Hack Attacks: Texas, Swedish Banks Reveal Breaches

Crimes Thwarted Before Major Losses Could be Suffered

By Linda McGlasson, January 31, 2008.
Hack Attacks: Texas, Swedish Banks Reveal Breaches

I

See Also: Actionable Threat Intelligence: From Theory to Practice

n the wake of news about insider fraud at French bank Societe Generale, two different banks in two different countries have acknowledged information security breaches that underscore the need for increased vigilance - by financial institutions and their customers.

In Forth Worth, Texas, OmniAmerican Bank announced it had stopped hackers who had broken into the bank's online banking system and were taking monies from customer accounts through ATM withdrawals. OmniAmerican has more than $1 billion in assets and 17 branches and is one of the largest independent banks in the Forth Worth area.

In Uppland County, Sweden, authorities announced the arrests of seven cybercriminals who were stopped seconds before their crew made off with millions from an unidentified Swedish bank. The criminals had surreptitiously installed equipment on a computer at the bank that would allow the hackers to divert online funds to other accounts.

Hackers Halted in Texas
In OmniAmerican Bank's case, the bank's information security team detected fraudulent activity on some customer accounts, and the bank placed temporary limits on some ATM and debit card transactions. The team discovered the activity during the evening of January 18.

At the same time, the bank suspended access to some electronic banking services, but access to those services was restored on January 21. Because of the breach, the bank says it is issuing new check cards, ATM cards and personal identification numbers to customers to guard against "future fraudulent activity." Letters alerting bank customers of the fraudulent activity were delivered by mail.

In a statement issued by the bank, Tim Carter, president and CEO, says: "OmniAmerican has always placed a top priority on protecting our customers. Our security team felt these measures were the most prudent to protect our customers and the bank. Only electronic services were affected, and all other banking services remain unaffected."

"Unfortunately, the threat of cybercrime is a risk faced by all financial institutions," Carter adds. "We must remain vigilant in attempting to thwart such activity through the updating and continual monitoring of technologically advanced security systems, as well as through professional diligence."

Carter told a local Fort Worth newspaper that approximately 40,000 cards were reissued, and the system break-in was the work of a sophisticated international gang of cybercriminals who withdrew funds from ATMs located outside of Texas. Losses were minimal, Carter adds, noting that no customers would suffer any loss, and that fewer than 100 accounts were compromised -- most of them dormant and all restricted to withdrawals of $1000 per day.

The bank thwarted the hackers by first stopping all ATM withdrawals outside of Texas, and then suspending ATM and debit card services during its initial investigation. A note on the online banking website page told bank customers, "We apologize for the temporary restriction of our ATM and debit card services. You are a valued customer and we realize the temporary restrictions placed on our ATM and debit card services have created some inconveniences for you. Please be assured the restrictions were put in place to protect all of our customers and we know now that this action was successful in defeating this targeted fraudulent activity. The security of your money and the privacy of your identity are our ultimate concern."

On Jan. 30, the bank's spokesperson, Randi Mitchell, said she had no further details, and until the ongoing law enforcement investigation was completed, the bank would not disclose any additional information.

Plug Pulled in Sweden
According to a statement made by Thomas Balter Nordenman, the prosecutor in charge of the Swedish case, the would-be hackers placed advanced technical equipment under an employee's desk that allowed them to take remote control of the computer. When the employee saw the computer begin an operation to transfer millions from the bank into another account, he pulled the cable to the discovered device and stopped the transfer at the last second.

The prosecutor said the attempted robbery occurred last August at an unidentified bank north of Stockholm. Details of the event were released only after the seven suspects, all from the Stockholm region, were arrested earlier in the week, amidst their preparations for another bank robbery. Police noted some of the suspects have previous fraud records.

This investigation continues.

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Logjam Vulnerability: 5 Key Issues

While the "Logjam" vulnerability raises serious concerns, there's no need to rush related patches...

Latest Tweets and Mentions

ARTICLE Logjam Vulnerability: 5 Key Issues

While the "Logjam" vulnerability raises serious concerns, there's no need to rush related patches...

The ISMG Network