Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The 21st Century Bank Job
Search
Jim Geovedi
October 14, 2011
Technology
0
140
The 21st Century Bank Job
Yes, I'm talking about how to hack a Bank!
Jim Geovedi
October 14, 2011
Tweet
Share
More Decks by Jim Geovedi
See All by Jim Geovedi
Who's Smarter Than Machine?
geovedi
0
120
Unstructured Data is the New Gold: ML + NLP is the New Shiz!
geovedi
5
900
Machine Learning for Cybersecurity
geovedi
5
2.5k
Waluku: Answering Astronomy Questions through Social Media
geovedi
0
180
@begobet
geovedi
0
300
Satellite Telephony Security
geovedi
0
83
Hacking a Bird in the Sky: The Revenge of Angry Birds
geovedi
0
120
Cloud Security - Security Aspects of Cloud Computing
geovedi
0
76
Professional Hackers
geovedi
0
110
Other Decks in Technology
See All in Technology
「AIと一緒にやる」が当たり前になるまでの奮闘記
kakehashi
PRO
3
150
バクラクによるコーポレート業務の自動運転 #BetAIDay
layerx
PRO
1
970
LLM 機能を支える Langfuse / ClickHouse のサーバレス化
yuu26
9
2.4k
結局QUICで通信は速くなるの?
kota_yata
8
7.3k
全員が手を動かす組織へ - 生成AIが変えるTVerの開発現場 / everyone-codes-genai-transforms-tver-development
tohae
0
200
OPENLOGI Company Profile for engineer
hr01
1
38k
Jamf Connect ZTNAとMDMで実現! 金融ベンチャーにおける「デバイストラスト」実例と軌跡 / Kyash Device Trust
rela1470
1
200
専門分化が進む分業下でもユーザーが本当に欲しかったものを追求するプロダクトマネジメント/Focus on real user needs despite deep specialization and division of labor
moriyuya
1
1.4k
僕たちが「開発しやすさ」を求め 模索し続けたアーキテクチャ #アーキテクチャ勉強会_findy
bengo4com
0
2.5k
【OptimizationNight】数理最適化のラストワンマイルとしてのUIUX
brainpadpr
2
500
マルチプロダクト×マルチテナントを支えるモジュラモノリスを中心としたアソビューのアーキテクチャ
disc99
1
580
Google Cloud で学ぶデータエンジニアリング入門 2025年版 #GoogleCloudNext / 20250805
kazaneya
PRO
22
5.5k
Featured
See All Featured
Writing Fast Ruby
sferik
628
62k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.3k
Thoughts on Productivity
jonyablonski
69
4.8k
Building Flexible Design Systems
yeseniaperezcruz
328
39k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
44
2.4k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
47
9.6k
GitHub's CSS Performance
jonrohan
1031
460k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.6k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
29
9.6k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
8
450
Transcript
THE 21ST CENTURY BANK JOB @GEOVEDI
EVER THOUGHT ABOUT ROBBING A BANK?
JOHN DILLINGER KUSNI KASDUT OLD SCHOOL
HACKING A BANK IS EASY ..OR MAYBE NOT!!
MODERN BANK JOBS CASE STUDIES
CREDIT CARD FRAUD
ATM SKIMMING
SOCIAL ENGINEERING
& IT’S EASIER THEY ARE CLUELESS WHY TARGETING THE USERS?
[MOST OF THE TIME]
HOW ABOUT HACKING?
Swordfish (2001)
INSIDE THE BANK’S IT SYSTEM
CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDRING REMITTANCE
CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC BANKING MOBILE BANKING CARD MANAGEMENT
NETWORK OF TRUST EMPLOYEES MANAGEMENT GOVERNMENT VENDORS CUSTOMERS
STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT
COMMON PROBLEMS PEOPLE PROBLEMS WEAK PASSWORDS LACK OF AWARENESS LACK
OF SKILLS SYSTEM PROBLEMS OUTDATED SYSTEMS INSECURE CONFIGURATIONS INSECURE PROTOCOLS
MANAGEMENT PROBLEMS
None
MERCHANTS
ATM COMPROMISE
WTFKTHXBYE
None
WHO’S RESPONSIBLE?
BANK CUSTOMER According to Customer BANK CUSTOMER According to Bank
RESPONSIBLE RESPONSIBLE RESPONSIBLE SECURITY RESPONSIBILITY
BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL
ENCRYPTION
TWO-FACTOR AUTHENTICATIONS
TWO-FACTOR AUTHENTICATIONS
REGULATION COMPLIANCE
REGULAR SECURITY ASSESSMENT
WHAT’S NEXT?
WHAT’S NEXT?
THANKS!
CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/
• [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/
@GEOVEDI CHECKOUT: http://slideshare.net/geovedi
geovedi
kakehashi
layerx
yuu26
kota_yata
tohae
hr01
rela1470
moriyuya
bengo4com
brainpadpr
disc99
kazaneya
sferik
garrettdimon
jonyablonski
yeseniaperezcruz
sstephenson
bcantrill
mongodb
jonrohan
reverentgeek
eileencodes
wjessup
tammyeverts
![CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/](https://files.speakerdeck.com/presentations/2f7c669a47604531a083abc2153736f8/slide_33.jpg){kind=link}
