Search This Blog

Showing posts with label Bank Security. Show all posts

Maze Ransomware Operators Leaked 2GB of Financial Data from Bank of Costa Rica (BCR)


Bank of Costa Rica (BCR) has been receiving threats from the threat actors behind Maze ransomware who have stolen credit card details from the bank, the ransomware gang started publishing the encrypted financial details this week.

The Banco de Costa Rica is one of the strongest state-owned commercial banks operated in Costa Rica, starting from humble origins of mainly being a private commercial bank, it expanded to become a currency issuer and one of the most renowned baking firms in Central America contributing largely in the financial development of the nation.

The hacker group behind the data leak have demanded a ransom from Banco de Costa Rica at various occasions, however, to their dismay they observed a lack of seriousness in the way the bank dealt with these previous leaks and it served as a primary reason that motivated the latest data leak, according to an interview with Maze ransomware operators.

As per the claims made by the attackers, Banco de Costa Rica's network remained insecure till February 2020; it was in August 2019 when they first compromised the bank's network and the second attempt was made in the month of February 2020 to see how the security has been improvised – if at all so.

The 2GB of data published by the Maze ransomware attackers on their leak site contains the details of at least 50 Mastercards and Visa credit cards or debit cards, a few being listed more than once.

As per the statements given by Brett Callow, a threat analyst with Emsisoft to ISMG, "Like other groups, Maze now weaponizes the data it steals,"

"The information is no longer simply published online; it's used to harm companies' reputations and attack their business partners and customers."

"The Maze group is a for-profit criminal enterprise who are out to make a buck," Callow says. "The credit card information has been posted for one of two reasons: Either to pressure BCR into paying and/or to demonstrate the consequences of non-compliance to their future victims," Callow further told.

Russian banks revealed new types of fraud


Stanislav Kuznetsov, Deputy Chairman of the Board of the Bank, said that fake Internet recruiting agencies that offer employment have become more active. An applicant should fill out a form with personal data. Then a letter arrives that he was hired, and he needs to transfer money for some equipment urgently. In the end, no money, no work.

VTB specialists reported cases of fraud when hackers place job ads and get access to mobile phones while communicating with candidates. Then, using remote access, hackers get to the client's personal account and can withdraw money.

Hackers are looking for candidates without experience, for example, for the position of mobile app tester. Those who responded to the ad, they are asked to pass testing and install remote access programs to their computer or smartphone for control. Fraudsters can use them to log in to their personal account and withdraw funds.

The VAT refund scheme is also gaining popularity among fraudsters. Attackers publish videos on the Internet with a proposal to refund value-added tax to all Russians left without income. In this scheme, customers click on a fraudulent link from the description to the video and independently perform expense transactions, which leads to a loss of money.

"Internet companies began to actively appear that offer customers to take advantage of the volatility of cryptocurrencies and promise a large profit," said Kuznetsov about another scheme.

Finally, financial fraudsters copy popular initiatives of well-known brands and companies to attract their victims, using hashtags of the period of self-isolation, for example, #stayhome and offer to participate in the campaign to get three thousand rubles ($42). For this, it is allegedly necessary to provide card data and a one-time SMS password.

It is worth adding, according to the international company Group-IB, using the remote access program TeamViewer, fraudsters steal from the clients of large banks on average from 6 million to 10 million rubles per month ($84,000 - 140,000).

In Kiev, a hacker group who used the vulnerability of banks to steal their clients' money was caught


The Security Service of Ukraine (SBU) announced the termination of the acclivities of hackers who stole an average of 1.2 million dollars a year from the accounts of banking institutions.

According to the investigation, the attackers found vulnerabilities in the electronic payment document management system of banks, illegally transferred money of clients to the accounts of fictitious persons or transferred it to cryptocurrency. Hackers created a bot network of infected computers to conduct illegal operations on the Internet. "Thus, the members of the group stole from the accounts of banking institutions on average 30 million hryvnias ($1.2 million) a year," reported the press service of the SBU on Tuesday.

During 10 searches in Kiev and the region, as well as in Lviv, law enforcement officers seized computer equipment and mobile devices that were used by members of the group during illegal activities. Now the seized equipment is sent for examination.

A criminal case has been opened. If the attackers are found guilty, they face up to six years in prison.
It is worth noting that the Security Service of Ukraine recently exposed a large group of hackers associated with the Darknet.

