On the heels of a well publicized distributed denial of service (DDoS) attack on U.S. financial institutions came a warning about another coordinated and planned cyber attack against this critical infrastructure sector.
Cyber intelligence uncovered a fairly large, coordinated cyber attack that is said to use fraudulent wire transfers as the means of attack. This cybersecurity attack is said to leverage session hijacking in a man-in-the-middle cyber attack.
Man-in-the-middle cyber attack is defined as a compromise where the attacker is able to insert themselves between its target and the system or service in which the target is trying to access or use. An attacker accomplishes this by impersonating the system or service that the target is attempting to connect with by falsely rerouting the traffic to and from the service or by hijacking session data.
This attack is known to be initiated by spam and phishing emails, keystroke loggers as well as Trojans with remote access. A high attack concentration has been seen in the small and medium sized organizations and the transfer amounts have ranged from $400,000 to $900,000.
Multiple cyber intelligence sources have warned that an estimated 30 U.S. based financial services institutions may be the targets of an organized cyber criminal gang that is said to be the entity behind this attack.
Just recently the FBI issued a warning about this threat. Their warning stated that the criminals behind this cyber attack were using multiple techniques to obtain customer log-in credentials. Once the criminals have these credentials, they initiate international wire transfers.
For additional information you should monitor the FBI, in association with the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Internet Crime Complaint Center (IC3).