A cybersecurity firm offered recommendations on how to prevent cyber attacks within their organizations amid recent attacks against financial companies and banks
This came after at least 700 clients of BDO Unibank Inc. reported that their accounts were hacked and their money were stolen.
Last week, they took to Facebook and Twitter to share screenshots of emails from BDO notifying them about unauthorized money transfers between P25,000 and P50,000.
The initial investigation found that a UnionBank account under the name Mark D. Nagoyo was the recipient of the stolen money.
The Bangko Sentral ng Pilipinas immediately ordered both BDO and UnionBank to implement remedial measures.
To prevent this from happening again in the future, Kaspersky on December 15 made the following recommendations to other financial institutions and banks:
- Pay more attention to cybersecurity literacy within the organization
- Invest into additional protection and regular security assessment on all parts of the network
- Collaborate with relevant authorities in the country
These include “CERTs, law enforcement agencies as well as private entities in their sector and cyber security professionals.”
The cybersecurity firm also said that cyber attacks showed the vulnerabilities within the IT infrastructures of financial institutions, banks and other similar companies in the Philippines.
“The latest attack against financial institutions in the Philippines underscores the fact that banks and financial entities remain of interest to cybercriminals whose main goal is to steal money,” Kaspersky said.
“Groups that prey on the financial sector find vulnerabilities within the IT infrastructure of their target organizations to carry out their attacks,” it added.
Similar to Lazarus case
The cybersecurity firm further noted the existence of groups or gangs that “are professionals and can really resist detection.”
It cited Lazarus, a group of hackers that attacked the Central Bank of Bangladesh in 2016, as an example of these professional hackers.
They were allegedly responsible for the theft of $81 million from the central bank.
“In the Lazarus cases which Kaspersky investigated, it showed that even if attackers made it inside the network, it’s still not yet too late to conduct actions to prevent further financial and reputation losses,” Kaspersky said.
The firm also added that financial organizations in the country should “request for professional assistance with incident response” in cases of possible intrusion within their systems.
Two to four hackers were identified
Melchor Plabasan, director of the BSP’s Technology Risk and Innovation Supervision Department, in an interview with One News said that authorities have traced two to four persons behind the UnionBank account where the stolen cash was transferred to.
Plabasan said that these hackers were working under the Mark D. Nagoyo account name.
The official also said that these are not employees of BDO and Unionbank.
In a previous briefing, Henry Aguda, UnionBank chief technology and operations officer, stated that authorities have identified six “persons of interest” behind the illegal transfer of funds.
As of December 14, BDO announced that it started processing the reimbursement of money from nearly 700 clients affected by recent fraud.
“BDO Unibank has been processing the reimbursement of close to 700 clients affected by the recent online fraudulent transactions,” BDO was quoted as saying in a report.
“We have requested our clients to go to their branch of account and submit documentation to get the refund. The Bank will shoulder the losses perpetrated by this cybercrime incident,” it added.