Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The 21st Century Bank Job

Avatar for Jim Geovedi Jim Geovedi
October 14, 2011
Technology
0
130

The 21st Century Bank Job

Yes, I'm talking about how to hack a Bank!
Avatar for Jim Geovedi

Jim Geovedi

October 14, 2011
Tweet

More Decks by Jim Geovedi

See All by Jim Geovedi
Who's Smarter Than Machine?
Avatar for Jim Geovedi geovedi
0
110
Unstructured Data is the New Gold: ML + NLP is the New Shiz!
Avatar for Jim Geovedi geovedi
5
900
Machine Learning for Cybersecurity
Avatar for Jim Geovedi geovedi
5
2.5k
Waluku: Answering Astronomy Questions through Social Media
Avatar for Jim Geovedi geovedi
0
170
@begobet
Avatar for Jim Geovedi geovedi
0
300
Satellite Telephony Security
Avatar for Jim Geovedi geovedi
0
80
Hacking a Bird in the Sky: The Revenge of Angry Birds
Avatar for Jim Geovedi geovedi
0
120
Cloud Security - Security Aspects of Cloud Computing
Avatar for Jim Geovedi geovedi
0
70
Professional Hackers
Avatar for Jim Geovedi geovedi
0
110

Other Decks in Technology

See All in Technology
Why Platform Engineering? - マルチプロダクト・少人数 SRE の壁を越える挑戦 -
Avatar for 株式会社ヌーラボ nulabinc
PRO
5
410
Terraform にコントリビュートしていたら Azure のコストをやらかした話 / How I Messed Up Azure Costs While Contributing to Terraform
Avatar for ののし nnstt1
1
490
OPENLOGI Company Profile for engineer
Avatar for OPENLOGI hr01
1
26k
ソフトウェアテスト 最初の一歩 〜テスト設計技法をワークで体験しながら学ぶ〜 #JaSSTTokyo / SoftwareTestingFirstStep
Avatar for nihonbuson nihonbuson
PRO
1
150
フルカイテン株式会社 エンジニア向け採用資料
Avatar for FULL KAITEN fullkaiten
0
5.5k
試作とデモンストレーション / Prototyping and Demonstrations
Avatar for Kenji Saito ks91
PRO
0
120
Как мы автоматизировали интеграционное тестирование с Gonkey и не пожалели. Паша Егорычев, Кирилл Поляков
Avatar for Lamoda Tech lamodatech
0
2.1k
Асинхронная коммуникация в Go: от понятного к душному. Дима Некрасов, Otello, 2ГИС
Avatar for Lamoda Tech lamodatech
0
2.1k
LLMの開発と社会実装の今と未来 / AI Builders' Community (ABC) vol.2
Avatar for Preferred Networks pfn
PRO
1
140
Ruby on Rails の楽しみ方
Avatar for morihirok morihirok
1
240
Kaigi Effect 2025 #rubykaigi2025_after
Avatar for sue445 sue445
0
120
Vibe Coding Tools
Avatar for Michael H. Oshita ijin
0
210

Featured

See All Featured
GitHub's CSS Performance
Avatar for Jon Rohan jonrohan
1031
460k
Adopting Sorbet at Scale
Avatar for Ufuk Kayserilioglu ufuk
76
9.4k
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
159
23k
Mobile First: as difficult as doing things right
Avatar for Swwweet swwweet
223
9.6k
Automating Front-end Workflow
Avatar for Addy Osmani addyosmani
1370
200k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
368
19k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
45
9.5k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
693
190k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
46
14k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
34
2.2k
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
54
13k
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
187
11k

Transcript

  1. THE 21ST CENTURY BANK JOB @GEOVEDI

  2. EVER THOUGHT ABOUT ROBBING A BANK?

  3. JOHN DILLINGER KUSNI KASDUT OLD SCHOOL

  4. HACKING A BANK IS EASY ..OR MAYBE NOT!!

  5. MODERN BANK JOBS CASE STUDIES

  6. CREDIT CARD FRAUD

  7. ATM SKIMMING

  8. SOCIAL ENGINEERING

  9. & IT’S EASIER THEY ARE CLUELESS WHY TARGETING THE USERS?

    [MOST OF THE TIME]

  10. HOW ABOUT HACKING?

  11. Swordfish (2001)

  12. INSIDE THE BANK’S IT SYSTEM

  13. CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDRING REMITTANCE

    CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC BANKING MOBILE BANKING CARD MANAGEMENT

  14. NETWORK OF TRUST EMPLOYEES MANAGEMENT GOVERNMENT VENDORS CUSTOMERS

  15. STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT

  16. COMMON PROBLEMS PEOPLE PROBLEMS WEAK PASSWORDS LACK OF AWARENESS LACK

    OF SKILLS SYSTEM PROBLEMS OUTDATED SYSTEMS INSECURE CONFIGURATIONS INSECURE PROTOCOLS

  17. MANAGEMENT PROBLEMS

  18. None

  19. MERCHANTS

  20. ATM COMPROMISE

  21. WTFKTHXBYE

  22. None

  23. WHO’S RESPONSIBLE?

  24. BANK CUSTOMER According to Customer BANK CUSTOMER According to Bank

    RESPONSIBLE RESPONSIBLE RESPONSIBLE SECURITY RESPONSIBILITY

  25. BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL

  26. ENCRYPTION

  27. TWO-FACTOR AUTHENTICATIONS

  28. TWO-FACTOR AUTHENTICATIONS

  29. REGULATION COMPLIANCE

  30. REGULAR SECURITY ASSESSMENT

  31. WHAT’S NEXT?

  32. WHAT’S NEXT?

  33. THANKS!

  34. CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/

    • [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/

  35. @GEOVEDI CHECKOUT: http://slideshare.net/geovedi