Experts split over $1 bn cyber bank robbery report

Security experts were split over the severity of the alleged "unprecedented cyber robbery" and the amount of cash stolen, following a Russian computer security firm's report that hackers have stolen $1 billion from nearly 100 banks since 2013, a media report said Monday.

Russian computer security firm Kaspersky Lab estimated that $1 billion has been stolen in the attacks, which it says started in 2013 and are still active, according to a BBC report.

It added that the criminals manipulated cash machines to dispense stolen money.

The majority of banks that allegedly fell victim to the scheme are based in Russia, Kaspersky said, adding that a handful of others are spread across China, Ukraine, and Uzbekistan, and other countries.

The firm also revealed that it had worked with Interpol and Europol on the investigation.

Kaspersky's revelations build on a report released by another cyber-security company, Fox-IT, last year.

Commenting on the Kaspersky release, Fox-IT said that since it had published its findings in December, "the group has decreased their activities and might now have even stopped entirely".

Some security experts have also called into question the $1 bn figure.

"A lot of the money will be got back," said Steven Murdoch, from University College London's Information Security Research Group, adding that while there were undoubtedly "large numbers" involved, the amount had been overestimated.

But he added that the report's findings should be "useful for banks".

Cyber-security expert Prof Alan Woodward, of Surrey University, said that "nobody knows the real figure" but it was evident that the attackers had "a lot of patience and a lot of planning".

He said that the companies affected would now be working to "close the stable door, and then work out how many horses bolted".

"These attacks again underline the fact that criminals will exploit any vulnerability in any system," Sanjay Virmani, director of Interpol's digital crime centre, said.

Kaspersky said the gang's methods marked a new stage in cyber robbery where "malicious users steal money directly from banks and avoid targeting end users".

The gang, which Kaspersky dubbed "Carbanak", used computer viruses to infect company networks with malware including video surveillance, enabling it to see and record everything that happened on staff's screens.

In some cases it was then able to transfer money from the banks' accounts to their own, or even able to tell cash machines to dispense cash at a pre-determined time of day.

Kaspersky said on average each bank robbery took place between two and four months, with up to $10 million stolen each time.

"It was a very slick and professional cyber robbery," Kaspersky Lab's principal security researcher, Sergey Golovanov said.

Europol Director Rob Wainwright said the agency had "issued warnings and intelligence to national law enforcement authorities and European banks through the European Banking Federation".

"Reported infections in the EU are unconfirmed at this stage, although we are continuing to work actively on the matter," he added.