Hackers are plotting one big banking hit, warns Europol

Insiders are being groomed to sabotage financial security systems, say investigators

Nick Kochan
Monday 13 October 2014 10:19 BST
Bank insiders are being groomed, says Europol
Bank insiders are being groomed, says Europol (Getty)

Criminal gangs are plotting a $1bn cyber-heist on global financial institutions, Europol has warned, as it ratchets up the pressure on banks currently reeling from the record-breaking hit on JP Morgan Chase.

Secret listening on internet chat rooms by the European police investigative body has discovered planning by sophisticated Russian cyber criminals aimed at pulling off one massive hit on a bank.

“We have intelligence and information about planning in this direction,” Troels Oerting, head of Europol’s European Cybercrime Centre in The Hague, said.

Bank insiders are being groomed, says Europol, to put in place programs that will override monitoring apparatus. These insiders will close down alarm systems designed to alert staff when large amounts are unexpectedly transferred out of a bank. Huge numbers of boltholes for funds are being created to obstruct tracing and retrieving stolen money.

“There is a lot of intelligence that says the criminals don’t want to make thousands of small thefts,” Mr Oerting said. “Instead they want one big one on a financial institution.”

The insider will be left behind to take the punishment once the funds have been removed, Mr Oerting said: “They want to get rid of the money in one go and then they get out of here and leave behind the insiders to take the punishment.” Such a heist has yet to be pulled off, he added.

Europol’s intelligence comes from its moles in the dark web, where criminals buy and sell viruses and targets. Rival gangs share information, said Mr Oerting, as “there are so many wide open targets to go around. There is enough for everyone”.

Corporate firewalls are under constant pressure as gangs see if they can penetrate the most frequently used security programs.

Mr Oerting said the cyber crooks are winning the ‘arms race’ raging between them and cyber security companies: “Right now it is completely risk-free and it is very attractive to be a cyber criminal. Cyberspace is a low-risk, high-profit criminal area.”

Gangs in Russia and Russian-speaking countries are Europol’s key targets. Many receive government assistance and encouragement.

New cyber threats will come from Africa, predicted Mr Oerting: “They will be out of reach of Western law enforcement. It will be very difficult if not impossible to prosecute them. We will probably have to find a way to disrupt them instead of prosecuting them.”

Banks who keep attacks secret “are building up trouble for themselves”, he said, adding: “The quicker we hear about an attack the better the chance of closing the gang down.”

Security breaches: A growing threat

Cyber attacks are rapidly climbing to the top of banks’ and financial regulators’ urgent attention lists.

Such attacks are rarely made public but recent breaches at US bank JP Morgan and global fund manager Fidelity hit the headlines.

One senior banker said: “We suffer attacks, or attempted attacks, on a daily basis.”

The Financial Conduct Authority, the Bank of England and the Treasury run regular exercises to test London financial institutions’ readiness for such attacks. The most recent, “Waking Shark 2”, simulated an attack on the wholesale banking system by a hostile nation state and involved 200 firms. Another simulated attack on retail banking is planned.

JP Morgan admitted this month that hackers had got hold of details of 83 million individual and small business accounts. President Barack Obama was heavily briefed on the breach.

A recent report from PwC said the number of detected information security breaches globally in 2014 was running almost 50 per cent ahead of 2013. Nick Goodway

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in