Members of the group and third parties used server hosting equipment to conduct cyberattacks on the authorities and administration of Ukraine, critical infrastructure of Ukraine, as well as Ukrainian and world banks.

During the investigation, operatives detained the organizer of the group, who since 2011 provided its own server equipment for hosting, administering and distributing malware, bot networks and conducting cyberattacks.

In particular, DDoS attacks were carried out on strategic facilities in Ukraine and banking institutions of other states. The specified hosting was known on the Darknet network under the name "ProHoster" and "Bulletproof.space".

The Central Bank of Russia warned about the new scheme of fraud "taxi from the Bank"


Fraudsters have found a new way to withdraw money from Russians. Social engineering is also in progress: people are offered a new service from banks "taxi to ATM", and on the way, they are convinced to transfer money to a third-party account.

Victims of the new scheme are those who do not use online banking, in particular, the elderly. Attackers force them to transfer money through an ATM, for which they offer to use the "taxi from the Bank" service for free.

This information is confirmed not only in banks but also in the Central Bank. Several people have already become victims of such a fraud, all of them tell about the same story: criminals call from the number "8 800" and report that someone is trying to withdraw funds from the client's card. If the potential victim does not have an Internet Bank, the person was offered a special taxi to the ATM.

"Allegedly, it will be possible to transfer funds to a secure account from ATM. Attackers order a regular taxi for the victim, and when a person is at the ATM, he makes a dictation operation to transfer money to the attacker's account," said Alexey Golenishchev, Director of monitoring operations and disputes at Alfa-Bank.

The Central Bank warned that customers are never asked to make transactions through ATMs when a suspicious operation is suspected. Scammers often offer to transfer money through an ATM, and "taxi from the Bank" is one of the varieties of this scheme.

Sberbank confirms this scenario and recognizes that the scheme is becoming more popular. The victims are lonely people or elderly people who are easily to trick, and they do not have the opportunity to consult with someone. Scammers do not give time to think and convince a person to act quickly.

Usually, the damage from such fraudulent actions is about 15 thousand rubles ($220).
Previously, fraudsters began to practice another way of cheating. A man finds a forgotten card at an ATM, picks it up and then the owner of the card appears. Of course, the owner reports that money has disappeared from his card.

Russian banks and energy companies have undergone a new wave of cyberattacks


A new wave of cyberattacks targeting banks and energy companies has been recorded in Russia. Employees of these organizations receive numerous phishing emails with infected links, clicking on which is fraught with data theft from the computer.

It is reported that the malicious message contains an office document. The victim clicks on it and gets to the text hosting Pastebin, which downloads images from the Imgur service, which in turn contains malicious code. Thanks to it, attackers can steal secret files, withdraw funds, or install spyware on a user's computer.

"Since the chain consists of four stages, the protection tools that companies use cannot detect it, they are designed for shorter activity of malware," explained Igor Zalevsky, head of the center for the investigation of cyber incidents of JSOC CERT Rostelecom-Solar.

The company said that about 60% of phishing emails were received by employees of the energy sector, but 80% of all attacks turned out to be aimed at banks.
Zalevsky added that the attack is similar to the activity of the hacker group Silence, which just specializes in credit organizations. It is possible that the group decided to expand the scope of its activities or it's completely different hackers copying the behavior of Silence.

Group-IB confirmed that the attack recorded by Rostelecom-Solar was previously carried out in the banking sector.

Information security experts said that in 2020, energy companies will become the “main targets” for cybercriminals.

Andrey Arsentyev, head of Analytics and special projects at InfoWatch group, agrees with this assessment, he called the energy sector one of the "most attacked" in recent years. According to Denis Kuvshinov, a leading specialist of the PT Expert Security Center Positive Technologies cyber threat research group, the main goal of cybercriminals targeting the energy sector is industrial espionage, as well as the impact on critical infrastructure.

Security Experts Say Hackers Can Hack Russian Banks In 5 Days


Experts from the information security company Positive Technologies came to the conclusion that hackers will need only five days on average to hack a large Russian Bank. Experts came to this conclusion on the basis of a number of tests. The attack was successful due to vulnerabilities in applications, software and password selection. In some cases, access to ATMs was obtained.

