This month, the $1 billion bank heist affecting up to 100 financial institutions has highlighted a growing gulf of miscommunication between chief executives of large organizations and their IT departments.
Kaspersky Lab reports that, working with international law enforcement agencies Interpol and Europol, it discovered that the gang, dubbed Carbanak, used malware enabling it to see and record everything that happened on staff’s screens. These and other recent high profile cyber-attacks, such as that which recently saw 76 million customer accounts hacked at financial institution JPMorgan Chase, are forcing organizations such as banks to examine why cyber criminals see them as easy pickings. Some are rapidly reaching the conclusion that they need to plug any security holes not only in their own networks but also in those of their advisers and partner companies.
Bank of America Merrill Lynch, for example, believes it is "one of the largest targets in the world" for cyberattacks and is auditing cybersecurity policies at its outside law firms. According to the bank, law firms are "considered one of the biggest vectors that the hackers, or others, are going to go at to try to get to our information".
full article
