News broke this week that following a cyberattack, hackers were able to siphon hundreds of millions of pesos (about $15.4 million) from a number of Mexican banks, including No. 2 Banorte and others that are yet to be named. The criminals created fake orders that wired funds to bogus accounts then immediately withdrew the cash. The incidents are still being investigated. Jeannie Warner, Security Manager at WhiteHat Security commented below.
Jeannie Warner, Security Manager at WhiteHat Security:
While financial regulators may not have paid close attention, there is also a failing in calling out how to secure third-party apps and APIs. Most of the regulations focus on securing networks, with applications left something of a black box. Only PCI DSS calls out specific checks for applications, and I am unconvinced that rigor is applied to every single component of the financial system, especially third-party plugins for bill payment systems.”
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.