How data and money is stolen in banks undetected

Image result for hackers bank

The Directorate of Criminal Investigations (DCI) on Wednesday published names and images of 130 suspects wanted in connection with electronic fraud by allegedly hacking bank systems.

Kenya lost approximately Sh21.2 billion to cybersecurity in 2017, second only to Nigeria which lost Sh65.5 billion.

This is according to a Cyber Security report by Serianu which also reveals that Africa lost Sh350 billion to cybersecurity with financial institutions most affected.

The report shows that over Sh18 billion was withdrawn from victim accounts with banks compensating nearly the same amount.

Overall, banks and financial institutions in 10 of the African countries surveyed lost $248 million in 2017 with governments losing $204 million.Image result for hacker gif

Kenya Revenue Authority, several blue-chip banks, government parastatals and supermarket chain are some of the institutions penetrated by international cybercrime syndicates that take off with hundreds of millions of shillings.

Former police officer who worked with Kenya’s Crime Prevention Unit – cybercrime unit,  Kenya Revenue Authority (KRA) official are some of the high profile official who have been arrested in the past with links to cybercrimes.

Detectives in Nairobi have blamed the trend on technological advancement, which has made Kenya a soft target by cyber criminals.

Image result for hackers bank

The government institutions targeted include Kenya Revenue Authority (KRA), National Transport and Safety Authority (NTSA), Saccos and the Independent Electoral and Boundaries Commission (IEBC).

The criminals hack the systems of the institutions to steal data and money undetected.

Some suspects have  links in US, Moldova, Belgium and France. Investigations show they conspire with employees of the targeted institutions who provide them with access to the networks remotely using Remote Access Tools (RATS) and manipulate records in the computer system.

They use other tools such as key loggers, Remote Access Tools (RATs) such as GoToMyPc, Blackshades, Progdata and malware which they install into a PC on the institution’s network.Image result for malwarebytes

KRA officials have in the past demonstrated to the press, how one of their former employees planted a hacking software in one of their crucial system which was sending highly classified and crucial data to his computer system.

The former employee, the taxman said, had formed an international ring that installed malware into the system that allowed them take data from the institution’s system hence steal money. This prompted an operation that saw the suspects being nabbed from their residences in Kilimani area.

 

Leave a Reply

Your email address will not be published. Required fields are marked *