Cyberattacks against Treasury Operations and Corporate ...

Cyberattacks against Treasury

Operations and Corporate

Enterprise Systems

William B. Nelson

President & CEO

FS-ISAC

September 20, 2017

September 20, 2017 — FS-ISAC Confidential2

Agenda Today

• Threat Landscape

• Countermeasures

• Recent Developments

• FS-ISAC Background

• Conclusions

• Appendix: Threat Profiles and Risk

Mitigation


Cybercrime Evolution

DILBERT 2005 Scott Adams. Used By permission of UNIVERSAL UCLICK. All rights reserved.


Malcode Infection Techniques

• Phishing – Widespread email – lots of victims, click on links or attachments

• Spearphishing – Targeted email, click on links or attachments.

• Drive by Download – Unintentional download of malware from an infected reputable site, merely by visiting a page.

• Malvertising – download of malicious software through an infected web ad

• Exploits of Software Vulnerabilities–turn a system flaw into a viable method to attack or breach a system.

• Updates to Software or Security Systems–either from an exploited legitimate vendor a pop-up from a spoofed vendor update.

TLP Green


Internet Crime: exploiting the www to link

suppliers and users

• Online libraries and advertisements

of stolen data

• Education on how to launch

spamming, phishing, and key

logging attacks

• Advertisements for partners for

complex fraud schemes

• Recruitment

• Detailed info sharing on technical

vulnerabilities of software and

specific financial institutions and

their service providersSOURCE: M-CAT Enterprises, LLC

Source: Trend Micro (Prototype Nation, The Chinese Cybercriminal Underground in 2015)6

Cyber Crime Services

Services Details 2013 Price 2015 Price

Email spamming 20,000 email addresses US $161 US $47

50,000 email addresses US $323 US $95

Hacking Personal email accounts US $48 US $47

Corporate email accounts US $81 US $95

Programming Trojans US $323 – 8,075 US $315 – 7,878

Security software

checking

Makes sure malware are not

detected by security software

US $13 – 19 US $13 – 19

SMS spamming 10,000 text messages US $126

100,000 text messages US $945


Establishing a Foothold at a Bank or

At a Bank’s Customers

Cyber Criminal

Compromised Web Site

Targeting of organization and

vulnerability assessment

Bank Employee

www.hackedsite.com

Tainted email sent to bank employee

Bank employee clicks on link to

compromised web site, remote admin tool

installed

Additional tools uploaded

Using credentials gained, cyber criminal

works to establish additional foothold to

access network – administrator credentials

compromised

Administrator


Administrator

Administrator Access--

Wire or ACH $ out of Bank

Logon to ACH or Wire System as

Administrator

Bank Employee

Malware to turn off ACH or wire access

controls and system alerts

Cyber Criminal


Administrator

Turning off System Controls--

Allow Wires or ACH to Money Mules

Bank Employee

$ wired to Mule for cash out

Money Mule


BEC – Business Executive Scam

• The e-mail accounts of high-level business executives (CEO, CFO, etc.) are compromised.

• Or, email comes from exec email that looks similar but is not correct, e.g.– “.co” instead of “.com”

• A request for a wire to employee who is responsible for processing payments (Accounts Payable).

• In some instances, a request for a wire transfer from the compromised account is sent directly to the financial institution with instructions to urgently send funds to bank “X” for reason “Y.”


BEC Fraudulent Payment

• A business is asked to wire funds for

invoice payment to an alternate,

fraudulent account

• The request may be made via

telephone, facsimile or e-mail:

If an e-mail is received, the subject

will spoof the e-mail request so it

appears very similar to a legitimate

account and would take very close

scrutiny to determine it was

fraudulent

If a facsimile or telephone call is

received, it will closely mimic a

legitimate requestODFI RDFI

FED ACH or TCH

[email protected]

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwjQ-v3InJ_TAhWsy4MKHVZIAfUQjRwIBw&url=http://endofamerica.com/&bvm=bv.152180690,d.cGw&psig=AFQjCNGAL6NS8s3pgr1AO41akEfMBpK03w&ust=1492096929042351


Mid-sized Belgian bank loses

$75 million to BEC Scammers

• Mid-sized Belgian bank targeted in January 2016, losing over 70

million euros (around $75.8 million).