Tests in 10 banks from the top 50 banks showed that hackers need an average of 5 days to hack the Russian bank’s network. In cases where the hacker acts from the inside, he is able to get full control over the entire infrastructure of the Bank in two days.

During the audit of banks, whose names were not disclosed, experts simulated 18 cyberattacks. In eight cases, the attacks were carried out from the outside using only publicly available data, such as the Bank's website or an incorrectly configured database. In ten cases, the hacker attacked from inside the bank, that is, the hacker was in the Bank building and got access to the power outlet, Wi-Fi network, and so on, or thanks to an external attack, he gained access to user data of a bank employee. Social engineering methods were not used in the tests.

Passwords turned out to be the weakest point because most of them were selected using a combination of similar words or nearby keys. Under one very common password “qwerty123” in one of the credit organizations were more than 500 accounts.

New testing showed that hackers can penetrate from the Internet into the local network of seven out of eight banks.

However, Kaspersky Lab’s Leading Antivirus Expert Sergey Golovanov said, Due to the improvement of bank security systems, Russian-speaking hacker groups are increasingly attacking foreign credit organizations, they are switching to banks in Asia, Africa and Latin America.

Russian banks to face risk due to a cancellation of support for Windows 7


Termination of technical support for Windows 7 and Windows Server 2008 operating systems (OS) can become a serious problem for Russian banks. According to the architect of the Microsoft technology center in Russia, Ivan Budylin, now, banks are required to quickly switch to Windows 10, since working without technical support is contrary to information security requirements. He added that the lack of updates can lead to significant risks of data loss.

At the same time, according to the survey, credit institutions are not yet ready to completely abandon the old OS.

Some banks reported that they had signed an agreement with Microsoft for paid additional support for Windows 7 (EAS). However, the expert noted that paid support is not an alternative to updating the operating system, but a temporary measure.

A similar situation was already with the Windows XP operating system, which was not supported in 2017 but continued to be used. During WannaCry ransomware virus epidemic, some XP users faced a situation where the malware appeared on the computer, was blocked and deleted by the antivirus.
However, then the virus repeatedly tried to get into the computer again and was blocked again. This caused a huge load on the network, processor, and disk. The devices started working so slowly that it was almost impossible to do anything on them.

Therefore, experts recommended updating Windows 7 as soon as possible, even though antiviruses can protect an already unsupported system.

Yuri Brisov, a member of the Commission on legal support of the digital economy, said that by denying the ability to regularly and timely update systems, banks put their customers at risk, which is unacceptable.

According to Boris Yedidin, a lawyer and co-founder of Moscow Digital School, for using outdated programs and operating systems, banks can bring to administrative responsibility under the article “Violation of information protection rules”.

Recall that Microsoft has refused to support the Windows 7 operating system since January 14. The computer will work with the old OS, but the company does not provide technical support for any software updates, as well as security updates and fixes.

The data of Alfa-Bank's clients is sold on the black market


The data of Alfa-Bank credit card holders, as well as Alfa Insurance customers came up for sale in the Darknet. The bank confirmed the leak saying that it affects a few customers and does not pose a threat to the money in the accounts.

Seller who published the ad on a hacker forum said that he has up-to-date data on about 3,500 Alfa-Bank customers and about 3,000 Alfa Insurance customers. The ad was published on October 31, the seller registered there on the same day.

To verify the data, the seller suggested to look at 23 contracts. They contained the full name, mobile phone number, passport data, registration address, the amount of credit limit or issued insurance, the subject of insurance, as well as the date of conclusion of the contract. According to the seller, all contracts of Alfa-Bank are issued in October.

When the investigator tried to transfer money by phone number, in 11 of the 13 credit card contracts, the names and first letters of the surnames matched. Also he phoned up nine customers, most of them confirmed that they had recently issued a credit card at Alfa Bank. Fraudsters have already managed to make a call to one of the clients, after which he blocked the card.

Alfa-Bank confirmed the leak. "At the moment, it is reliably known about the illegal distribution of personal data of 15 clients. The occurrence of this situation is not the result of a violation of the protection of the corporate information system of the Bank, " - said the representative of the Bank.

According to him, the leak does not pose a threat to customer accounts, as it does not have data to access them.

