It is not uncommon for cyberattacks to occur in waves. One such phase could be, for instance, an infection or other assault on a network. This, in turn, could be utilized as a misdirection for the incident response teams for the actual intended target to come under fire in a second attack phase. It is this type of attack method that the Banco de Chile faced starting in the month of May, culminating in a major heist of $10 million.
As was reported in the Chilean media outlet La Tercera Pulso, the misdirection first occurred via a late-May attack against roughly 9,000 workstations and 500 servers. The attack itself was carried out by, according to the Banco de Chile’s general manager Eduardo Ebensperger, a zero-day virus called SWAPQ. While the IT security teams were dealing with the destructive nature of SWAPQ, Ebensperger states that there were multiple fraudulent transactions completed on the bank’s SWIFT network. The transactions were able to steal $10 million and send the heist cash to an account based in Hong Kong.
Some analysts are considering the possibility that the Lazarus Group was behind this heist, but honestly, this is just conjecture at this point. The shockwaves being felt throughout the government and banking industry in Chile are strong. Eduardo Ebensperger stated that this is the largest cyberattack against a bank in the country of Chile, and this shouldn’t be surprising, as the country’s cybersecurity standards haven’t been updated since 1993.
According to a report by welivesecurity, the nation’s government is now going into hyperdrive to bring cybersecurity standards up to code. As their report states:
Earlier this week, the Operational Continuity Working Group led by the Ministry of Finance met to discuss the details of the cyberattack in order to agree on future preventative measures. The outcome of these meetings called for the modernization of protocols and tools that would help to prevent these kinds of incidents, with two new lines of defensive measures announced… identifying aspects to be improved in order to be aligned with international standards… a thorough review of the regulatory framework regarding cybersecurity in order to implement the necessary changes so the country has the highest possible cybersecurity standards.
To go so many years without an updated cybersecurity policy was bound to cause disaster for the Chilean government and its institutions. Unfortunately, it was too late to learn the lesson, but perhaps going forward such mistakes will be avoided.
Featured image: Flickr / David Berkowitz