Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The 21st Century Bank Job

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Jim Geovedi Jim Geovedi
October 14, 2011
Technology
0
140

The 21st Century Bank Job

Yes, I'm talking about how to hack a Bank!

Avatar for Jim Geovedi

Jim Geovedi

October 14, 2011
Tweet

More Decks by Jim Geovedi

See All by Jim Geovedi
Who's Smarter Than Machine?
Avatar for Jim Geovedi geovedi
0
130
Unstructured Data is the New Gold: ML + NLP is the New Shiz!
Avatar for Jim Geovedi geovedi
5
920
Machine Learning for Cybersecurity
Avatar for Jim Geovedi geovedi
5
2.5k
Waluku: Answering Astronomy Questions through Social Media
Avatar for Jim Geovedi geovedi
0
190
@begobet
Avatar for Jim Geovedi geovedi
0
320
Satellite Telephony Security
Avatar for Jim Geovedi geovedi
0
90
Hacking a Bird in the Sky: The Revenge of Angry Birds
Avatar for Jim Geovedi geovedi
0
140
Cloud Security - Security Aspects of Cloud Computing
Avatar for Jim Geovedi geovedi
0
85
Professional Hackers
Avatar for Jim Geovedi geovedi
0
120

Other Decks in Technology

See All in Technology
30分でわかるアーキテクチャモダナイゼーション
Avatar for nwiizo nwiizo
8
3.6k
技術書を出版するまでの1161時間50分38秒
Avatar for Kakeami kakeami
0
160
primeNumber DATA MANAGEMENT CAMP #2:
Avatar for 阿部 昌利 masatoshi0205
1
500
生成AI素人でも玄人でもない私がセイセイAIチョットワカルために勉強したこと
Avatar for wkm2 wkm2
2
320
Agent Skills 入門
Avatar for puku0x puku0x
0
930
「静的解析」だけで終わらせない。 SonarQube の最新機能 × AIで エンジニアの開発生産性を本気で上げる方法
Avatar for Wenhan Shi xibuka
2
280
NW構成図の自動描画は何が難しいのか?/netdevnight3
Avatar for m.hagiwara corestate55
2
430
技術キャッチアップ効率化を実現する記事推薦システムの構築
Avatar for Yudai Hayashi yudai00
2
140
作るべきものと向き合う - ecspresso 8年間の開発史から学ぶ技術選定 / 技術選定con findy 2026
Avatar for FUJIWARA Shunichiro fujiwara3
4
700
Getting started with Google Antigravity
Avatar for Mete Atamel meteatamel
0
360
ソフトウェアアーキテクトのための意思決定術: Create Decision Readiness—The Real Skill Behind Architectural Decision
Avatar for Koji SHIMADA snoozer05
PRO
7
1.6k
LINEヤフーにおけるAI駆動開発組織のプロデュース施策
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
0
150

Featured

See All Featured
Heart Work Chapter 1 - Part 1
Avatar for Lake Fama lfama
PRO
5
35k
How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL
Avatar for Aleyda Solis aleyda
1
1.9k
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
659
61k
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
183
10k
Raft: Consensus for Rubyists
Avatar for Patrick Van Stee vanstee
141
7.3k
JAMstack: Web Apps at Ludicrous Speed - All Things Open 2022
Avatar for David Neal reverentgeek
1
370
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
31
3.1k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
Avatar for Takuto Wada twada
PRO
117
110k
Paper Plane
Avatar for Katie Cordina Lindsey katiecoart
PRO
0
47k
Automating Front-end Workflow
Avatar for Addy Osmani addyosmani
1371
200k
A Soul's Torment
Avatar for Nat Ma seathinner
5
2.3k
Discover your Explorer Soul
Avatar for Emna emna__ayadi
2
1.1k

Transcript

  1. THE 21ST CENTURY BANK JOB @GEOVEDI

  2. EVER THOUGHT ABOUT ROBBING A BANK?

  3. JOHN DILLINGER KUSNI KASDUT OLD SCHOOL

  4. HACKING A BANK IS EASY ..OR MAYBE NOT!!

  5. MODERN BANK JOBS CASE STUDIES

  6. CREDIT CARD FRAUD

  7. ATM SKIMMING

  8. SOCIAL ENGINEERING

  9. & IT’S EASIER THEY ARE CLUELESS WHY TARGETING THE USERS?

    [MOST OF THE TIME]

  10. HOW ABOUT HACKING?

  11. Swordfish (2001)

  12. INSIDE THE BANK’S IT SYSTEM

  13. CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDRING REMITTANCE

    CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC BANKING MOBILE BANKING CARD MANAGEMENT

  14. NETWORK OF TRUST EMPLOYEES MANAGEMENT GOVERNMENT VENDORS CUSTOMERS

  15. STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT

  16. COMMON PROBLEMS PEOPLE PROBLEMS WEAK PASSWORDS LACK OF AWARENESS LACK

    OF SKILLS SYSTEM PROBLEMS OUTDATED SYSTEMS INSECURE CONFIGURATIONS INSECURE PROTOCOLS

  17. MANAGEMENT PROBLEMS

  18. None

  19. MERCHANTS

  20. ATM COMPROMISE

  21. WTFKTHXBYE

  22. None

  23. WHO’S RESPONSIBLE?

  24. BANK CUSTOMER According to Customer BANK CUSTOMER According to Bank

    RESPONSIBLE RESPONSIBLE RESPONSIBLE SECURITY RESPONSIBILITY

  25. BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL

  26. ENCRYPTION

  27. TWO-FACTOR AUTHENTICATIONS

  28. TWO-FACTOR AUTHENTICATIONS

  29. REGULATION COMPLIANCE

  30. REGULAR SECURITY ASSESSMENT

  31. WHAT’S NEXT?

  32. WHAT’S NEXT?

  33. THANKS!

  34. CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/

    • [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/

  35. @GEOVEDI CHECKOUT: http://slideshare.net/geovedi