Indeed, the contracts do not contain card numbers and CVV-codes, so fraudsters will not be able to get direct access to the money. However, they can use the information to call a customer under the guise of a Bank and find out the necessary information to steal money.
Alfa Insurance has introduced additional security measures and is investigating the publication of customer data.

Recall, in early October Sberbank confirmed of credit card accounts, which affects at least 200 customers of the Bank. It was announced that 60 million credit cards were in the public domain.

Sberbank employee confesses he is the culprit behind the customer data leakage


Recall that on Thursday, Sberbank reported a possible leak of credit card accounts, which affects at least 200 customers of the Bank. According to media reports, at the weekend on one of the forums, which was blocked by Roskomnadzor (Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications), there were messages about the sale of personal data of Bank customers. The authors of the announcement indicated that they have access to data of 60 million cards.

Sberbank assured that the funds of its customers are safe because credit card accounts that do not have CVV codes, as well as logins and passwords from the Internet Bank were in the public domain. So, fraudsters can not steal money from the cards.

According to German Gref, President of Sberbank, Sberbank employees learned about the incident on the day of the leak, October 2: an ad was found with personal data of employees. After that, the employee of security service of Sberbank contacted an attacker trying to sell the stolen data.

During the conversation, it became clear that we are talking about an internal leak, Gref said.

According to a statement on the Bank’s website, "as a result of the internal investigation, the security service of the Bank in cooperation with law enforcement agencies, on October 4, 2019, identified an employee of the Bank born in 1991, the head of the sector in one of the business units of the Bank, who had access to databases and who tried to steal customer information for selfish purposes," the message on the Bank's website reads. The culprit of the leak faces criminal liability.

The leak indirectly affected the data of 200 cardholders of Sberbank, which have already been reissued, so " the owners have nothing to worry about," Gref said. He noted that the reissue took only two days.

Gref also apologized to customers and thanked them, noting their calmness.

Customers of Private Sector Banks Facing Problems in Net and Mobile Banking




Customers of several private sectors and well-known banks complained regarding encountering many issues in net and mobile banking in the course of the last few days, those of HDFC Bank, Kotak Mahindra Bank, and YES Bank are comprehended to have been most influenced by these 'outages'.

The issue, which made its appearance on the 1st of October, is by all accounts has been halfway settled, however numerous customers kept on facing certain issues while signing in to their accounts through the Internet and other apps.

While bank executives note that a mix of the festive season and the beginning of the month when salaries are credited just as some IT issue may have been the other reasons to have expanded the heap on servers. Following the restrictions at Punjab and Maharashtra Cooperative Bank, withdrawals had additionally increased after frenzy among certain depositors.

While the HDFC Bank, which is in the middle of a 'festive sale', appears to have briefly withdrawn an extra security feature for logging into net banking. Kotak Mahindra Bank's net banking page shows this message: “Due to high volume, you may experience some delay while accessing Net Banking. We will fix this soon. We regret any inconvenience caused.”

And at the same time, HDFC Bank spokesperson states that “Transactions through both net banking and mobile (app) banking have been very slow at times over the last couple of days, but they are going through. Though there isn’t nothing to be unduly worried about, we regret the inconvenience caused (to our customers)."

Nevertheless, the banks have guaranteed that they're making a decent attempt to resolve the issue and will ensure that the operations mentioned become, to a great extent, standardized at the earliest opportunity.

Fraudsters started selling customer data of the Russian Bank that fell under the reorganization of the Central Bank


A database of 70,000 Binbank customers leaked to the Internet, which was merged with Open Bank in early 2019. According to experts, this is the fault of the Bank of Russia, which at the stage of the introduction of the interim administration did not bother to check the information security of the credit institution. According to lawyers, clients who suffered as a result of a data leak have a chance to return funds in court.

It is known that for 5 thousand rubles ($77) dealers can get access to the name and surname of the client, find out passport details and place of residence.

Ashot Hovhannisyan, the founder of DeviceLock, said that the sold base consists of clients who at one time applied for an Elixir credit card. According to him, the database was sold to one wholesale buyer, and now several small underground dealers are engaged in trade in personal data.

In addition, according to law enforcement agencies, since the beginning of 2019, about a hundred former clients of Binbank lost their funds and filed a report. The amount of theft from the accounts is from three to one hundred thousand rubles ($ 46 – $1535). It is possible that the data leak affected the actions of Bank fraudsters.