• Theft perpetrated by cybercriminals and discovered by internal

audit.

• Belgian newspapers report the bank was a victim of CEO fraud (or

BEC scam – Business Email Compromise).

• The BEC order usually comes with a reason why it should be

executed immediately and kept quiet from other employees in the

department and organization.

• FS-ISAC, law enforcement, and security companies around the

world have been warning businesses about BEC scams for over

three years, but companies and some FIs are still falling for it.

Source: Help Net Security, posted 1/26/2016


Risk Mitigation from

Malcode Infection

Techniques

TLP Green


Human Phishing Defense Systems

• Simulated real-life phishing

messages sent to employees.

• Click on link or attachment based

messages.

• Personalized social engineering

based on knowledge gained of

employee and position.

• Employees tested to detect actual

phishing messages.

• Training opportunity to increase

staff awareness of cyber security

and risk prevention.


Email Filtering

• System to filter all incoming emails

so malicious emails are blocked

and are not received by employees.

• Information received from threat

intel providers, information sharing

organizations such as FS-ISAC.

• Emails blocked based on the

following information:

• Attacking IP addresses

• Email subject lines

• URL links

• Executable file names


Drive by Download

TLP Green


Drive By Download Defenses

• Staff training to not click on links

and to not surf on company

computers.

• Restrict device access to the

Internet.

• Sandboxing of critical systems on

the corporate network, ex.,

payment systems.

• Whitelisting of safe websites.

18 September 20, 2017 — FS-ISAC Confidential. © 2016 FS-ISAC18

WannaCry Ransomware Attacks

• Exploit of file-sharing vulnerability in

Windows

• Uses TCP port 445 to scan for victims

• Connects to vulnerable machines,

downloads and installs ransomware.

• Microsoft patched this flaw in March 2017

so only systems that were not patched

were infected with the malware.

TLP Green


WannaCry Ransomware Attacks

• Recommendation:

– Keep systems patched and updated.

– Ensure SMB ports are locked down from

externally accessible hosts.

TLP Green


Detection, Prevention and

Response

Countermeasures

TLP Green


Malcode Infection Countermeasures

• Desktop machines and web servers

updated with security patches and

anti-virus software.

• Intrusion detection software across

entire enterprise network.

• Intrusion prevention software.

• Systems to detect when a

customers’ computers and mobile

devices are compromised.

• Information sharing to identify

threat indicators to identify malcode

from originating IPs/URLs, social

engineered emails and exe. files

that may be on your network.


Multi-factor Authentication

• Hardware and software tokens for

corporate and consumer online

banking applications.

• Tokens on smart phones.

• One time PINs via SMS.

• Calling customers back to verify

wires and ACH originated online.

• SMS and/or email alerts on all

wires and ACH transactions, with

or with out SMS back to block.

• Knowledge Based Authentication-

verify customer devices.


Detection

• Anomaly Detection

• Anomaly detection at log in.

• Anomaly detection at transaction level.

• Systems to detect when customers’

mobile devices are compromised.

• ACH debit block and/or positive pay

type of systems for ACH.

• Wire and ACH white list systems.

• IP/URL filtering.

• Bank-hosted security software to protect

online sessions/browser security.

Prevention

24

• Education of staff on combatting

social engineering.

• Customer education about current

threats, vulnerabilities, incidents and

best practices.

• Encryption of all data including data

at rest.

• Services to test employees’

responses to fake phishing

messages.

• Information Sharing to learn and

contribute to community’s knowledge

of hacker tactics, techniques and

procedures.

• Turning off unused payment

services.

Response

25

• Take down services.

• Information Sharing to contribute

to community’s knowledge of new

threats and prevent future

infection.

• Software to clean malware off of

customers’ devices.

• Establish new credentials.

• Account repair and transition.

Source: Liquidmatrix, 2009


Risk Mitigation Trends Among Banks

RTP Countermeasure

Endpoint malware detection

Dark web threat monitoring

Client education/training

Web session/device monitoring

Voice biometrics

Dual control for origination

Out-of-band authentication

Transaction risk modeling/risk

engine

1

2

3

4

5

• Emerging capabilities

place a heavy emphasis

on applying cognitive

analytics and machine

learning to extremely

broad and deep

quantities of interaction

data


Risk Mitigation Recommendations

for Companies

• Suggest that businesses adopt internal controls similar to

banks.

