Deceptions Everywhere ®

The Illusive Networks Blog

Breaking the Sound of Silence as Cyber Attackers Carry Out New Wave of Attacks on Banks

Posted by Matan Kubovsky on Nov 15, 2017 7:42:47 AM

“Hello darkness, my old friend”—Simon & Garfunkel couldn’t have said it better when it comes to describing ideal conditions for APTs. New targeted attacks against banks in Russia, Armenia, and Malaysia have been detected and attributed to the Silence group. Silence represents an ongoing cybercrime shift from targeting end users (bank account fraud) to carrying out advanced direct attacks against the banks themselves. According to Web India, Silence joins the ranks of the most devastating and complex cyber-robbery operations like Metel, GCMAN, and Carbanak, which succeeded in stealing millions of dollars from financial organizations.

Read More


The Need for Speed: Rapid Detection of Wire Fraud is Priceless

Posted by Matan Kubovsky on Nov 8, 2017 9:31:30 AM

Attacks on banks’ SWIFT wire transfer systems in 2016 made headlines, with the Bank of Bangladesh’s $81 million heist leading the losses. There might be another wave of fraud attacks underway, with news of NIC Asia Bank, one of Nepal’s largest private-sector commercial banks, experiencing an attack between October 17 and October 21. Attackers extracted $4.4 million in fraudulent money transfers from NIC Asia Bank to accounts in six other countries through a compromise of NIC systems. Earlier in October, attackers also stole $60 million from Far Eastern International Bank in Taiwan via fraudulent SWIFT money-moving messages. According to several reports from the past year, these attacks may be attributable to the Lazarus Group which has been very active in The Far East and Africa over the past decade. The group utilizes sophisticated TTPs, tailor-made to compromise SWIFT systems.

Read More


Why financial services companies want a deception solution for mainframes

Posted by Matan Kubovsky on Oct 18, 2017 5:51:45 AM

As Illusive’s R&D leader, it’s part of my job to be out front understanding the needs of our customers and the broader market. We’re always polling the market to understand what additional pain points deception technology can address. Conversations with our financial services customers this past year turned over a need we hadn’t expected: Can you protect my mainframes?

Read More


Putting Everyone to Sleep by Measuring APT Risk

Posted by Beth Ruck on Oct 3, 2017 2:19:08 PM

The risk of an Advanced Persistent Threat (APT)—the possibility of an advanced cyber attacker moving under cover in an enterprise network—keeps CISOs awake at night. But it's making more C-level executives and their board members restless, too, because of the potentially massive damage advanced attacks can cause to business reputations, critical systems, data manipulated or stolen and operations compromised. Boards and senior execs are demanding better accountability and assurances that their organizations are adequately protected.

Read More


Financial Companies Improve Security at Scale through Deceptions at Scale

Posted by Brian Harmon on Sep 19, 2017 8:49:37 AM

For multinational banks and other financial services companies, one of the biggest barriers to better security is pure scale. In large environments, where endpoints number in the tens or hundreds of thousands, how can you keep attackers out 7x24x365?  

Read More


Deception Technology in Financial Services: Tips for Detecting Insider Threats

Posted by Brian Harmon on Sep 7, 2017 10:26:35 AM

Deception can play a powerful, multifaceted role in helping financial services organizations protect their crown jewels. Our recent post, By Detecting Lateral Movements, Banks Can Get Ahead of Fraud and APTs (Aug. 21, 2017) described how deception is used to combat fraud. In this post, we’ll look at how deception can play a strategic role in defeating insider threats.

Read More


Stay up to date!