The Federal Service for Supervision of Communications, Information Technology and Mass Communications (Roskomnadzor) sent a written request to Open Bank to clarify the situation. The letter contains a requirement to provide information on the reasons that led to the leak of personal data of bank customers (name, passport details, telephone number and address of clients), about the persons who committed the leak, as well as on the measures taken to eliminate the consequences of the incident.

According to Roskomnadzor, an untimely warning about leaks of personal data threatens the security of personal data of citizens.

Open Bank has denied information about the leak of personal information about Binbank depositors. The Open Bank Press Service stressed that there is no evidence that the leaked database has any relation to the clients of Binbank.

Capital One Data Breach, Hacker gets Access to 100 Million Accounts


A massive data breach to Capital One servers compromised the personal details of an estimated 106 million bank customers and applicants across Canada and the US.

The suspected hacker, Paige Thompson, 33, has been arrested by FBI on Monday. She has shared details about the data breach on a GitHub page earlier in April, according to the criminal complaints.

Thompson broke into a Capital One server and illegally acquired access to customers' names, addresses, credit limit, contact numbers, balances, credit score, and other related data.

According to the documents, the 33-year-old, Seattle resident gained access to 80,000 bank account numbers, 1 million Canadian Social Insurance numbers, and 140,000 Social Security numbers.

Thompson who had previously worked with Amazon Web Services as a software engineer was able to access the data by exploiting a misconfigured web application firewall in company's infrastructure, as per a court filing.

Despite the magnitude of the breach, "no credit card account numbers or log-in credentials were compromised and over 99% of Social Security numbers were not compromised," the company told.

Expressing concern over the matter, Chairman Richard Fairbank, said, "While I am grateful that he perpetrator has been aught, I am deeply sorry for what has happened.

"I sincerely apologize for the understandable worry this incident must be causing those affected and I am committed to making it right," he assured.

Meanwhile, the company is notifying the victims and aiding them with identity protection and free credit monitoring.



Data of Bank customers in Russia are becoming more expensive on the Darknet


In the first half of 2019, the price of banking customer data has rapidly increased on the Darknet. Thus, the cost of obtaining data on cards or statements of operations increased by 3-7 times. At the beginning of the year, the client's account statement could be purchased for 2 thousand rubles ($ 32), now its cost can reach 15 thousand rubles ($ 238).

According to the Positive Technologies analyst Vadim Solovyov, data on ATMs used by the client appeared on many sites, their price is from 8 thousand ($ 127) to 15 thousand rubles ($ 238). He noted, rather, this information can be used in traditional criminal schemes, for example, so that the fraudster's call to the client sounded more reliable.

"If the cost has increased, it means that the methods of countering leaks in banks have significantly complicated the business of attackers", the Central Bank believes.

The Head of the Information Security Department of the Open-Bank Vladimir Zhuravlev associated the price increase with a change in the type of attacks on customers. According to him, earlier fraudsters often used technical means, such as Trojans, phishing links or skimming. Now 90% of the theft occurs using social engineering methods, where the availability of personal customer data is very helpful to the fraudster.

The Central Bank does not disclose official statistics on the theft of funds of individuals in the first half of the year. However, law enforcement officers recorded an increase in successful thefts from bank accounts. For example, in the Kurgan region, the number of crimes has doubled, in the Smolensk region has grown five times.

According to Stanislav Pavlunin, the Vice-President of Post-Bank, the Bank uses different approaches and methods to combat internal fraud, for example, photo and video shooting of monitor screens, as well as official documents, presentations containing confidential information is prohibited.

It is interesting to note that Sixgill analysts have prepared a report, according to which Russia took the last place in the number of stolen bank cards. The researchers see two reasons for such low rates: the first is a large percentage of Russian cybercriminals, and the second is the economic situation in Russia.

Banks collect biometric data of citizens in Russia






More than 70 Bank offices in the Irkutsk region are already working in the Unified Biometric System, which allows receiving services of bank remotely.


Recall that remote identification was launched in Russia in mid-2018. Clients just need to confirm their identity using biometric data - face images and voice recording.

According to the employer of the Irkutsk Branch of the Bank of Russia, clients need to come to the office once with a passport in order to register in the system. This procedure takes less than 1 minute. Today, 71 Bank offices work with such technologies in the Irkutsk region. Siberian residents can do the identification procedure in the biometric system in 687 branches of 57 banks.

Citizens have access to services of opening an account, obtaining a loan and transferring funds. These services can be obtained by phone, without a personal visit to the office of the Bank. The number of services will expand in the future. In addition, soon insurance companies will also recognize citizens by biometric data.

The new system has significantly reduced the number of Bank frauds. Thus, according to the Pochta Bank, the credit institution managed to block about five thousand fraud attempts in the last year through the biometric identification of clients.

Svetlana Ozeretskovskaya, the Head of Promotion of the Unified Biometric System project, stressed that "all biometric data is encrypted. It is almost impossible to restore them. This reduces the risk of compromise and does not allow attackers to take advantage of the data, even if some kind of leak occurs".

Meanwhile, cybersecurity specialists still see some weaknesses in the system. For example, Trojans in mobile applications or social networks can intercept biometric. But the authors of the biometric identification system are sure that even if your data gets to the criminals, the system will still calculate the fraud. According to the company Rostelecom, the probability of incorrect recognition of the client is 1 per 10 million. Moreover, the system will distinguish even twins from each other.

The Central Bank of Russia detected a new type of fraud during the transfer of funds through an ATM




According to the publication of the Center for monitoring and responding to computer attacks in the financial sphere of the General Directorate of protection and information security at Bank of Russia (FinCERT), the Central Bank reported a new type of fraud during the transfer of funds between cards through ATMs.
The document says, "previously expected  TRF-attacks (transaction reversal fraud) did not occur, but a new method of such an attack was recorded based on the imperfection of the scenarios for processing transfers from card to card using ATMs."
The fraud method is connected with the imperfection of the p2p-transfer scenario (transfer between individuals). In particular, when the transaction is cancelled, the fraudster has the opportunity to withdraw the transferred amount from another card and at the same time keep the money in his account.
The algorithm is quite simple. First, a transfer operation between individuals is selected and the card number of the beneficiary is indicated. The terminal sends two authorization messages to the beneficiary's Bank and to the sending Bank. After two approvals have arrived, the actual translation is performed.
However, the ATM then asks the sender for confirmation of the debit fee, but he does not agree, and a message about the return is sent to both Banks. As a result, the temporary holding of funds is removed from the sender's account, he saves all the money, but the beneficiary during this time withdraws the transfer from his card.
The Central Bank advises Banks to check the correctness of ATM scenarios. So, the approval for the cancellation of the operation to the sender should come only after the message about the successful return of the transferred funds from the beneficiary's Bank.
Another measure to combat this type of fraud is to obtain consent to charge a transfer fee before sending authorization messages for the operation.
The sender bank is responsible for the success of such attacks, said Alexei Golenishchev, the Director of e-business monitoring at Alfa-Bank.
In May, Ehackingnews described another type of fraud with Sberbank ATMs. The attacker did not insert a Bankcard into the machine, chose any operation and did not complete it. When the next customer came to the machine, he saw on the screen of ATM a proposal to insert the card and enter the pin code. When he did all, the operation of the attacker was automatically completed, after which the money was debited from the cardholder's account. Later, Sberbank said that Bank solved this problem and the attackers could not withdraw money anymore.

The Central Bank of Russia has found problems with cybersecurity in all verified Banks


This year, the Bank of Russia checked 75 Banks for compliance with cybersecurity requirements and found all violations of the requirements. The head of the CBR Elvira Nabiullina informed about this, speaking at the II International Cybersecurity Congress (ICC).

Nabiullina said, "Since last year, the Central Bank as a regulator has the authority to supervise financial institutions in terms of how they fulfill cyber security requirements. Last year we checked 58 Banks, this year - 75. Problems and violations were found in all of them."

The Chairman of the Central Bank added that the problems found in Banks should not be considered critical, but they can become such over time, if not to take measures to prevent possible cybercrime.

Nabiullina noted that protection from cyber risks and the level of cybersecurity in the near future will become a competitive advantage for all companies. At the same time, the main drawback is that the business processes of Banks do not include the management of cyber risks.

The Chairman of the Central Bank drew attention to the fact that Russian bankers have no particular fear of hackers. Apparently, for this reason, certain shortcomings or problems were identified in each financial organization.

According to Nabiullina, there is a neglect of cybersecurity in society, and the heads of companies do not understand the problem.

Nabiullina stressed, “Our task is to use new technologies and try to go a step further, keeping up with hackers.”

Russian Prime Minister Dmitry Medvedev also spoke at the ICC. He said that it was necessary "to develop global security standards". Also, Medvedev noted that crimes that are committed with the help of the Internet "have no boundaries."

It should be noted that earlier German Gref, CEO, Chairman of the Executive Board of Sberbank, expressed the opinion that the heads of large companies should be paranoid in the fight against cyber threats: "We are responsible not only for ourselves, but we have hundreds of millions of our customers."

Hackers made Bank clients debtors - Large-scale data breach occurred in Russia



On June 8-9, Alfa-Bank was attacked for several hours, as a result of which the stolen funds appeared on the accounts of random customers of the credit institution.

Some clients of the Bank received amounts from 10 to 15 thousand rubles ($ 155-235). Many of them quickly spent this easy money.

However, immediately after the payment, Alfa-Bank clients were charged amounts two to three times more than the fraudsters sent. They formed an overdraft or a short-term loan.

Alfa-Bank solved the problem with hacking within a few hours, and clients of Bank are obliged to return the money that came from hackers in full amount. However, there were no official comments from Alfa-Bank.

Experts said that such a fraud can be done only with access to the Bank's system. Therefore, the security service is looking for fraud among its employees.

It is worth noting that on June 9, the Russian newspaper Kommersant reported the leakage of personal data of 900 thousand clients of Alfa-Bank, OTP Bank and Home Credit Bank in Russia. According to the published material, the names, phone numbers (mobile, home and work), address and place of works, passport data of almost 900 thousand Russians including 55 thousand customers of Alfa-Bank were publicly available on the Internet, as well as balances on the accounts of clients of Alfa-Bank limited to a range of 130-160 thousand rubles.

The company DevicеLock found the leaks. They occurred at the end of May, the data were collected a few years ago, but a significant part of the information is still relevant. Moreover, DeviceLock discovered two customer databases of Alfa-Bank: one contains data on more than 55 thousand customers from 2014-2015, the second contains 504 records from 2018-2019.

An interesting fact is that one of the databases of clients of Alfa-Bank contains data on about 500 employees of the Ministry of Internal Affairs and about 40 people from the FSB (the Federal Security Service).

The Press Service of Alfa Bank said that at the moment they are checking the accuracy and relevance of information.

The National Payment Card System (NPCS) of Russia says the Fast Payment System is secure


According to Dmitry Kolesnikov, Director of the FPS project in the NPCS, the Fast Payments System is completely safe.

Earlier, the Head of Sberbank German Gref said that one of the reasons why Sberbank does not join the Fast Payment System is cybersecurity. So, according to Gref, the system is still unsafe.

"The system is safe, secure, fully complies with all standards. There were no incidents during the operation," said Kolesnikov at the International Forum "Remote Services, Mobile Solutions, Cards and Payments - 2019".

The Bank of Russia summed up the results of the first four months of the FPS. According to Maria Krasenkova, the Head of the Development and Regulation of the National Payment System of the Central Bank, from January 28 to May 28, 500 thousand transfers were made through the FPS for a total of 4.2 billion rubles ($ 64 million). Dmitry Kolesnikov noted that during the operation of the system, about 200 thousand people took advantage of it. According to NPCS, 40% of transfers are made between own accounts, 60% between accounts of different clients.

It is worth recalling that the Central Bank launched a competitor to the Sberbank transfer system, it's a money transfer system (FPS) by telephone number between accounts of different banks. First, only 11 financial institutions joined the FPS, including Alfa-Bank, Tinkoff Bank, Gazprombank, VTB and others. Another 100 banks expressed their desire to join the system. However, Sberbank has not yet expressed its desire to join the FPS. The largest Russian Bank was a monopolist in the market of money transfers between individuals. In 2018, Sberbank earned 47.2 billion rubles ($ 722 million) on transfers, and the launch of the Central Bank system has already hit its revenues. In the future, participation in the FPS is planned to be mandatory for all banks.

The Bank of Russia expects to connect important Banks to the FPS before September 1. However, according to Gref, the agreement with the Bank of Russia on the connection of Sberbank to the FPS has not yet been achieved.