Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The 21st Century Bank Job
Search
Jim Geovedi
October 14, 2011
Technology
0
140
The 21st Century Bank Job
Yes, I'm talking about how to hack a Bank!
Jim Geovedi
October 14, 2011
Tweet
Share
More Decks by Jim Geovedi
See All by Jim Geovedi
Who's Smarter Than Machine?
geovedi
0
120
Unstructured Data is the New Gold: ML + NLP is the New Shiz!
geovedi
5
910
Machine Learning for Cybersecurity
geovedi
5
2.5k
Waluku: Answering Astronomy Questions through Social Media
geovedi
0
180
@begobet
geovedi
0
310
Satellite Telephony Security
geovedi
0
83
Hacking a Bird in the Sky: The Revenge of Angry Birds
geovedi
0
120
Cloud Security - Security Aspects of Cloud Computing
geovedi
0
76
Professional Hackers
geovedi
0
110
Other Decks in Technology
See All in Technology
大「個人開発サービス」時代に僕たちはどう生きるか
sotarok
20
9.5k
開発者を支える Internal Developer Portal のイマとコレカラ / To-day and To-morrow of Internal Developer Portals: Supporting Developers
aoto
PRO
1
430
ChatGPTとPlantUML/Mermaidによるソフトウェア設計
gowhich501
1
120
Kiroと学ぶコンテキストエンジニアリング
oikon48
6
9.7k
AI時代に非連続な成長を実現するエンジニアリング戦略
sansantech
PRO
3
1.2k
20250910_障害注入から効率的復旧へ_カオスエンジニアリング_生成AIで考えるAWS障害対応.pdf
sh_fk2
3
190
LLMを搭載したプロダクトの品質保証の模索と学び
qa
0
1k
Grafana MCPサーバーによるAIエージェント経由でのGrafanaダッシュボード動的生成
hamadakoji
1
1.5k
Automating Web Accessibility Testing with AI Agents
maminami373
0
1.2k
BPaaSにおける人と協働する前提のAIエージェント-AWS登壇資料
kentarofujii
0
130
RSCの時代にReactとフレームワークの境界を探る
uhyo
10
3.3k
Webアプリケーションにオブザーバビリティを実装するRust入門ガイド
nwiizo
3
640
Featured
See All Featured
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
285
13k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
Agile that works and the tools we love
rasmusluckow
330
21k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
31
2.2k
Bash Introduction
62gerente
615
210k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
111
20k
Automating Front-end Workflow
addyosmani
1370
200k
Being A Developer After 40
akosma
90
590k
Reflections from 52 weeks, 52 projects
jeffersonlam
352
21k
4 Signs Your Business is Dying
shpigford
184
22k
How to Ace a Technical Interview
jacobian
279
23k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
8
520
Transcript
THE 21ST CENTURY BANK JOB @GEOVEDI
EVER THOUGHT ABOUT ROBBING A BANK?
JOHN DILLINGER KUSNI KASDUT OLD SCHOOL
HACKING A BANK IS EASY ..OR MAYBE NOT!!
MODERN BANK JOBS CASE STUDIES
CREDIT CARD FRAUD
ATM SKIMMING
SOCIAL ENGINEERING
& IT’S EASIER THEY ARE CLUELESS WHY TARGETING THE USERS?
[MOST OF THE TIME]
HOW ABOUT HACKING?
Swordfish (2001)
INSIDE THE BANK’S IT SYSTEM
CORE TRADE FINANCE TREASURY DATA WAREHOUSING ANTI MONEY LAUNDRING REMITTANCE
CRM COLLECTION SYSTEM ATM SWITCH INTERNET BANKING ISLAMIC BANKING MOBILE BANKING CARD MANAGEMENT
NETWORK OF TRUST EMPLOYEES MANAGEMENT GOVERNMENT VENDORS CUSTOMERS
STORYTELLING SESSION HOW WE COMPROMISED BANKS ON SOME PENTEST ENGAGEMENT
COMMON PROBLEMS PEOPLE PROBLEMS WEAK PASSWORDS LACK OF AWARENESS LACK
OF SKILLS SYSTEM PROBLEMS OUTDATED SYSTEMS INSECURE CONFIGURATIONS INSECURE PROTOCOLS
MANAGEMENT PROBLEMS
None
MERCHANTS
ATM COMPROMISE
WTFKTHXBYE
None
WHO’S RESPONSIBLE?
BANK CUSTOMER According to Customer BANK CUSTOMER According to Bank
RESPONSIBLE RESPONSIBLE RESPONSIBLE SECURITY RESPONSIBILITY
BANKS’ EFFORTS TO INCREASE THE SECURITY LEVEL
ENCRYPTION
TWO-FACTOR AUTHENTICATIONS
TWO-FACTOR AUTHENTICATIONS
REGULATION COMPLIANCE
REGULAR SECURITY ASSESSMENT
WHAT’S NEXT?
WHAT’S NEXT?
THANKS!
CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/
• [Page 04] http://www.flickr.com/photos/deepblue66/132439533/ • [Page 05] http://www.flickr.com/photos/marcelnicolai/4600107436/ • [Page 09] http://www.flickr.com/photos/paulwatson/411792788/ • [Page 10] http://www.flickr.com/photos/jliba/3696592874/ • [Page 11] Swordfish Hack — http://www.youtube.com/watch?v=zfy5dFhw3ik • [Page 12] http://www.flickr.com/photos/skreuzer/354316778/ • [Page 13] http://www.flickr.com/photos/tim_d/184018928/ • [Page 14] http://www.flickr.com/photos/eskimoblood/2111672366/ • [Page 15] http://www.flickr.com/photos/beneathourfeet/2502755729/ • [Page 16] http://www.flickr.com/photos/formalfallacy/2057169454/ • [Page 16] http://www.flickr.com/photos/dolor_ipsum/3262262008/ • [Page 17] http://www.flickr.com/photos/24443965@N08/3460357646/ • [Page 23] http://www.flickr.com/photos/kk/4191131924/ • [Page 25] http://www.flickr.com/photos/ari/2347593532/ • [Page 27] http://www.infosurhoy.com/cocoon/saii/images/2010/03/01/photo4.jpg • [Page 28] http://en.wikipedia.org/wiki/File:CryptoCard_two_factor.jpg • [Page 29] http://blogs.ft.com/gapperblog/files/2008/03/bank-regulation.jpg • [Page 30] http://www.flickr.com/photos/dfarrell07/5013882149/ • [Page 31] http://www.flickr.com/photos/joshmt/2526552173/
@GEOVEDI CHECKOUT: http://slideshare.net/geovedi
geovedi
sotarok
aoto
gowhich501
oikon48
sansantech
sh_fk2
qa
hamadakoji
maminami373
kentarofujii
uhyo
nwiizo
stephaniewalter
iamctodd
rasmusluckow
marcduiker
62gerente
panda_program
addyosmani
akosma
jeffersonlam
shpigford
jacobian
tammyeverts
![CREDITS: Photos: • [Page 01] http://www.flickr.com/photos/reddogfever/4580710899/ • [Page 02] http://www.flickr.com/photos/lanuiop/226760877/](https://files.speakerdeck.com/presentations/2f7c669a47604531a083abc2153736f8/slide_33.jpg){kind=link}
