U.S. regulators warn banks about rise in cyber-attacks

WASHINGTON Thu Apr 3, 2014 1:54am IST

A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013. REUTERS/Pawel Kopczynski/Files

A magnifying glass is held in front of a computer screen in this picture illustration taken in Berlin May 21, 2013.

Credit: Reuters/Pawel Kopczynski/Files

Related Topics

Stocks

   

WASHINGTON (Reuters) - A group of top U.S. regulators on Wednesday warned about the threat of rising cyber-attacks on bank websites and cash machines, urging the industry to put proper measures in place to guard against fraud.

The Federal Financial Institutions Examination Council (FFIEC) said it had seen a rise of so-called denial-of-service attacks on bank websites, which were sometimes a cover for criminals committing fraud.

The group described one recent case in which criminals stole $40 million from just 12 accounts - far exceeding the actual balance held by clients - in a sophisticated scheme known as an "Unlimited Operations" fraud.

Massive client data breaches at retailers Target Corp (TGT.N) and Neiman Marcus Group LLC put the focus on cybersecurity last month, leading banks and retail groups to join forces to try and fix the issues.

The problems described by the FFIEC, which comprises top officials from the Federal Reserve and other bank regulators, are of a different nature, if no less harmful.

In the "Unlimited Operations" fraud, criminals might begin an attack by installing malicious software on a bank's computers through phishing emails, and then hack into control panels to raise limits on how much a cash machine can dispense.

In the final phase, the criminals withdraw large amounts of money from a number of cash machines within four hours to two days with stolen bank cards, often on weekends because that is when there is more money in the machines.

Such operations can be accompanied by a denial-of-service attack, in which a bank's website is flooded with information requests so that it slows down or completely stops working for clients with legitimate requests.

There was an increase in such attacks in the latter half of 2012, the FFIEC said, although these were often also launched by politically motivated groups.

In 2012, Ally financial Inc, Bank of America Corp (BAC.N), Wells Fargo & Co (WFC.N) and other banks suffered denial of service attacks. Sources at the time told Reuters the attacks could be part of a year-long cyber campaign waged by Iranian hackers to protest against an anti-Islam video on the Internet.

(Reporting by Douwe Miedema. Editing by Andre Grenon, Bernard Orr.)

FILED UNDER:
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.

  • Most Popular
  • Most Shared

TECH DEAL

A view of Microsoft and Nokia signs in Peltola, Oulu July 16, 2014. Microsoft Corp said on Thursday it would cut up to 18,000 jobs, or about 14 percent of its workforce, as it halves the size of its recent Nokia acquisition and trims down other operations. REUTERS/Markku Ruottinen/Lehtikuva

Opera's Mini browser to be installed on Microsoft phones

Norwegian software maker Opera signed a deal to take over the browser building unit of Microsoft's Nokia mobile phone unit and reported second-quarter earnings above expectations, sending it shares sharply higher.  Full Article 

Reuters Showcase

Silicon Valley Women

Silicon Valley Women

Despite lip service, Silicon Valley venture capital still a man’s world   Full Article 

Cyber Attacks

Cyber Attacks

U.S. government's nuclear watchdog victim of cyber attacks - report  Full Article 

Net Neutrality

Net Neutrality

Online video stars mobilize for U.S. net neutrality  Full Article 

'Heartbleed' Bug

'Heartbleed' Bug

U.S. hospital breach biggest yet to exploit Heartbleed bug - expert  Full Article 

Deal Talk

Deal Talk

Infineon agrees to buy Int'l Rectifier for $3 bln in cash  Full Article 

Reuters India Mobile

Reuters India Mobile

Get the latest news on the go. Visit Reuters India on your mobile device.  Full Coverage