[ Dec 10, 2018 ]
A series of attacks on European banks involving the use of attackers’ own devices, successfully allowed hackers to steal millions of dollars.
The attackers planted devices like a laptop, Raspberry Pi and Bash Bunny inside the targeted banks’ premises, which provided them with remote access to the banks’ networks.
Usually, cybercriminals attack a system and inject their malicious code onto existing devices connected to a targeted network. Such attacks are expected by security investigators. However, a recent series of hacks, targeting at least eight banks in Eastern Europe, proved to be of a different kind.
The cyberattacks saw attackers physically connect their own devices to the targeted banks’ networks, researchers at Kaspersky Lab discovered. This spate of attacks has been dubbed DarkVishnya by the investigators.
Cyber Security Tips:
The investigators provided several useful suggestions for improving the security of office buildings:
- Public areas in office premises should have restricted availability of the office networks.
- Any unused Ethernet sockets should be disconnected or isolated from the main office network. Ethernet sockets could also be placed so as to be in the frame of security cameras, which could deter malicious actors and even aid investigators in the event of an attack.
- The office network security could be tightened by using cybersecurity solutions that provide device control and anomaly monitoring features.