Hackers increase attacks on Russian online banking

Sberbank ATM in Russia
Sberbank ATM in Russia

Amid the growing number of cyber-attacks on the Internet systems of Russian banks in recent months, Russian banks are considering designing new systems of IT security.

Details of the new systems being developed by Sberbank, VTB and other leading banks have not been disclosed.

A spokesman for the Russian Association of Banks told SCMagazineUK.com that last year total losses at Russian banks from cyber-attacks on their Internet banking systems amounted to more than RUB 10 billion (£167m, US$250m). 

It is expected that these figures may increase significantly this year, as hacker attacks on the online banking systems grow more sophisticated.

Hackers have recently become able to override traditional means of security used by banks, such as tokens for SMS-authentication, withdrawing funds from the accounts with the use of trojans and fake banking details.

Pavel Krylov, head of Bot-Trek Secure Bank, one of Russia's leading security providers of IT security solutions for the banking industry, told SC that even occasional attacks on the customers of large banks reaped big profits for cyber-criminals.

At the same time, there is an ever-growing interest among cyber-criminals in online trade and brokerage systems.

Krylov added that in recent years the number of trojans, designed for  attacks on devices based on the Android platform both in Russia and the EU, has significantly increased.  

The vulnerability of the Android platform attracts more hackers, he said, which is reflected by the latest data from the Russian Ministry of Internal Affairs. It said that in Russia the number of criminal cyber-groups, specialising in the design of Android trojans for the attacks on the banking industry, is around 60-70 and increasing all the time.

Meanwhile, there is a growing number of websites selling data containing bank card numbers, usernames and passwords from different banking systems, along with information on the vulnerabilities of banking systems. These websites are usually created by hackers with the aim of making money on stolen information.

An official spokesman in the department of cyber-security at Sberbank told SC that the number of hacker attacks on banking systems will continue to grow next year, with mobile platforms continuing to be the main targets. 

In addition, companies will face more cryptolocker attacks. In addition, the number of attacks on POS terminals with the aim of stealing confidential banking data will also increase.