In April 2018, hackers stole the equal of $15 million from Mexican banks — and now we all know how they most likely did it.
Penetration tester and safety advisor Josu Loza was one of many consultants referred to as in to reply to the April heist, and on March eight he offered his findings on the RSA Safety convention in San Francisco.
Based mostly on his evaluation, Mexico’s central financial institution wasn’t doing almost sufficient to guard its purchasers’ cash — however different monetary establishments might keep away from the identical destiny in the event that they’re keen to work collectively.
On Friday, Wired printed a narrative detailing the knowledge Loza shared with the viewers at RSA’s convention. Based mostly on his evaluation, the success of the heist was because of a mix of skilled financial institution hackers keen to spend months planning their crime and a banking community rife with safety holes.
In the course of the presentation, Loza made the case that the hackers might need accessed the Banco de México’s inner servers from the general public web, or maybe launched phishing assaults on financial institution executives or workers to realize entry.
No matter how they first bought entry, Loza stated, the primary drawback was placing too many eggs in a single safety basket. As a result of lots of the networks lacked enough segmentation and entry controls, he argued, a single breach might present the financial institution hackers with intensive entry.
That enabled them to put the groundwork to finally make quite a few cash transfers in smaller quantities, maybe $5,000 or so, to accounts underneath their management. They’d then pay a whole lot of “money mules” every a small sum — Loza estimated that $260 may be sufficient — to withdraw the cash for them.
The financial institution hackers are nonetheless at massive, however the heist seems to have served as a wake-up name for the Banco de México.
“From final yr to right this moment the main focus has been implementing controls. Management, management, management,” Lazo stated throughout his presentation, based on Wired. “And I feel the assaults aren’t occurring right this moment due to it.”
He additionally famous the necessity for firms to collaborate to defend in opposition to cyberattacks.
“Mexican individuals have to begin to work collectively. All of the establishments have to cooperate extra,” Loza stated. “The principle drawback on cybersecurity is that we don’t share information and data or discuss assaults sufficient. Folks don’t need to make particulars about incidents public.”
READ MORE: HOW HACKERS PULLED OFF A $20 MILLION MEXICAN BANK HEIST [Wired]