Banking on Insecurity: The ongoing fairytale of securing financial institutions

Presented at BSidesLV 2017, July 25, 2017, 11:30 a.m. (55 minutes).

So many banks in so little time. We should expect cyber attacks on financial institutions because it's just so much easier to pillage online than to coordinate a get-away car, guns and comfortable ski masks. Over the past year, exploits against banks have seriously upped the game: jackpotting ATMs, DDoS, messing with trusted messengers. The recent attacks on Polish banks initially went unnoticed. That's a mistake we can't afford to make, but the attackers are banking on it. When source code revealed that a much bigger player was involved, everyone jumped in. But that was days later. What are we missing because we choose to see what we expect, instead of what is really there? After last year's massive breaches, and some significant financial attacks, financial organizations need to be prepared. The attackers aren't just going after the money. They want the data too.


Presenters:

  • Cheryl Biswas / 3ncr1pt3d - Security Consultant, Threat Intel   as 3ncr1pt3d
    I'm a security consultant whose fascination with Stuxnet has expanded to APTs, ICS SCADA, mainframes, and Threat Intel. I like building bridges and security awareness. Once upon a time, there was a bank ...

Links:

Similar Presentations: