show me the money! - asobanca me... · 2016. 10. 31. · [email protected]...
TRANSCRIPT
![Page 1: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/1.jpg)
The global financial system is under attack
Show me the Money!
Roberto Martinez | Security Researcher
[email protected] @r0bertmart1nez
Kaspersky Global Research and Analysis Team | Latin America
![Page 2: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/2.jpg)
Thank you!
![Page 3: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/3.jpg)
Thank you!
![Page 4: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/4.jpg)
Thank you!
![Page 5: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/5.jpg)
Thank you!2.0 Attacks
APT-style bank robberies
The advance of
technology has
provided
criminals with
extra
opportunities
![Page 6: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/6.jpg)
Thank you!Hackers could bring down the banks
![Page 7: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/7.jpg)
Thank you!• Total Impact estimated: 1,200,000,000.00 MXN (Around 64 M
dollars)
• 1st Attack: 450 ATM’s, 4 different banks
• Licensing model: 24 hours per use
• Key moments: Good Weekend (Mexican Black Friday) and
February 14 (Valentine’s day)
• Banks started receiving “low flow” alerts
• New attacks on 2014 and 2015
Ploutus
![Page 8: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/8.jpg)
Thank you!Green Dispenser
• Published 2015
• First attacks in 2014
• 1.02 million pesos/ U$ 304K stolen from 14 ATMs
• 1 Bank employee involved and arrested, with access to more
than 1.159 ATMs
• We found 1 new sample of Green Dispenser targeting Diebold
and Wincor ATMs
![Page 9: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/9.jpg)
Thank you!No malware, no problem!
![Page 10: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/10.jpg)
Thank you!Further Proof That Hacking Is Changing the World
![Page 11: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/11.jpg)
Thank you!• 11.5 million confidential documents
• 4.8 million emails
• 3 million database format files
• 2.2 million PDF documents
• 1.1 million images
• More than 320,000 text documents
The data Leak
![Page 12: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/12.jpg)
Thank you! Know what information is most valuable -- to you,
to your customers, to the public, and to attackers -- and
protect it accordingly.
Your data breach can have immediate, devastating
effects on customers.
The Importance of Having an Effective Incident
Response Team
Lessons learned
![Page 13: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/13.jpg)
Thank you!Know your adversary!
• Social Engineering
• Insiders
• Intelligence
• Tech tools
![Page 14: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/14.jpg)
Thank you!
Source: http://www.hackmageddon.com/2016/06/19/may-2016-cyber-attacks-statistics//
![Page 15: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/15.jpg)
Thank you!Attackers Techniques
![Page 16: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/16.jpg)
Thank you!xDedic – the shady world of hacked servers for sale
![Page 17: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/17.jpg)
Thank you! Actors
Patterns
Geography
Timelines
Threat Intelligence
![Page 18: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/18.jpg)
Thank you!
GARTNER ADAPTIVE SECURITY ARCHITECTURE
![Page 19: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/19.jpg)
Thank you!GReAT: Elite Threats Research
• Global Research and Analysis Team since 2008
• Threat intelligence, leadership in innovation and research
• Approach: APTs, Critical Infrastructure Threats, Financial
Threats, sophisticated Targeted Attacks
![Page 20: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/20.jpg)
Thank you!1/3
42
Our employeses workin R&D
world leading security experts: our elite group
![Page 21: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/21.jpg)
Thank you!
![Page 22: Show me the Money! - Asobanca me... · 2016. 10. 31. · roberto.martinez@kaspersky.com @r0bertmart1nez Kaspersky Global Research and Analysis Team | Latin America. Thank you! Thank](https://reader035.vdocuments.us/reader035/viewer/2022071608/6146ec93f4263007b1357d9e/html5/thumbnails/22.jpg)
Roberto Martinez
Security Researcher | Global Research and Analysis Team Mexico
@r0bertmart1nez [email protected]
¡Gracias!