Pub. 13 2016 Issue 1

O V E R A C E N T U R Y : B U I L D I N G B E T T E R B A N K S - H E L P I N G N E W M E X I C O R E A L I Z E D R E A M S 18 As banks continue to refine their methods in securing systems, hackers are fine-tuning their skills as well, finding more ingenious ways to crack into systems and ATMs: Attack through third-party vendors. In the most recent case of the JP Morgan attack, hack- ers used sophisticated methods to obtain customer data through infiltrating both the bank’s systems through a cor- porate event website they sponsor, the JP Morgan Corpo- rate Challenge. According to reports, the Russian hacking gang obtained the website certificate for the site’s third-par- ty vendor which allowed them to access communications between visitors and the site, including passwords and email addresses. Direct infiltration of ATMs. Another creative and emerging form of attack is on ATMs where criminals gain physical access to the machine, typi- cally by posing as repair techs–complete with uniforms and fake credentials–and install malware by plugging a USB di- rectly into the machine. The thief is able to walk up to a ma- chine, open the enclosure with a universal key or passcode (similar to hacking fuel pumps at gas stations to skim credit card information) and install malware that compromises The Importance of Having a Breach Response Plan in Place T he possibility of a bank’s systems being hacked are increasing, regardless of the size of the bank. In addition to the well-publicized breaches of mega and regional f inancial inst itut ions, we are witnessing more reports of attacks on smaller community banks. Your bank should have a workable breach response plan in place on which your staff can quickly rely and follow immediately upon the discovery of a breach. BY ABA INSURANCE SERVICES