“These attacks were unique in terms of the organisation it took to execute them,” said Konrads Smelkovs of KPMG’s cyber security team. “However, the tools used by these cyber-crime gangs weren’t particularly sophisticated. It was the persistence and cautious approach of the criminals that netted them the prize. The banks targeted – primarily in Russia and Ukraine – suggest a selective operation in areas where tracking transactions is more complex.
“Financial institutions need to take more of a pre-emptive approach to such attacks. Playing ‘war games’ is one effective way of highlighting potential weak spots where attacks are simulated. Each organisation should also look to have someone committed to defending their network, rather than someone who merely adheres to prescribed standards. The continued investment towards anti-malware technology and internal network monitoring tools remains crucial to being a step ahead of cyber criminals.”