Section A: Case study I
Hackers steal £650 million in world's biggest bank raid
By By Martin Evans, Crime Correspondent — February 15, 2015
Investigators uncover what is thought to be the biggest ever cybercrime with more than £650 million going missing from banks around the world
British banks are thought to have lost tens of millions of pounds after a gang of Russian based hackers spent the last two years orchestrating the largest cybercrime ever uncovered. As much as £650 million is thought to have gone missing after the gang used computer viruses to infect networks in more than 100 financial institutions worldwide.
The hackers managed to infiltrate the bank's internal computer systems using malware, which lurked in the networks for months, gathering information and feeding it back to the gang. The illegal software was so sophisticated that it allowed the criminals to view video feeds from within supposedly secure offices as they gathered the data they needed to steal. Once they were ready to strike, they were able to impersonate bank staff online in order to transfer millions of pounds into dummy accounts. They were even able to instruct cash machines to dispense money at random times of the day even without a bank card. While the criminals behind the audacious electronic raid are thought to be based in Russia, the scale of their crime was truly global with banks in Japan, China, the United States and throughout Europe having been hit. The scale of the losses by UK based financial institutions has not yet been disclosed, but is thought to run into tens of millions of pounds. The scam was uncovered by the Russian cybersecurity firm, Kaspersky Lab, which was called in to investigate after a cash machine in Ukraine was found to have been spitting out money at random times.
As investigators began to look into the problem they were staggered by the scale of the crime they uncovered. A spokesman for Kaspersky Lab said: "The plot marks the beginning of a new stage in the evolution of cybercriminal activity, where malicious users steal money directly from banks, and avoid targeting end users." Despite the fact the plot has been uncovered, it is feared that banks may still find themselves falling victim as once installed the malware can operate almost independently and is extremely difficult to identify.
The cybercriminals would gain entry to an employee's system through a process called spear phishing, where they would send an email which appeared to come from a trusted source. Once the email was opened, the malware would infect their system allowing the hacker to jump into the bank's network. They would then gain access to an administrator's computer providing video surveillance of everything on in the office. They were able to monitor the screens of staff that serviced the cash transfer systems and after watching how they operated were able to mimic the process needed to move money around. It is thought the largest sums stolen were taken in bold electronic raids, where hackers would break into computer system and transfer tens of millions of pounds in one go. On average, each bank robbery took between two and four months, from infecting the first computer at the bank's corporate network to making off with the stolen money.
Another method used was where the criminals would gain access to someone's account and inflate the balance many times over. They would then withdraw the amount they had increased it by and the person would never suspect because their original balance remained the same.
Sergey Golovanov of Kaspersky Lab said: "These bank heists were surprising because it made no difference to the criminals what software the banks were using. "So even if its software is unique, a bank cannot get complacent. The attackers didn't even need to hack into the banks' services. Once they got into the network, they learned how to hide their malicious plot behind legitimate actions. It was a very slick and professional cyber-robbery."
You are an external IT auditor to the bank. You have been asked by the bank management to create an audit plan in order to improve their IT security system. The bank management has identified audit areas, which are auditing network security and operating systems for your investigation to prevent future hacking.
Formulate five (5) audit objectives and discuss detailed audit procedures. There must be at least three (3) audit procedures for each objective. (15 marks)
Recently Asked Questions
- You are tasked with evaluating a riskier-than-average capital budgeting project with the following cash flows. The project will initially cost $372. In Year
- Which of the following is not a role of the internal audit activity in best practice governance activities ?
- What is the effect on the financial statements when a company fails to accrue interest expense at year ‐ end ?