The Austrian Financial Market Authority (FMA), the country’s financial regulator, stated that the banks in Austrian were found to be well prepared to defend themselves from evolving cyber threats after it staged the first Cyber War Game in the country. The cybersecurity test was launched on 10 banks, their IT providers, the Austrian Computer Emergency Response Team, and the interior ministry.
The one-day Cyber War Game exercise, consisted of 170 fake attacks launched by 100 experts, is intended to test the security levels of banks, technology providers, public authorities, and other financial organizations in the country. The fake cyber-attacks included malicious software injection, Phishing attacks and attacks that targeted system software and online banking apps as well as the shutdown of ATMs and websites, according to FMA.
“The organizational designs have shown to be very diverse,” FMA co-heads Helmut Ettl and Klaus Kumpfmueller said in a media statement. “The results will now be analyzed in detail and the consequences will be implemented in supervisory and regulatory activity.”
Recently, multiple banks and other financial companies in several West African countries have suffered from different hacking attacks, which are underway since mid-2017. According to a report published by Symantec, financial institutions in Cameroon, Congo (DR), Equatorial Guinea, Ghana, and the Ivory Coast have been hit by multiple cyber-attacks in 2017 and 2018. Symantec stated the intruders who are behind these attacks were unknown.
Symantec stated that it has detected four distinct hacking campaigns targeted against financial firms in Africa. The first attack started in mid-2017 and has infected computers with a malware known as NanoCore (Trojan.Nancrat). The second type of attack began in late 2017, in which cybercriminals used malicious PowerShell scripts and credential-stealing tool Mimikatz (Hacktool.Mimikatz) to exploit their targets.
The third attack was targeted at banks in Ivory Coast using a malware called Remote Manipulator System RAT (Backdoor.Gussdoor), alongside Mimikatz and two custom Remote Desktop Protocol (RDP) tools. The fourth attack started in December 2018. The intruders used a malware known as Imminent Monitor RAT (Infostealer.Hawket) to attack banks in Ivory Coast. Symantec stated that all the four attacks were discovered through alerts generated by its Targeted Attack Analytics (TAA), which uses artificial intelligence to analyze and spot targeted attacks.