Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The 21st Century Bank Job
Search
Jim Geovedi
October 14, 2011
Technology
0
140
The 21st Century Bank Job
Yes, I'm talking about how to hack a Bank!
Jim Geovedi
October 14, 2011
Tweet
Share
More Decks by Jim Geovedi
See All by Jim Geovedi
Who's Smarter Than Machine?
geovedi
0
120
Unstructured Data is the New Gold: ML + NLP is the New Shiz!
geovedi
5
910
Machine Learning for Cybersecurity
geovedi
5
2.5k
Waluku: Answering Astronomy Questions through Social Media
geovedi
0
180
@begobet
geovedi
0
310
Satellite Telephony Security
geovedi
0
84
Hacking a Bird in the Sky: The Revenge of Angry Birds
geovedi
0
130
Cloud Security - Security Aspects of Cloud Computing
geovedi
0
82
Professional Hackers
geovedi
0
120
Other Decks in Technology
See All in Technology
251029 JAWS-UG AI/ML 退屈なことはQDevにやらせよう
otakensh
0
170
AWSが好きすぎて、41歳でエンジニアになり、AAIを経由してAWSパートナー企業に入った話
yama3133
2
220
SRE × マネジメントレイヤーが挑戦した組織・会社のオブザーバビリティ改革 ― ビジネス価値と信頼性を両立するリアルな挑戦
coconala_engineer
0
420
re:Inventに行くまでにやっておきたいこと
nagisa53
0
960
DMMの検索システムをSolrからElasticCloudに移行した話
hmaa_ryo
0
340
SOTA競争から人間を超える画像認識へ
shinya7y
0
670
re:Invent 2025の見どころと便利アイテムをご紹介 / Highlights and Useful Items for re:Invent 2025
yuj1osm
0
610
パフォーマンスチューニングのために普段からできること/Performance Tuning: Daily Practices
fujiwara3
2
190
ソースを読む時の思考プロセスの例-MkDocs
sat
PRO
1
360
How Fast Is Fast Enough? [PerfNow 2025]
tammyeverts
2
230
Open Table Format (OTF) が必要になった背景とその機能 (2025.10.28)
simosako
3
610
ざっくり学ぶ 『エンジニアリングリーダー 技術組織を育てるリーダーシップと セルフマネジメント』 / 50 minute Engineering Leader
iwashi86
8
4.3k
Featured
See All Featured
Large-scale JavaScript Application Architecture
addyosmani
514
110k
Build your cross-platform service in a week with App Engine
jlugia
234
18k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
9
950
Building a Scalable Design System with Sketch
lauravandoore
463
33k
Done Done
chrislema
186
16k
Agile that works and the tools we love
rasmusluckow
331
21k
Code Review Best Practice
trishagee
72
19k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
140
34k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3.1k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
36
6.1k
Into the Great Unknown - MozCon
thekraken
40
2.1k
Transcript
THE 21ST CENTURY BANK JOB @GEOVEDI
EVER THOUGHT ABOUT ROBBING A BANK?
JOHN DILLINGER KUSNI KASDUT OLD SCHOOL
HACKING A BANK IS EASY ..OR MAYBE NOT!!
MODERN BANK JOBS CASE STUDIES
CREDIT CARD FRAUD
ATM SKIMMING
SOCIAL ENGINEERING
& IT’S EASIER THEY ARE CLUELESS WHY TARGETING THE USERS?
[MOST OF THE TIME]
HOW ABOUT HACKING?
Swordfish (2001)
INSIDE THE BANK’S IT SYSTEM
CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDRING REMITTANCE
CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC BANKING MOBILE BANKING CARD MANAGEMENT
NETWORK OF TRUST EMPLOYEES MANAGEMENT GOVERNMENT VENDORS CUSTOMERS
STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT
COMMON PROBLEMS PEOPLE PROBLEMS WEAK PASSWORDS LACK OF AWARENESS LACK
OF SKILLS SYSTEM PROBLEMS OUTDATED SYSTEMS INSECURE CONFIGURATIONS INSECURE PROTOCOLS
MANAGEMENT PROBLEMS
None
MERCHANTS
ATM COMPROMISE
WTFKTHXBYE
None
WHO’S RESPONSIBLE?
BANK CUSTOMER According to Customer BANK CUSTOMER According to Bank
RESPONSIBLE RESPONSIBLE RESPONSIBLE SECURITY RESPONSIBILITY
BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL
ENCRYPTION
TWO-FACTOR AUTHENTICATIONS
TWO-FACTOR AUTHENTICATIONS
REGULATION COMPLIANCE
REGULAR SECURITY ASSESSMENT
WHAT’S NEXT?
WHAT’S NEXT?
THANKS!
CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/
• [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/
@GEOVEDI CHECKOUT: http://slideshare.net/geovedi
geovedi
otakensh
yama3133
coconala_engineer
nagisa53
hmaa_ryo
shinya7y
yuj1osm
fujiwara3
sat
tammyeverts
simosako
iwashi86
addyosmani
jlugia
samlambert
lauravandoore
chrislema
rasmusluckow
trishagee
eileencodes
kevinliebholz
thekraken
![CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/](https://files.speakerdeck.com/presentations/2f7c669a47604531a083abc2153736f8/slide_33.jpg){kind=link}
