Microsoft: Hackers steel large sums of financial institutions

According to Microsoft, hackers, sponsored by governments, were able to raise large sums of money last year by successfully breaking into major financial institutions.

Microsoft knows that hackers have broken into several financial institutions, stealing money. The technology giant is aware of this because his experts were used in the cleaning operation after the hacks. Microsoft does not reveal which banks or institutions were affected, but does let it know that the hackers in question were sponsored by official government agencies. There is also no clarity about the nationality of these authorities.

Targeted attack

Redmond will let you know how the hackers roughly worked. Through a very targeted attack, usually a combination of social engineering and spearphishing, they placed a very advanced backdoor on a system. That enabled them to transfer money to foreign accounts.

The hackers worked behind the scenes, so in one case it took even more than 100 days before their presence was detected. When the hack did come to light, the hackers pulled out all the stops and paralyzed the affected system with new malware.

100 million dollars

A few months ago, security company FireEye opened a booklet about a similar series of incidents. Microsoft does not want to confirm to Bloomberg that the hacks are the same. FireEye accused North Korean sponsored groups at the time, and spoke of hacks with a total loot of more than 100 million dollars. One Chilean bank would have lost $10 million in one go.

In any case, the revelations show that no target is too complex for hackers with the necessary funding. Advanced attack campaigns sponsored by governments can cause a lot of scaffolding. It will probably never be possible to prevent these hacks from happening altogether, but as an organisation you can build in a certain level of resilience so that the impact of such hacks remains limited.

Related: War in Cyberland: Why absolute security is an illusion?