Tuesday, May 14, 2013

When Cyber and Physical Worlds Collude, We Lose

The previous three posts here dealt with the dangers posed by cyberattacks on our investments in America’s securities markets. The conclusion? That U.S. market information and trading mechanisms are structured in a way that is not only open to disruption from basic cyberattacks, but also conducive to it. The Twitter hack and its resulting market crash were 100% cyber-delivered – no human intervention.

But just as the headlines on the Twitter market crash faded, news of a new cyberattack broke. In the span of just a few hours, $45 million in cash was sucked from bank ATMs around the world.

How? The worlds of cyber crime and physical crime collided in what might be a new trend in cyberattacks.

Hackers conducted some clever cyber theft of debit card numbers and PINs. Then, they removed the withdrawal limits for those accounts. The unrestricted debit card information was funneled to waiting teams of “cashers” who then emptied ATM machines across upper Manhattan and other targeted cities around the world.

This incident contrasts with the Twitter market crash, which was 100% cyber. In the ATM cyber heist, the work was accomplished via carefully planned and coordinated efforts in both the physical and cyber worlds.

This is much bigger than programmers tucked away in darkened rooms. This is a worldwide organization with individuals willing to do its bidding. Months of planning, recruiting and training led to a precise, coordinated hit of ATMs around the world. In a crime ring like this, there are probably rules and regulations overseeing the handling and forwarding of the stolen cash, as well as enforcement measures to detect, prevent and punish internal skimming of funds.

And there is an added bonus for the ATM cyber thieves. Each operation of this type can be treated as a “throwaway.” What this means is that while the processes of each operation can be reused again and again, the specifics of each operation can be coordinated through temporary communications methods, never to be used again. Thus, this ATM cyber heist and each one thereafter are operations that are, essentially, investigative dead ends.

Impressive? Yes. Repeatable? You can count on it.

If this ATM cyber heist marks a new trend in cyber and physical collusion in cyberattacks, what’s next? What do you think may be the attacks we hear about in the coming weeks or months?

("Hand Holding Credit Card At ATM" image: Naypong/FreeDigitalPhotos.net)

No comments:

Post a Comment