sychev stated that FinCERT had delivered on its high priority goal of building credibility in the financial community. This is confirmed by today’s wide range of information exchange participants which number more than 300 organisations and include 275 banks, various state agencies (including the Ministry of Internal Affairs and the Federal Security Service), many investment companies, banking software developers, telecom operators, antivirus software providers, etc.
Potential information exchange participants are welcome to go to the Bank of Russia website for more information.
As a next step in the campaign against financial cyber crimes, the Bank of Russia, jointly with the RF Ministry of Finance, initiates several amendments to federal laws. This move seeks to establish an environment that rules out any money withdrawal without the legal holder’s knowledge.
The new most impactful legislative initiatives include a legislative framework for the bank’s right to suspend a money transfer if its conduct suggests the absence of the payer’s consent. Also, the procedure is detailed for the bank’s actions once the evidence is established to the conduct of a transfer without the payer's consent, as well as the refund procedure in case of such unauthorised transfers.
The draft law is currently under public discussions, to be submitted for consideration of the RF State Duma in its autumn session.
Комментарии