A constant game of cat and mouse

Stephen Pao, our GM Security Business, takes part in this Marketplace segment on what many are calling, “one of the largest bank heists ever.”

The heist was pulled off through the use of a phishing scheme that deposited malware on victim machines.  The malware was present on victim networks for an average of 42 days before money was funneled out of the bank.

There are a handful of key takeaways from an incident like this:

Patching is extremely important!  As Brian Krebs notes here, the malware took advantage of unpatched Microsoft systems.

Hackers are sophisticated, combining spear phishing, known vulnerabilities, and human intelligence.  As the Kaspersky report (pdf) notes,

“… they studied the victim´s internal procedures and pinpointed who they should impersonate locally in order to process fraudulent transactions through the aforementioned services.”

Rapid detection is critical to loss prevention.  With an average infection time of 42 days, the hackers had time to gather data, learn business logic, and further develop their attack.

“This is just a new frontier.  It's a constant game of cat and mouse.” ~Stephen Pao

Barracuda Total Threat Protection is a framework that allows organizations to sure all of their threat vectors, including email, web applications, network security, and more.  Our Data Protection Plus initiative helps companies increase productivity, maintain regulatory compliance, and engage in robust information management.  Contact us for a risk-free, 30-day evaluation of our solutions.