Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The 21st Century Bank Job
Search
Jim Geovedi
October 14, 2011
Technology
160
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
The 21st Century Bank Job
Yes, I'm talking about how to hack a Bank!
Jim Geovedi
October 14, 2011
More Decks by Jim Geovedi
See All by Jim Geovedi
Who's Smarter Than Machine?
geovedi
0
140
Unstructured Data is the New Gold: ML + NLP is the New Shiz!
geovedi
5
930
Machine Learning for Cybersecurity
geovedi
5
2.6k
Waluku: Answering Astronomy Questions through Social Media
geovedi
0
200
@begobet
geovedi
0
340
Satellite Telephony Security
geovedi
0
98
Hacking a Bird in the Sky: The Revenge of Angry Birds
geovedi
0
150
Cloud Security - Security Aspects of Cloud Computing
geovedi
0
94
Professional Hackers
geovedi
0
130
Other Decks in Technology
See All in Technology
Claude Code公式skillで 自分の仕事を少しずつ手放そう!(Claude Code開発ノウハウ大公開スペシャル by クラスメソッド)
kaym
1
320
Making sense of Google’s agentic dev tools
glaforge
1
200
Genie Ontologyは銀の弾丸かを考える / Is Genie Ontology a Silver Bullet?
nttcom
0
250
しくみを学んで使いこなそう GitHub Copilot app
torumakabe
2
240
SRE本の知られざる名シーン / The Hidden Gems of Google SRE Book
nari_ex
1
380
KiCAD講習会②
tutcreators
0
110
プロダクトだけじゃない、社内プロセスにおける自動化・省力化ノススメ
kakehashi
PRO
1
3.7k
ruby.wasmとPicoRuby.wasmに対応した仮想DOMライブラリを作ってる話 #kaigieffect_kaigi
sue445
PRO
0
150
DatabricksにおけるMCPソリューション
taka_aki
1
240
ZOZOTOWNの進化と信頼性を両立する負荷試験
zozotech
PRO
2
160
事業価値を⽣み出すSREへ SREが担うべき意思決定の5層
kenta_hi
2
3.6k
LLMやAIエージェントをソフトウェアに組み込むプラクティス
shibuiwilliam
1
360
Featured
See All Featured
Exploring the relationship between traditional SERPs and Gen AI search
raygrieselhuber
PRO
2
4.1k
How Fast Is Fast Enough? [PerfNow 2025]
tammyeverts
3
650
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.4k
Ten Tips & Tricks for a 🌱 transition
stuffmc
0
150
Getting science done with accelerated Python computing platforms
jacobtomlinson
2
260
How GitHub (no longer) Works
holman
316
150k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
katarinadahlin
PRO
1
3.7k
Organizational Design Perspectives: An Ontology of Organizational Design Elements
kimpetersen
PRO
1
760
How to make the Groovebox
asonas
2
2.3k
Balancing Empowerment & Direction
lara
6
1.2k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
340
WENDY [Excerpt]
tessaabrams
11
38k
Transcript
THE 21ST CENTURY BANK JOB @GEOVEDI
EVER THOUGHT ABOUT ROBBING A BANK?
JOHN DILLINGER KUSNI KASDUT OLD SCHOOL
HACKING A BANK IS EASY ..OR MAYBE NOT!!
MODERN BANK JOBS CASE STUDIES
CREDIT CARD FRAUD
ATM SKIMMING
SOCIAL ENGINEERING
& IT’S EASIER THEY ARE CLUELESS WHY TARGETING THE USERS?
[MOST OF THE TIME]
HOW ABOUT HACKING?
Swordfish (2001)
INSIDE THE BANK’S IT SYSTEM
CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDRING REMITTANCE
CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC BANKING MOBILE BANKING CARD MANAGEMENT
NETWORK OF TRUST EMPLOYEES MANAGEMENT GOVERNMENT VENDORS CUSTOMERS
STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT
COMMON PROBLEMS PEOPLE PROBLEMS WEAK PASSWORDS LACK OF AWARENESS LACK
OF SKILLS SYSTEM PROBLEMS OUTDATED SYSTEMS INSECURE CONFIGURATIONS INSECURE PROTOCOLS
MANAGEMENT PROBLEMS
None
MERCHANTS
ATM COMPROMISE
WTFKTHXBYE
None
WHO’S RESPONSIBLE?
BANK CUSTOMER According to Customer BANK CUSTOMER According to Bank
RESPONSIBLE RESPONSIBLE RESPONSIBLE SECURITY RESPONSIBILITY
BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL
ENCRYPTION
TWO-FACTOR AUTHENTICATIONS
TWO-FACTOR AUTHENTICATIONS
REGULATION COMPLIANCE
REGULAR SECURITY ASSESSMENT
WHAT’S NEXT?
WHAT’S NEXT?
THANKS!
CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/
• [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/
@GEOVEDI CHECKOUT: http://slideshare.net/geovedi