➢ Dual control for origination

➢ Out-of-band authentication within the business.

➢ Out-of-band authentication with vendors to verify

when payment instructions are changed.

• Determine patterns for fraudulent wires.

➢ Add data to wire anomaly detection systems.

• Provide payment scheduling information to the bank for

wire and ACH review queues and approval processes.

• Share information with the bank who will, in turn, share

the info anonymously within FS-ISAC.


Recent Developments


Equifax Cyberattack

● Equifax, the credit reporting agency, discovered the intrusion on July 29, 2017.

− From mid-May to July, hackers gained access to company data potentially comprising sensitive information for 143 million American consumers.

− September 14– reports that CIO and CISO have left the company

− The attack represents one of the largest risks to personal sensitive information in recent years.

● > 50% chances that consumers with a credit report are affected.

● In addition to Social Security numbers, an unspecified number of driver’s licenses, birth dates, home addresses and other material, hackers also stole:

− Credit card numbers for 209,000 consumers

− Credit dispute documents for 182,000 others

− Far more personal information – the keys that unlock consumers’ medical histories, bank accounts and employee accounts

● Congressional, regulatory and possibly law enforcement action expected.


Equifax Ranks 3rd Largest Data Breach


Future ACH Posting Dilemma

with Faster Payments

• Receiving FIs to post same day ACH credits by 5 p.m.

• Funds in the account at 5 p.m. can be withdrawn same day or wired out of the account (6:30 p.m. wire deadline).

• This creates an opportunity for cyber criminals to achieve greater success with BEC or account takeover schemes.

BEC Fraudulent Payment: Claw back of the funds

ODFI RDFI

Company

discovers fraud

and asks ODFI

for $ back

If funds not

withdrawn, RDFI

may return $ ODFI asks

RDFI for $

back


Key Question: Will the fraud be discovered before money mules have withdrawn the funds?

Race against time


Bank of Bangladesh Account Takeover. $81 M successful theft via international wire transfers

• Account takeover• Plus specialized malware that altered data on the SWIFT MT950

statement so that the fraudulent transactions and resulting balances were not reflected.

• Result: $81M was successfully wired from their account at the NY Fed to the Philippines and cashed out at a casino.

• Key point: Wire transfers move fast. A lot of money can be stolen in a short time.


Risk Mitigation Recommendations

for Companies

• Suggest that businesses adopt internal controls similar to

banks.

➢ Dual control for origination

➢ Out-of-band authentication within the business.

➢ Out-of-band authentication with vendors to verify

when payment instructions are changed.

• Determine patterns for fraudulent wires.

➢ Add data to wire anomaly detection systems.

• Provide payment scheduling information to the bank for

wire and ACH review queues and approval processes.

• Share information with the bank who will, in turn, share

the info anonymously within FS-ISAC.


About FS-ISAC

TLP Green


What FS-ISAC Delivers to Members

Info Sharing Analysis Exercises &

Products

Education &

Training

Summits &

Workshops

500,000+ indicators

tracked

10,000 threat

repository

requests/day

420 major

advisories/month

Bi-weekly threat calls

500+ attendees each

Full time ISAC

analysis team (IAT)

3 Security

Operations Centers (Virginia, Poland,

Singapore)

Staff embedded at

NCCIC

(US National

Cybersecurity and

Communications

Integration Center)

Cyber Attack against

Payment Systems

(CAPS)

All-Hazards Crisis

Response Playbooks

Threat advisories w/

FBI/USSS/ Others

Mitigation strategies

Hamilton Series of

exercises

Cyber Threat

Training Courses

New Expert Webinar

Series

New Learning

Management

System

Topic-specific

briefings, webinars (Struts, DDoS,

destructive malware,

payment systems,

business email

compromise

Four Major Summits

• Singapore

• Orlando

• Baltimore

• London

Cross sector

summits

CISO Congress

20+ Workshops

worldwide

TLP Green


FS-ISAC Ecosystem

Information

Security

Physical

Security

Business

Continuity/

Disaster

Response

Fraud

Investigations

Payments/

Risk

Member

CommunicationsCERTs

FS Regulators

Law

Enforcement

Other Intel

Agencies

Information Sources

Cross Sector

(other ISACS)

