Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The 21st Century Bank Job

Avatar for Jim Geovedi Jim Geovedi
October 14, 2011
Technology
0
140

The 21st Century Bank Job

Yes, I'm talking about how to hack a Bank!

Avatar for Jim Geovedi

Jim Geovedi

October 14, 2011
Tweet

More Decks by Jim Geovedi

See All by Jim Geovedi
Who's Smarter Than Machine?
Avatar for Jim Geovedi geovedi
0
120
Unstructured Data is the New Gold: ML + NLP is the New Shiz!
Avatar for Jim Geovedi geovedi
5
910
Machine Learning for Cybersecurity
Avatar for Jim Geovedi geovedi
5
2.5k
Waluku: Answering Astronomy Questions through Social Media
Avatar for Jim Geovedi geovedi
0
180
@begobet
Avatar for Jim Geovedi geovedi
0
310
Satellite Telephony Security
Avatar for Jim Geovedi geovedi
0
84
Hacking a Bird in the Sky: The Revenge of Angry Birds
Avatar for Jim Geovedi geovedi
0
130
Cloud Security - Security Aspects of Cloud Computing
Avatar for Jim Geovedi geovedi
0
81
Professional Hackers
Avatar for Jim Geovedi geovedi
0
120

Other Decks in Technology

See All in Technology
20251027_マルチエージェントとは
Avatar for Almondoイベント担当 almondo_event
1
460
OSSで50の競合と戦うためにやったこと
Avatar for yamadashy / やまだし yamadashy
3
1k
NLPコロキウム20251022_超効率化への挑戦: LLM 1bit量子化のロードマップ
Avatar for Yuma Ichikawa yumaichikawa
3
550
20251024_TROCCO/COMETAアップデート紹介といくつかデモもやります!_#p_UG 東京:データ活用が進む組織の作り方
Avatar for D soysoysoyb
0
120
AIの個性を理解し、指揮する
Avatar for shoota shoota
1
230
Okta Identity Governanceで実現する最小権限の原則 / Implementing the Principle of Least Privilege with Okta Identity Governance
Avatar for Tatsumi Nishikawa tatsumin39
0
180
オブザーバビリティが育むシステム理解と好奇心
Avatar for maru maruloop
3
1.4k
AI連携の新常識! 話題のMCPをはじめて学ぶ!
Avatar for MakoAkiba makoakiba
0
140
webpack依存からの脱却!快適フロントエンド開発をViteで実現する #vuefes
Avatar for 弁護士ドットコム bengo4com
4
3.6k
知覚とデザイン
Avatar for Rinchoku rinchoku
1
610
AI駆動で進める依存ライブラリ更新 ─ Vue プロジェクトの品質向上と開発スピード改善の実践録
Avatar for sayn0 sayn0
1
330
What's new in OpenShift 4.20
Avatar for Red Hat Livestreaming redhatlivestreaming
0
320

Featured

See All Featured
[RailsConf 2023] Rails as a piece of cake
Avatar for Vladimir Dementyev palkan
57
5.9k
Mobile First: as difficult as doing things right
Avatar for Swwweet swwweet
225
10k
Done Done
Avatar for chrislema chrislema
185
16k
Embracing the Ebb and Flow
Avatar for Simon Collison colly
88
4.9k
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
110k
Context Engineering - Making Every Token Count
Avatar for Addy Osmani addyosmani
8
310
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
Avatar for Addy Osmani addyosmani
9
930
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.2k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
Avatar for Stéphanie Walter stephaniewalter
285
14k
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
49
3.1k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
407
66k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
173
15k

Transcript

  1. THE 21ST CENTURY BANK JOB @GEOVEDI

  2. EVER THOUGHT ABOUT ROBBING A BANK?

  3. JOHN DILLINGER KUSNI KASDUT OLD SCHOOL

  4. HACKING A BANK IS EASY ..OR MAYBE NOT!!

  5. MODERN BANK JOBS CASE STUDIES

  6. CREDIT CARD FRAUD

  7. ATM SKIMMING

  8. SOCIAL ENGINEERING

  9. & IT’S EASIER THEY ARE CLUELESS WHY TARGETING THE USERS?

    [MOST OF THE TIME]

  10. HOW ABOUT HACKING?

  11. Swordfish (2001)

  12. INSIDE THE BANK’S IT SYSTEM

  13. CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDRING REMITTANCE

    CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC BANKING MOBILE BANKING CARD MANAGEMENT

  14. NETWORK OF TRUST EMPLOYEES MANAGEMENT GOVERNMENT VENDORS CUSTOMERS

  15. STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT

  16. COMMON PROBLEMS PEOPLE PROBLEMS WEAK PASSWORDS LACK OF AWARENESS LACK

    OF SKILLS SYSTEM PROBLEMS OUTDATED SYSTEMS INSECURE CONFIGURATIONS INSECURE PROTOCOLS

  17. MANAGEMENT PROBLEMS

  18. None

  19. MERCHANTS

  20. ATM COMPROMISE

  21. WTFKTHXBYE

  22. None

  23. WHO’S RESPONSIBLE?

  24. BANK CUSTOMER According to Customer BANK CUSTOMER According to Bank

    RESPONSIBLE RESPONSIBLE RESPONSIBLE SECURITY RESPONSIBILITY

  25. BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL

  26. ENCRYPTION

  27. TWO-FACTOR AUTHENTICATIONS

  28. TWO-FACTOR AUTHENTICATIONS

  29. REGULATION COMPLIANCE

  30. REGULAR SECURITY ASSESSMENT

  31. WHAT’S NEXT?

  32. WHAT’S NEXT?

  33. THANKS!

  34. CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/

    • [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/

  35. @GEOVEDI CHECKOUT: http://slideshare.net/geovedi