Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The 21st Century Bank Job
Search
Jim Geovedi
October 14, 2011
Technology
0
140
The 21st Century Bank Job
Yes, I'm talking about how to hack a Bank!
Jim Geovedi
October 14, 2011
Tweet
Share
More Decks by Jim Geovedi
See All by Jim Geovedi
Who's Smarter Than Machine?
geovedi
0
120
Unstructured Data is the New Gold: ML + NLP is the New Shiz!
geovedi
5
900
Machine Learning for Cybersecurity
geovedi
5
2.5k
Waluku: Answering Astronomy Questions through Social Media
geovedi
0
180
@begobet
geovedi
0
300
Satellite Telephony Security
geovedi
0
82
Hacking a Bird in the Sky: The Revenge of Angry Birds
geovedi
0
120
Cloud Security - Security Aspects of Cloud Computing
geovedi
0
76
Professional Hackers
geovedi
0
110
Other Decks in Technology
See All in Technology
AI人生苦節10年で会得したAIがやること_人間がやること.pdf
shibuiwilliam
1
250
2時間で300+テーブルをデータ基盤に連携するためのAI活用 / FukuokaDataEngineer
sansan_randd
0
110
Kiroから考える AIコーディングツールの潮流
s4yuba
3
590
ecspressoの設計思想に至る道 / sekkeinight2025
fujiwara3
12
2.3k
バクラクによるコーポレート業務の自動運転 #BetAIDay
layerx
PRO
1
620
alecthomas/kong はいいぞ
fujiwara3
6
1.3k
AI コードレビューが面倒すぎるのでテスト駆動開発で解決しようとして読んだら、根本的に俺の勘違いだった
mutsumix
0
140
金融サービスにおける高速な価値提供とAIの役割 #BetAIDay
layerx
PRO
1
540
Perlアプリケーションで トレースを実装するまでの 工夫と苦労話
masayoshi
1
330
東京海上日動におけるセキュアな開発プロセスの取り組み
miyabit
0
220
ファインディにおける Dataform ブランチ戦略
hiracky16
0
250
【Λ(らむだ)】最近のアプデ情報 / RPALT20250729
lambda
0
210
Featured
See All Featured
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.8k
Mobile First: as difficult as doing things right
swwweet
223
9.8k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
10
1k
Site-Speed That Sticks
csswizardry
10
730
It's Worth the Effort
3n
185
28k
Six Lessons from altMBA
skipperchong
28
3.9k
A Tale of Four Properties
chriscoyier
160
23k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
Bash Introduction
62gerente
613
210k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
60k
Thoughts on Productivity
jonyablonski
69
4.8k
Transcript
THE 21ST CENTURY BANK JOB @GEOVEDI
EVER THOUGHT ABOUT ROBBING A BANK?
JOHN DILLINGER KUSNI KASDUT OLD SCHOOL
HACKING A BANK IS EASY ..OR MAYBE NOT!!
MODERN BANK JOBS CASE STUDIES
CREDIT CARD FRAUD
ATM SKIMMING
SOCIAL ENGINEERING
& IT’S EASIER THEY ARE CLUELESS WHY TARGETING THE USERS?
[MOST OF THE TIME]
HOW ABOUT HACKING?
Swordfish (2001)
INSIDE THE BANK’S IT SYSTEM
CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDRING REMITTANCE
CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC BANKING MOBILE BANKING CARD MANAGEMENT
NETWORK OF TRUST EMPLOYEES MANAGEMENT GOVERNMENT VENDORS CUSTOMERS
STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT
COMMON PROBLEMS PEOPLE PROBLEMS WEAK PASSWORDS LACK OF AWARENESS LACK
OF SKILLS SYSTEM PROBLEMS OUTDATED SYSTEMS INSECURE CONFIGURATIONS INSECURE PROTOCOLS
MANAGEMENT PROBLEMS
None
MERCHANTS
ATM COMPROMISE
WTFKTHXBYE
None
WHO’S RESPONSIBLE?
BANK CUSTOMER According to Customer BANK CUSTOMER According to Bank
RESPONSIBLE RESPONSIBLE RESPONSIBLE SECURITY RESPONSIBILITY
BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL
ENCRYPTION
TWO-FACTOR AUTHENTICATIONS
TWO-FACTOR AUTHENTICATIONS
REGULATION COMPLIANCE
REGULAR SECURITY ASSESSMENT
WHAT’S NEXT?
WHAT’S NEXT?
THANKS!
CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/
• [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/
@GEOVEDI CHECKOUT: http://slideshare.net/geovedi