Open Sources

(Hundreds)

GO

VE

RN

ME

NT

SO

UR

CE

S

CR

OS

S S

EC

TO

R

SO

UR

CE

S

FS-ISAC 24x7

Security Operations Center

Alerts

Member Submissions

Threat Intelligence

Providers

Vulnerability

Alerting

Malware

Forensics

PS Incidents &

Analysis

After hours IAT

support

PR

IVA

TE

SO

UR

CE

S


Cyber Intel TIC

ETSC

ATSC

STIG

BRC

CBCCICCUC

SIRG

IRC

PRC

PPISC

CAC

CHEF

Circles of Trust

» Cyber Intelligence Mail List» Threat Intelligence Committee (TIC)» European Threat & Strategy

Committee (ETSC)» APAC Threat & Strategy Committee (ATSC)» Singapore Threat Intelligence Group (STIG)» Business Resiliency Committee (BRC)» Community Bank Council (CBC)» Community Institution Council (CIC)» Credit Union Council (CUC)» Securities Industry Risk Group (SIRG)» Insurance Risk Council (IRC)» Payments Risk Council (PRC)» Payment Processor Information Sharing Council

(PPISC)» Compliance and Audit Council (CAC)

» Clearing House and Exchange Forum (CHEF)

TLP Green


• Microsoft partnered with FS-ISAC to

take civil litigation actions against

botnet infrastructures.

• Microsoft able to clean up over

5,000,000 infected machines in 2013-

2015 (Citadel take-down).

• Microsoft and Symantec released a

remedy to clean and restore infected

computers' defenses automatically.

• Other takedowns included: Ramnit

(2015), Shylock (2014), Zeus (2012)

Sharing in Action: Civil Litigation against

Botnet Infrastructures

TLP Green


Trustwave’s List of

7 Deadly Employee Sins

1) Pathetic Passwords: The most common corporate password is "Password1" because it

meets the minimum complexity requirements. 15% of physical security tests, written

passwords were found on and around user workstations.

2) Peeping ROM: 71% of workers sneak a peek at a co-workers or stranger's workstation. One

in three workers leaves their computers logged on when they are away from their desk.

3) USB Stick Up: 60% of users who find random USB sticks in a parking lot will plug them into

their computers; add those sticks that includes a company logo and the number increases to

90%.

4) Phish Biting: 69% of phishing messages past spam filters; 27% of IT organizations have

users who have fallen for malicious e-mail attacks.

5) Reckless Abandon: 70% of users do not password-protect their smartphones, and 89% of

people who find lost cell phones rummage through the digital contents.

6) Hooking up with Another Man's WiFi: By 2015, the number of WiFi hotspot deployments

will increase 350%, but currently, only 18% of users use a VPN tool when accessing public

WiFi.

7) A Little Too Social: 67% of young workers think corporate social media policies are

outdated, and 70% regularly ignore IT policies. Just over half (52%) of enterprises have seen

an increase of malware infections due to employees' use of social media.

September 20, 2017 — FS-ISAC Confidential


Enter text

QuestionsBill Nelson– [email protected]

mailto:[email protected]


Appendix:

Threat Profiles and

Risk Mitigation

TLP Green


Threat Profile: Account Takeover

Overview TTPs

▪ Banking Trojans include key

logging, IM of tokens

▪ Malware infection

predominately through spear

phishing with links or

attachments

▪ DDoS of sending bank’s

online banking systems to

conceal disbursement of

fraudulent wires or ACH

▪ Additional customized

malware to prevent display of

confirmations or statements

Mitigation

▪ Stand-alone computers for

payment origination

▪ Dual control

▪ Anomaly detection

▪ 2F & OOB authentication

▪ Malicious website blocking

▪ Perimeter email filtering

▪ Outgoing activity monitoring

▪ Remote secure browser

▪ Patch management

▪ Staff cybersecurity training

▪ Intrusion prevention systems

▪ Information sharing of IOCs

▪ Positive pay for ACH, wires

See FS-ISAC portal

▪ Online hijacking of accounts

to create fraudulent

electronic payments

▪ Account Takeover first seen

in 2007, proliferated in 2009

▪ Over $110M in US banking

losses in 2010

▪ Lawsuits by business

customers against their

banks (Corps 4, Banks 2)

▪ 2016- Interbank transfers

using SWIFT, $81M loss by

one bank alone

TLP Green


Business E-mail Compromise

• Business E-mail Compromise (BEC) is a scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments.

