Security researchers from Kaspersky discovered thousands of attack notifications on popular banks in the sub-Saharan Africa (SSA) region. Researchers opined that Russian speaking hacking group Silence is likely behind these attacks. It’s said that the hacker group appears to have deployed a malicious code on the bank’s network to run malicious commands on hosts and allegedly used the access to orchestrate fund withdrawals from the bank’s ATMs.
The researchers discovered the attacks in early January 2020 and revealed that the Silence hacking group is one of the most active Advanced Persistent Threat (APT) actors, which previously attacked banks in Bangladesh, India, Sri Lanka, Kyrgyzstan, Russia, former Soviet states, and Eastern Europe.
Sergey Golovanov, a security researcher at Kaspersky said, “We urge all banks to stay vigilant, as apart from the large sums Silence group also steal sensitive information while monitoring the Banks activity as they video record screen activity. This is a serious privacy abuse that might cost more than money can buy.”
Kaspersky also advised financial organizations to follow the necessary security measures, which include:
- Introduce basic security awareness training for all employees so that they can better distinguish phishing attempts.
- Monitor activity in enterprise information systems information security operations center.
- Use security solutions with dedicated functionality aimed at detecting and blocking phishing attempts.
- Provide security teams with access to up to date threat intelligence data, to keep pace with the latest tactics and tools used by cybercriminals.
- Prepare an incident response plan to be ready for potential incidents in the network environment.