News & Resources

Massive cyber attack affects California organization

Mar 06, 2013 Dave King

Massive cyber attack affects California organization

Electronic payments have revolutionized a variety of corporate processes, ranging from payroll to vendor accounts and customer services. However, ACH cards and wire transfers do come with a variety of risks, especially when accounts receivable and payable are not monitored and secured properly.

The practices and methods of hackers continue to evolve at a rapid pace, illustrating the importance of the most proactive and comprehensive internal security policies. As the most devastating hacks of corporate accounts are often those that go on for long stretches of time undetected, companies need to ensure that oversight practices are as stringent as possible.

One attack leads to major loss

KrebsonSecurity recently reported that cyber criminals used a distributed denial-of-service attack, or DDoS, to hide an online account hack that led to the theft of $900,000 from a regional bank's clients. DDoS has become one of the more popular methods of hackers in recent years, as it is relatively easy to carry out and can lead to devastating after effects.

This attack is characterized by the attempt to make networks or computers unavailable to users, as the hackers try to temporarily or indefinitely suspend web-based services. According to the news provider, this method blocked the bank's officials from detecting the crime that was going on, as the thieves stole nearly $1 million in only a few days.

The source explained that 62 individuals were used as "money mules" in this one attack, which is somewhat common for a DDoS-based hack. The networks are built as big as possible so each member of the conglomerate can steal small amounts of money, thus making it even more difficult to detect or shut down. KrebsonSecurity noted that most members of this attack stole between $4,000 and 9,000 from the bank's clients, though several transfers were for $80,000 and $100,000.

The news provider added that the organization's online system was knocked out for only 24 hours, but it was enough to enable the thieves to cover up the massive crime.

Oversight quashes issues
Businesses need to implement a variety of policies and software to ensure this type of crime does not affect their staff members or customers in the future. Advanced firewall and authentication software are crucial to protect corporate networks and data from criminals, while contingency plans that can be followed once a DDoS or similar attack is detected can reduce the losses incurred.

Further, corporate executives should ensure that consistent and effective oversight protocols are in place and enforced for accounts payable and receivable.