• The BEC is a global scam with subjects and victims in many countries. BEC complaint data has been received victims in every U.S. state and has hit over 100 countries.

• Losses are estimated at over $1.2 billion in the last year.

TLP Green


Threat Profile: Business Email Compromise

Overview TTPs

▪ Often compromise CEO or

CFO email, wait until execs

are traveling or on vacation

▪ Often compromise

vendor/supplier email and

attempt to modify their bank

accounts

▪ Utilize social engineering &

malware to gain access

▪ Conduct substantial

reconnaissance after

compromise

▪ Spoof email accounts

▪ Utilize wire transfers

Mitigation

▪ Verify changes in payment

instructions with verbal

confirmation

▪ Limit employees that can

authorize wire transfers

▪ Use out of band

authentication for executive

approvals (PIN, phone call)

▪ Require dual approval of wire

transfers exceeding set

criteria

▪ Share information with other

financial entities

More info: https://www.fsisac.com/sites/default/files/news/BEC_Joint_Product_Final.pdf

▪ BEC is payment fraud

where legitimate business

e-mail accounts are

compromised & used to

conduct an unauthorized

wire transfer.

▪ After a business e-mail

account is compromised,

actors use the compromised

account or a spoofed

account to send wire

transfer instructions.

▪ The funds can be sent all

over the world

TLP Green


Threat Profile: POS/Card Payment Systems

Overview TTPs

▪ Unauthorized access via

remote access

▪ Exploiting commercial

application vulnerabilities

▪ Email phishing

▪ Unsafe web browsing from

computer systems used to

collect, process, store or

transmit customer information

Mitigation

▪ Strong password

management including

regular changes

▪ Disable group accounts and

passwords

▪ Add multi-factor

authentication

▪ Require vendors to use multi-

factor authentication

▪ Monitor remote user accounts

▪ Segment pqyment systems

from other systems

▪ Patch systems often

▪ Many retailers use

customized card payment

processing systems

▪ System providers have

remote access to these

systems to support them

▪ Criminals exploit databases

and payment systems via

remote access tools

▪ Employees with remote

access are targeted (e.g.

stealing VPN credentials)

More info at: https://www.fsisac.com/sites/default/files/news/Alert%20--

%20Securing%20Merchant%20Terminals%20Remote%20Access%20FINAL%207%20July%

202015.pdf

TLP Green


DDoS Attack

TLP Green


Threat Profile: DDoS Attack

Overview TTPs

▪ Actors leverage botnets and

other resources to increase

traffic to sites and services to

such a point that these “jam”

and legitimate users can’t

immediately access them.

▪ While hacktivists use DDoS,

many recent attacks have

been criminals using DDoS,

such as DirtJumper, to

obscure account takeovers.

▪ Criminals use malware to

originate unauthorized wire

transfers and ACH.

Mitigation

▪ Anomaly detection.

▪ Rapid information sharing

within the community when

DDoS indicators are spotted.

▪ Work with Internet Service

Providers to identify proactive

solutions and also have a

clear escalation path if a

DDoS attack hits.

▪ Communication and training

for customers to recognize

compromised accounts.

▪ A Distributed Denial of

Service (DDoS) attack is a

malicious attempt to disrupt

access to or performance of

critical systems, networks or

servers.

▪ Malicious actors often use

DDoS attacks to distract

their targets and disguise

other activities and attacks

such as account takeovers.

TLP Green


Ransomware

• Ransomware is a type of malware that infects a computer(s) or networks & restricts users’ access to affected computer(s).

• Cybercriminals then attempt to extort money from victims by displaying an on-screen alert.“All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data.”

• An increasing number of attacks where victim businesses receives an e-mail threatening a Distributed Denial of Service (DDoS) attack to its Website unless it pays a ransom.

TLP Green


Ransomware Statistics

• The number of ransomware

attacks in 2016 were 2.7 times

higher than 2015. Its target was

shifted from individuals to

institutions.

• It takes only one employee to

click one attachment in the

phishing mail to get an entire

system locked by ransomware.

