Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The 21st Century Bank Job
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Jim Geovedi
October 14, 2011
Technology
150
0
Share
The 21st Century Bank Job
Yes, I'm talking about how to hack a Bank!
Jim Geovedi
October 14, 2011
More Decks by Jim Geovedi
See All by Jim Geovedi
Who's Smarter Than Machine?
geovedi
0
140
Unstructured Data is the New Gold: ML + NLP is the New Shiz!
geovedi
5
920
Machine Learning for Cybersecurity
geovedi
5
2.6k
Waluku: Answering Astronomy Questions through Social Media
geovedi
0
200
@begobet
geovedi
0
330
Satellite Telephony Security
geovedi
0
93
Hacking a Bird in the Sky: The Revenge of Angry Birds
geovedi
0
140
Cloud Security - Security Aspects of Cloud Computing
geovedi
0
89
Professional Hackers
geovedi
0
130
Other Decks in Technology
See All in Technology
AI時代における技術的負債への取り組み
codenote
1
1.5k
AI時代のガードレールとしてのAPIガバナンス
nagix
0
280
ハーネスエンジニアリングをやりすぎた話 ~そのハーネスは解体された~
gotalab555
4
1.7k
昔はシンプルだった_AmazonS3
kawaji_scratch
0
330
Master Dataグループ紹介資料
sansan33
PRO
1
4.6k
Do Ruby::Box dream of Modular Monolith?
joker1007
1
340
AIでAIをテストする - 音声AIエージェントの品質保証戦略
morix1500
1
120
ネットワーク運用を楽にするAWS DevOps Agent活用法!! / 20260421 Masaki Okuda
shift_evolve
PRO
2
210
Contract One Engineering Unit 紹介資料
sansan33
PRO
0
16k
AI バイブコーティングでキーボード不要?!
samakada
0
560
20年前の「OSS革命」に学ぶ AI時代の生存戦略
samakada
0
430
ワールドカフェI /チューターを改良する / World Café I and Improving the Tutors
ks91
PRO
0
320
Featured
See All Featured
Tell your own story through comics
letsgokoyo
1
900
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
320
Principles of Awesome APIs and How to Build Them.
keavy
128
17k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.7k
Practical Orchestrator
shlominoach
191
11k
GitHub's CSS Performance
jonrohan
1032
470k
The Art of Programming - Codeland 2020
erikaheidi
57
14k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.7k
A Tale of Four Properties
chriscoyier
163
24k
Code Reviewing Like a Champion
maltzj
528
40k
Tips & Tricks on How to Get Your First Job In Tech
honzajavorek
1
490
First, design no harm
axbom
PRO
2
1.2k
Transcript
THE 21ST CENTURY BANK JOB @GEOVEDI
EVER THOUGHT ABOUT ROBBING A BANK?
JOHN DILLINGER KUSNI KASDUT OLD SCHOOL
HACKING A BANK IS EASY ..OR MAYBE NOT!!
MODERN BANK JOBS CASE STUDIES
CREDIT CARD FRAUD
ATM SKIMMING
SOCIAL ENGINEERING
& IT’S EASIER THEY ARE CLUELESS WHY TARGETING THE USERS?
[MOST OF THE TIME]
HOW ABOUT HACKING?
Swordfish (2001)
INSIDE THE BANK’S IT SYSTEM
CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDRING REMITTANCE
CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC BANKING MOBILE BANKING CARD MANAGEMENT
NETWORK OF TRUST EMPLOYEES MANAGEMENT GOVERNMENT VENDORS CUSTOMERS
STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT
COMMON PROBLEMS PEOPLE PROBLEMS WEAK PASSWORDS LACK OF AWARENESS LACK
OF SKILLS SYSTEM PROBLEMS OUTDATED SYSTEMS INSECURE CONFIGURATIONS INSECURE PROTOCOLS
MANAGEMENT PROBLEMS
None
MERCHANTS
ATM COMPROMISE
WTFKTHXBYE
None
WHO’S RESPONSIBLE?
BANK CUSTOMER According to Customer BANK CUSTOMER According to Bank
RESPONSIBLE RESPONSIBLE RESPONSIBLE SECURITY RESPONSIBILITY
BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL
ENCRYPTION
TWO-FACTOR AUTHENTICATIONS
TWO-FACTOR AUTHENTICATIONS
REGULATION COMPLIANCE
REGULAR SECURITY ASSESSMENT
WHAT’S NEXT?
WHAT’S NEXT?
THANKS!
CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/
• [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/
@GEOVEDI CHECKOUT: http://slideshare.net/geovedi
SiteGround - Reliable hosting with speed, security, and support you can count on.
geovedi
codenote
nagix
gotalab555
kawaji_scratch
sansan33
joker1007
morix1500
shift_evolve
samakada
ks91
letsgokoyo
tmiket
keavy
zakiyama
shlominoach
jonrohan
erikaheidi
thoeni
chriscoyier
maltzj
honzajavorek
axbom
![CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/](https://files.speakerdeck.com/presentations/2f7c669a47604531a083abc2153736f8/slide_33.jpg){kind=link}
