A wave of cyberattacks since 2013 has cost banks around the globe up to $1 billion (870 million euros) according to a report by Russian computer security firm Kaspersky Lab released Monday.
The large-scale theft, which Kaspersky said was still going on, “indicates clearly the coming of a new era for cybercrime”.
About 100 banks — mainly in Russia but also in the United States, Germany, China and Ukraine — have been targeted.
It was too early to pin down the source of the attacks, although some evidence points to China, Kaspersky said, while warning that hackers sometimes plant clues intended to mislead investigators.
The goal of the attacks “appears to be financial gain rather than espionage,” the report said, adding that the attackers are “clearly familiar with the software and networks of financial services”.
Hackers commonly break into bank networks by tricking staff into clicking on links or email attachments in a process called “phishing.” In some cases the hackers follow targeted employees on video surveillance images.
Once the attackers are in, they can then transfer money to accounts under their control or make withdrawals at certain bank machines. Stolen money was transferred to the United States and China, Kaspersky said.
Hackers had such advanced access to the banks’ systems that they could force bank machines to dispense cash at specific times and locations where hackers could pick it up, The New York Times reported Saturday.
Whopping sums of cash were involved, with one institution losing $7.3 million in withdrawals at bank machines as well as $10 million more through its online platform.
Kaspersky said the hackers are trying to broaden their European attacks to Middle East, Asia and Africa.