• C-level executives open phishing

attachments at a higher rate than

employees (20.8% versus12.8%).

TLP Green


Threat Profile: Ransomware

Overview TTPs

▪ Phishing Emails

▪ Embedded Links

▪ Attachments

▪ Drive-by Downloads

▪ Exploit Software

Vulnerabilities

▪ Malvertising

Mitigation

▪ Build a strong security

awareness training program

▪ Up-to-date Vendor Security

Software Protection

▪ Wiping/Re-imaging

▪ Review/update corporate

data backup/ retention/

recovery policies

▪ Ensure business critical data

is identified and included

▪ Test data recovery

procedures PRIOR to an

incident

▪ Malware that encrypts

files/folders and demands a

ransom in order to decrypt.

▪ If payment is not received

by a stated date/time, files

can be deleted or

decryption key can be

deleted.

▪ Examples:

▪ Locky

▪ TeslaCrypt

▪ CryptoWall

▪ CTB-Locker

▪ Jigsaw

TLP Green


Destructive Malware Threat

Name

South

Korean

Banks

Saudi

Aramco &

RasGas

RansomwareSands

Casino SONY

Korea Hydro &

Nuclear Power

Company

Date 4/2011, 3/2013 8/2012 9/2013 2/2014 11/2014 12/2014

Alleged Threat

ActorNorth Korea Iran

Organized

CrimeIran North Korea North Korea

Primary

MotivationGeopolitical Geopolitical

Financial

GainGeopolitical Geopolitical Geopolitical

Destructive

Malware

Wiper

DarkSeoul

Wiper

Shamoon

CryptoLocker,

CryptoWall,

TeslaCrypt

Wiper Wiper DestFallen

Delivery

MechanismNetwork Intrusion Network Intrusion

Exploit Kits,

GameOver Zeus,

MalSpam

Network

IntrusionNetwork Intrusion Spear Phishing

Propagation

Vector

Patch

Management

Server

Network Shares N/A Unknown Network SharesDid not attempt

to propagate

TLP Green


Threat Profile: Destructive Malware

Overview TTPs

▪ Actors use a variety of

methods, including phishing

and social engineering, and

drive-by downloads to infect

systems with destructive

malware

Mitigation

▪ Build a strong security

awareness training program

▪ Perform consistent and

ongoing security monitoring,

prevention and risk mitigation

▪ Participate in industry

information sharing forums

▪ Ensure you have a strong

and well known reporting

procedure for social

engineering attacks

▪ Use application based

controls requiring active

verification as a control

against data integrity attacks

▪ A destructive malware

attack is a unique threat in

that it is both infrequent and

yet potentially catastrophic.

▪ Presents a significant threat

to an organization’s daily

operations and business

continuity; it impacts

confidentiality, integrity and

availability of data, and can

thwart an organization’s

ability to recover from an

attack (e.g., Las Vegas

Sands, SONY

Entertainment)

TLP Green


Destructive Malware/Data Integrity

TF White Paper

• 13 November 2015: FS-ISAC posted TLP

Green version of the paper to the FS-ISAC

Portal

• 23 November 2015: FS-ISAC distributes TLP

White version of the paper and press release

• https://www.fsisac.com/sites/default/files/news/

Destructive%20Malware%20Paper%20TLP%2

0White%20VersionFINAL2.pdf

TLP Green

https://www.fsisac.com/sites/default/files/news/Destructive Malware Paper TLP White VersionFINAL2.pdf

57 September 20, 2017 — FS-ISAC Confidential57

Corporate Espionage Objectives

Corporate Strategy

• New market entrants• Strategic partnerships• Services, products used by

company or government

Trade Secrets

• Pending mergers and acquisitions

• Foreign investments

Financial Strategy

• Competitor bidding• Foreign subcontractors /

outsourcing arrangements• Critical infrastructure contracts• Bids on government contracts

Intellectual Property

• Research and development advancement

• New product launches

TLP Green


Information Sharing

ONE ORGANIZATION’S INCIDENT BECOMES

THE INDUSTRY RESPONSE

September 20, 2017 — FS-ISAC Confidential TLP Green

Date post:	03-Oct-2021
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times

Cyberattacks against Treasury Operations and Corporate ...

Documents