Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The 21st Century Bank Job

Avatar for Jim Geovedi Jim Geovedi
October 14, 2011
Technology
0
140

The 21st Century Bank Job

Yes, I'm talking about how to hack a Bank!

Avatar for Jim Geovedi

Jim Geovedi

October 14, 2011
Tweet

More Decks by Jim Geovedi

See All by Jim Geovedi
Who's Smarter Than Machine?
Avatar for Jim Geovedi geovedi
0
120
Unstructured Data is the New Gold: ML + NLP is the New Shiz!
Avatar for Jim Geovedi geovedi
5
910
Machine Learning for Cybersecurity
Avatar for Jim Geovedi geovedi
5
2.5k
Waluku: Answering Astronomy Questions through Social Media
Avatar for Jim Geovedi geovedi
0
180
@begobet
Avatar for Jim Geovedi geovedi
0
310
Satellite Telephony Security
Avatar for Jim Geovedi geovedi
0
84
Hacking a Bird in the Sky: The Revenge of Angry Birds
Avatar for Jim Geovedi geovedi
0
120
Cloud Security - Security Aspects of Cloud Computing
Avatar for Jim Geovedi geovedi
0
81
Professional Hackers
Avatar for Jim Geovedi geovedi
0
120

Other Decks in Technology

See All in Technology
KAGのLT会 #8 - 東京リージョンでGAしたAmazon Q in QuickSightを使って、報告用の資料を作ってみた
Avatar for arap / 0air 0air
0
190
それでも私はContextに値を詰めたい | Go Conference 2025 / go conference 2025 fill context
Avatar for Yoichiro Shimizu budougumi0617
4
1.1k
Oracle Base Database Service 技術詳細
Avatar for oracle4engineer oracle4engineer
PRO
11
77k
インサイト情報からどこまで自動化できるか試してみた
Avatar for takas takas0522
0
130
pprof vs runtime/trace (FlightRecorder)
Avatar for task4233 task4233
0
150
多野優介
Avatar for 多野優介 tanoyusuke
1
180
データエンジニアがこの先生きのこるには...?
Avatar for 10xinc 10xinc
0
430
C# 14 / .NET 10 の新機能 (RC 1 時点)
Avatar for neno nenonaninu
1
1.4k
GA technologiesでのAI-Readyの取り組み@DataOps Night
Avatar for yuto16 yuto16
0
260
[2025-09-30] Databricks Genie を利用した分析基盤とデータモデリングの IVRy の現在地
Avatar for 和田 悠佑 wxyzzz
0
440
AI ReadyなData PlatformとしてのAutonomous Databaseアップデート
Avatar for oracle4engineer oracle4engineer
PRO
0
140
AIが書いたコードをAIが検証する!自律的なモバイルアプリ開発の実現
Avatar for henteko henteko
1
310

Featured

See All Featured
GraphQLの誤解/rethinking-graphql
Avatar for sonatard sonatard
72
11k
Build The Right Thing And Hit Your Dates
Avatar for Maggie C. maggiecrowley
37
2.9k
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
33
8.8k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
368
20k
XXLCSS - How to scale CSS and keep your sanity
Avatar for Zaharenia Atzitzikaki sugarenia
248
1.3M
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
358
30k
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
11
870
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.1k
Sharpening the Axe: The Primacy of Toolmaking
Avatar for Bryan Cantrill bcantrill
45
2.5k
Docker and Python
Avatar for Tania Allard trallard
46
3.6k
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
48
51k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
132
19k

Transcript

  1. THE 21ST CENTURY BANK JOB @GEOVEDI

  2. EVER THOUGHT ABOUT ROBBING A BANK?

  3. JOHN DILLINGER KUSNI KASDUT OLD SCHOOL

  4. HACKING A BANK IS EASY ..OR MAYBE NOT!!

  5. MODERN BANK JOBS CASE STUDIES

  6. CREDIT CARD FRAUD

  7. ATM SKIMMING

  8. SOCIAL ENGINEERING

  9. & IT’S EASIER THEY ARE CLUELESS WHY TARGETING THE USERS?

    [MOST OF THE TIME]

  10. HOW ABOUT HACKING?

  11. Swordfish (2001)

  12. INSIDE THE BANK’S IT SYSTEM

  13. CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDRING REMITTANCE

    CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC BANKING MOBILE BANKING CARD MANAGEMENT

  14. NETWORK OF TRUST EMPLOYEES MANAGEMENT GOVERNMENT VENDORS CUSTOMERS

  15. STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT

  16. COMMON PROBLEMS PEOPLE PROBLEMS WEAK PASSWORDS LACK OF AWARENESS LACK

    OF SKILLS SYSTEM PROBLEMS OUTDATED SYSTEMS INSECURE CONFIGURATIONS INSECURE PROTOCOLS

  17. MANAGEMENT PROBLEMS

  18. None

  19. MERCHANTS

  20. ATM COMPROMISE

  21. WTFKTHXBYE

  22. None

  23. WHO’S RESPONSIBLE?

  24. BANK CUSTOMER According to Customer BANK CUSTOMER According to Bank

    RESPONSIBLE RESPONSIBLE RESPONSIBLE SECURITY RESPONSIBILITY

  25. BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL

  26. ENCRYPTION

  27. TWO-FACTOR AUTHENTICATIONS

  28. TWO-FACTOR AUTHENTICATIONS

  29. REGULATION COMPLIANCE

  30. REGULAR SECURITY ASSESSMENT

  31. WHAT’S NEXT?

  32. WHAT’S NEXT?

  33. THANKS!

  34. CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/

    • [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/

  35. @GEOVEDI CHECKOUT: http://slideshare.net/geovedi