The O2 arena awards five-year event control contra... » Integrated Security Consultants (ISC) Ltd, has been awarded a five-year contract to supply CCTV and ... Tripwire Now discovers more than 100,000 condition... » LONDON, UK:  Tripwire, Inc., has announced that Tripwire® IP360 TM now discovers more than 100,000 c... Octavian launch new training giveaway on World Hea... » Octavian Security has unveiled a competition to coincide with the launch of the newly accredited Oct... Nigeriaghanistan: A nation's backward march to neo... » 23"Take away from Me the noise of your songs; I will not even listen to the sound of your harps. 24"... Lord's to host inter services T20 Cricket Competot... » Vigilance can report that the Combined Services Cricket Association can confirm that the Inter Servi... BeyondTrust appoints former Northrop Grumman Chair... » PHOENIX: BeyondTrust has appointed Dr. Ronald D. Sugar, former Northrop Grumman Chairman and CEO, to... Check Point discovers massive vulnerability in Mag... » Check Point® Software Technologies Ltd has announced that their Malware and Vulnerability Research G... A10 Networks works with RSA security to provide e... » SAN JOSE, Calif.: A10 Networks has collaborated with RSA, The Security Division of EMC, to help incr... Matrix42 signs UK partner agreement with Distology... » LONDON, ENGLAND: Matrix42 has announced Distology, the successful security and risk value adde... Windows forensic analysis skills are vital to addr... » Even with the expected arrival of a slew of security improvements in Windows 10 such as multi-factor...

CLICK HERE TO

Advertise with Vigilance

Got News?

Got news for Vigilance?

Have you got news/articles for us? We welcome news stories and articles from security experts, intelligence analysts, industry players, security correspondents in the main stream media and our numerous readers across the globe.

READ MORE

Subscribe to Vigilance Weekly

Information Security Header

According to US Attorney Loretta Lynch, "This was indeed the largest theft of this type that we have yet seen. This was a 21st century bank heist that reached through the Internet to span the globe. But, instead of guns and masks, this cybercrime organization used laptops and malware."

 

According to George Tubin, Senior Security Strategist, Trusteer, “It appears the criminals in this case used advanced malware to breach the corporate network of two unnamed credit card processors that process prepaid debit card transactions. This type of breach almost always starts with an employee PC being compromised with malware in order to gain a foothold into the corporate network. Once inside the corporate network, the criminals can do what they want - and this massive heist clearly demonstrates the free reign afforded the cybercriminals to alter highly sensitive, highly protected information to ultimately steal $45 million. Despite using market-leading endpoint and network protection solutions most large enterprises are (knowingly or unknowingly) still breached by advanced malware.”

Tubin continued, “The only way to prevent these attacks is to prevent advanced, information-stealing malware from compromising employee endpoints - the weakest link in the security chain - and then moving the attack inside the corporate network. Corporate breaches can only be prevented by stopping malicious files from invisibly sneaking onto employee computers through both unknown and unfixed software flaws (aka, vulnerabilities). Because, once malware infects the user's computer, it's game over.”

“While this particular crime was highly visible due to the stolen funds, many corporate breaches go unnoticed as sensitive corporate data and highly valuable intellectual property are siphoned electronically out of the corporate network”, he said.