Standard Bank heist modus operandi 'not new'
There is nothing new about the modus operandi used by a brazen criminal gang that made off with R300 million from Standard Bank in Japan.
Security experts say the techniques used in the attack have been used before by both local and international criminal syndicates.
Yesterday, Standard Bank, Africa's largest bank by assets, confirmed reports that its South African banking operations were the victim of a "sophisticated, co-ordinated fraud incident".
According to the bank, the fraud involved the withdrawal of cash using a small number of fictitious cards at various ATMs in Japan. However, it said Standard Bank was the target of the fraud and there was no financial loss for customers.
Commenting on the incident, Jacques van Heerden, an IT security expert at Global Technology Security Provider, says such sophisticated fraud has happened before.
"If you look at the Post Bank attack, you can see it was a similar thing where the perpetrators targeted ATMs," says Van Heerden.
In 2012, SA's Post Bank lost R43 million to a cyber crime syndicate. Hefty jail sentences have since been handed down to the culprits.
According to Van Heerden, just like in the Post Bank heist, the Standard Bank attackers targeted ATMs with high cash withdrawal limits.
Japan police suspect a group of more than 100 people extracted the money from the ATMs, which were located in Tokyo and 16 prefectures, over a period of about three hours on 15 May. They targeted 1 400 ATMs in convenience stores and made about 14 000 transactions.
Japanese police are investigating the heist and Standard Bank says investigations are at a sensitive stage and further information will be provided as appropriate.
Van Heerden believes the cyber crime ring consists of lots of people. "The main question is 'how were the credit card details stolen?' We are still to get to the bottom of this. This could have been done through phishing or any other technique. At the moment, I cannot say whether the bank was compromised as this could also have happened through third parties."
Another explanation can be that credit cards' magnetic strips that store data could have been compromised, he adds.
He points out bank robbers have changed their methods over the past years. "In the old days, they would walk into a bank and use a gun for the robbery. These days, they make use of cyber criminals or organised crime rings."
Van Heerden fears that if the heist happened on 15 May and was only reported yesterday, the attackers could have left Japan already and be anywhere in the world.
The South African Banking Risk Information Centre (Sabric) believes the Standard Bank attack was the work of transnational organised criminals.
Lucien Pierce, a partner at Phukubje Pierce Masithela Attorneys, points out that in 2012, a group of hackers across the globe co-ordinated about 7 500 ATM withdrawals using cloned bank cards. They netted about R702 million.
Also in 2012, Pierce notes, the Payments Association of SA saw the bank card details of several hundred-thousand customers being compromised. Other recent incidents include a R1.2 billion hack at the Bangladesh Bank and the theft of the information of 80 million customers of JPMorgan.
"While the Japanese heist details are still sketchy, all banks should be taking this very seriously."
Sabric CEO Kalyani Pillay says: "All our banks take the security of their systems and information seriously and it has and continues to be high priority."
Meanwhile, social media was abuzz yesterday following the brazen heist. Poking fun at the bank, Twitter user @cynicalgrinch tweeted: "*Standard Bank calls JP police* "For mass bank fraud please press 1..."
@JCos01 tweeted: "Guptas can be glad they were blocked from banking with Standard Bank. There (sic) stolen tax money is still safe from other thieves."
@ChristoThurston: "It seems like criminals worked simpler, better and faster than Standard Bank."