The global financial system is under attack
Show me the Money!
Roberto Martinez | Security Researcher
[email protected] @r0bertmart1nez
Kaspersky Global Research and Analysis Team | Latin America
Thank you!
Thank you!
Thank you!
Thank you!2.0 Attacks
APT-style bank robberies
The advance of
technology has
provided
criminals with
extra
opportunities
Thank you!Hackers could bring down the banks
Thank you!• Total Impact estimated: 1,200,000,000.00 MXN (Around 64 M
dollars)
• 1st Attack: 450 ATM’s, 4 different banks
• Licensing model: 24 hours per use
• Key moments: Good Weekend (Mexican Black Friday) and
February 14 (Valentine’s day)
• Banks started receiving “low flow” alerts
• New attacks on 2014 and 2015
Ploutus
Thank you!Green Dispenser
• Published 2015
• First attacks in 2014
• 1.02 million pesos/ U$ 304K stolen from 14 ATMs
• 1 Bank employee involved and arrested, with access to more
than 1.159 ATMs
• We found 1 new sample of Green Dispenser targeting Diebold
and Wincor ATMs
Thank you!No malware, no problem!
Thank you!Further Proof That Hacking Is Changing the World
Thank you!• 11.5 million confidential documents
• 4.8 million emails
• 3 million database format files
• 2.2 million PDF documents
• 1.1 million images
• More than 320,000 text documents
The data Leak
Thank you! Know what information is most valuable -- to you,
to your customers, to the public, and to attackers -- and
protect it accordingly.
Your data breach can have immediate, devastating
effects on customers.
The Importance of Having an Effective Incident
Response Team
Lessons learned
Thank you!Know your adversary!
• Social Engineering
• Insiders
• Intelligence
• Tech tools
Thank you!
Source: http://www.hackmageddon.com/2016/06/19/may-2016-cyber-attacks-statistics//
Thank you!Attackers Techniques
Thank you!xDedic – the shady world of hacked servers for sale
Thank you! Actors
Patterns
Geography
Timelines
Threat Intelligence
Thank you!
GARTNER ADAPTIVE SECURITY ARCHITECTURE
Thank you!GReAT: Elite Threats Research
• Global Research and Analysis Team since 2008
• Threat intelligence, leadership in innovation and research
• Approach: APTs, Critical Infrastructure Threats, Financial
Threats, sophisticated Targeted Attacks
Thank you!1/3
42
Our employeses workin R&D
world leading security experts: our elite group
Thank you!
Roberto Martinez
Security Researcher | Global Research and Analysis Team Mexico
@r0bertmart1nez [email protected]
¡Gracias!