An insider attack is the simplest. You can persuade someone

[[email protected]]

Even a cleaning lady, to simply insert a special flash drive with a Trojan into the computer of any employee, even a secretary, for a couple of minutes. And that's it, access is gained, and the culprit will not be found.

o-woman-confused-computer-facebook

Option two: social engineering. Large banks systematically order work on conducting attacks using social engineering, when letters are sent out en masse to company employees asking them to visit a website or open a PDF or even an EXE file. These files contain exploits with code that allows them to take control of a computer. Result: more than 50% of users go to websites, and in fact, remote control is taken in 20-30% of cases.

It is worth noting that exploits are not "zero-day". This is due to the nepal whatsapp number list fact that old vulnerabilities are cheaper to use. Usually, after a year or two, they are included in some exploit kits and sold. There, you can automatically "hammer" until the right exploit is found.

Meanwhile, it is worth considering that such important users of the bank from a security point of view as remote banking operators are very often required to open everything that comes from the bank’s clients.

The third option concerns attacks on external bank services accessible from the Internet. In some cases, they can be used to gain direct access to the corporate network.

Example of attack

One of the illustrative cases occurred last summer. There is a framework called Struts2. It is very common and is used in many web applications, including banks. This summer, a notice about closing a critical vulnerability was published on the Struts2 developers' website, which allowed any (anonymous) user to execute commands in the OS in any web application on Struts2 (i.e., take full control over the server).