Despite enormous efforts, security is always a work in progress because of technical vulnerabilities and the human factor. In the modern digital economy, criminals are becoming ever more creative in ways to make off with millions without having to leave home. And the actions of cybercriminals could actually negatively impact acountry\’s economy. Here are some scenarios of possible attacks.
We’ve already seen this with WannaCry-like epidemics. What is important here: even though later malware NotPetya looked like ransomware, our analysis shows that monetization through ransom wasn\’t the main motivation for its creators. This malware didn\’t plan to unlock victims\’ computers even if they pay. So it\’s possible that NotPetya was used as a \”smoke screen\” to cover some other local operation… but the impact was international. In future, such malware could really devastate some country\’s economy even if it wasn\’t planned.
Multi-stage bank attack
The most infamous is the Bangladesh Bank robbery in 2016, when instructions to steal almost a billion of dollars from the central bank of Bangladesh were issued via the SWIFT network. A dangerous trend we’ve noticed recently is that hackers use multi-stage attacks though a number of organizations. It could start from a fishing letter sent to some organization that is not financial, but it works with some banks as a partner, so the bank could be attacked from the contractors\’ accounts after they are hacked.
As our investigation shows, 75% of companies targeted by the Cobalt hacking group are from the financial sector, while 25% are banks\’ partners (including government, telecom, entertainment and healthcare companies) used as a stepping stone for further attacks on financial sector.
Stock exchange attack
We also see that financial companies being targeted by Cobalt group now include not only banks but financial exchanges, investment funds, and lenders. This widening range of targets suggests that attacks on diverse companies with major financial flows are underway. By attacking a financial exchange, a criminal group like Cobalt can \”pump\” or \”dump\” stocks, incentivizing purchase or sale of shares in certain companies in a way that causes rapid fluctuations in share price. Such stock manipulations can affect the economy of entire countries.
These methods were employed by the Corkow group in their 2016 attack on Russia\’s Energobank, which caused a 15-percent change in the exchange rate of the ruble and caused bank losses of RUB 244 million (over USD 4 million).
It\’s easy to blame hackers and criminals, but the fact is: the modern digital economy can be ruined \”quite legally\” with little human intervention. In 2013, the Nature magazine published a research paper called \”Abrupt rise of new machine ecology beyond human response time\”, this paper explains how high frequency trading robots provoked the economic crisis of 2008.
Now, ten years later, bots have become cleverer and faster, while there is still no serious security rules and limitations on machine intelligence development. This could be a real danger. Human hackers usually don\’t want to shut down all the financial system, they need it running so they could still money from it. As to bots, they don\’t care about humans or their financial systems at all. And bots don\’t have to sleep.