The global financial system is under attack

Show me the Money!

Roberto Martinez | Security Researcher

roberto.martinez@kaspersky.com @r0bertmart1nez

Kaspersky Global Research and Analysis Team | Latin America

Thank you!

Thank you!

Thank you!

Thank you!2.0 Attacks

APT-style bank robberies

The advance of

technology has

provided

criminals with

extra

opportunities

Thank you!Hackers could bring down the banks

Thank you!• Total Impact estimated: 1,200,000,000.00 MXN (Around 64 M

dollars)

• 1st Attack: 450 ATM’s, 4 different banks

• Licensing model: 24 hours per use

• Key moments: Good Weekend (Mexican Black Friday) and

February 14 (Valentine’s day)

• Banks started receiving “low flow” alerts

• New attacks on 2014 and 2015

Ploutus

Thank you!Green Dispenser

• Published 2015

• First attacks in 2014

• 1.02 million pesos/ U$ 304K stolen from 14 ATMs

• 1 Bank employee involved and arrested, with access to more

than 1.159 ATMs

• We found 1 new sample of Green Dispenser targeting Diebold

and Wincor ATMs

Thank you!No malware, no problem!

Thank you!Further Proof That Hacking Is Changing the World

Thank you!• 11.5 million confidential documents

• 4.8 million emails

• 3 million database format files

• 2.2 million PDF documents

• 1.1 million images

• More than 320,000 text documents

The data Leak

Thank you! Know what information is most valuable -- to you,

to your customers, to the public, and to attackers -- and

protect it accordingly.

Your data breach can have immediate, devastating

effects on customers.

The Importance of Having an Effective Incident

Response Team

Lessons learned

Thank you!Know your adversary!

• Social Engineering

• Insiders

• Intelligence

• Tech tools

Thank you!

Source: http://www.hackmageddon.com/2016/06/19/may-2016-cyber-attacks-statistics//

Thank you!Attackers Techniques

Thank you!xDedic – the shady world of hacked servers for sale

Thank you! Actors

Patterns

Geography

Timelines

Threat Intelligence

Thank you!

GARTNER ADAPTIVE SECURITY ARCHITECTURE

Thank you!GReAT: Elite Threats Research

• Global Research and Analysis Team since 2008

• Threat intelligence, leadership in innovation and research

• Approach: APTs, Critical Infrastructure Threats, Financial

Threats, sophisticated Targeted Attacks

Thank you!1/3

42

Our employeses workin R&D

world leading security experts: our elite group

Thank you!

Roberto Martinez

Security Researcher | Global Research and Analysis Team Mexico

@r0bertmart1nez roberto.martinez@kaspersky.com

¡Gracias!