HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 35 guests and 1 member online
 
Advertisement

You are here: Home arrow Resourcesarrow News from the Outside Worldarrow Citibank Hacked for Millions... Or Was It?
EH-Net
May 19, 2013, 04:57:14 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Citibank Hacked for Millions... Or Was It?  (Read 7864 times)
0 Members and 1 Guest are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 4165


Editor-In-Chief


View Profile WWW
« on: December 23, 2009, 11:06:27 AM »
Quote

According to The Wall Street Journal, U.S. authorities are investigating a computer-security breach targeting Citigroup.Inc. The hackers, who appear to be linked to a Russian cyber gang, made away with tens of millions of dollars.

It's unknown whether the hackers gained direct access to Citibank's systems or if they went through a third party, or if it even happened at all. Despite reports to the contrary, Citibank officals contend that no such breach occurred.

"We had no breach of the system and there were no losses, no customer losses, no bank losses," said Joe Petro, managing director of Citigroup's Security and Investigative services. "Any allegation that the FBI is working a case at Citigroup involving tens of millions of losses is just not true."

The Wall Street Journal claims the threat was initially detected by U.S. investigators who noted suspicious traffic from IPs that had been used by the Russian Business Network, which is a Russian gang that has a history of selling hacking tools and software for accessing U.S. government systems.


Original story:
http://www.maximumpc.com/article/maximum_it/report_russian_gang_responsible_alleged_citibank_hack

Don
Logged
CISSP, MCSE, CSTA, Security+ SME
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #1 on: December 23, 2009, 11:32:55 AM »
I would think the WSJ would be a bit more credible than to just fabricate something entirely. I'll be curious to hear the truth of this.
Logged
hayabusa
Hero Member
*****
Offline Offline

Posts: 1630



View Profile
« Reply #2 on: December 23, 2009, 02:12:51 PM »
ditto, jason...
Logged
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #3 on: December 23, 2009, 07:15:32 PM »
If it turns out that Citbank did indeed get pwned, I am guessing that Joe Petro would be in some hot water.  He is pretty adamant about denying that anything happened.   Usually, when something like this happens, the press release is a bit more noncommittal. 
Logged
~~~~~~~~~~~~~~
Ketchup
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #4 on: December 23, 2009, 09:56:13 PM »
It's likely the weasel words that make the difference "Any allegation that the FBI is working a case at Citigroup involving tens of millions of losses is just not true". It doesn't say that they didn't have a breach.
Logged
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #5 on: December 23, 2009, 10:28:18 PM »
LOL Jason, that's a great point.
Logged
~~~~~~~~~~~~~~
Ketchup
3PIL0GU3
Newbie
*
Offline Offline

Posts: 38


View Profile
« Reply #6 on: December 24, 2009, 02:51:55 AM »
I wonder if this incident has woken people up to the fact that more security professionals within this specialised area are required and that ethical hacking is a seperate area in IT and is not a black art as so many think.
Wouldn't get my hopes up though
Logged
----------------------------
CEH
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #7 on: December 24, 2009, 10:00:50 AM »
Heck no. There have been several *huge* breaches in the last few years. The general public is still fat, dumb, and happy.
Logged
Kev
Sr. Member
****
Offline Offline

Posts: 428


View Profile
« Reply #8 on: December 24, 2009, 12:20:38 PM »
In my experience, the most you can hope is for a major corporation to view security as a necessary evil. No matter how you sell it, they see it as an expense against their bottom line.
Logged
3PIL0GU3
Newbie
*
Offline Offline

Posts: 38


View Profile
« Reply #9 on: December 24, 2009, 06:02:01 PM »
Is it wrong to want a big event to completely shock people so much so that they wake up from their daydream and start realising things.

I mean everything runs off a computer system nowadays Cyberdefense should be paramount what would happen if something so catasrophic occured that it could result in armageddon, water supplys could be contaminated, power failures accross the globe, the likelihood isn't likely but the threat still remains.

I'm shocked that the whitehouse has just appointed a cyberdefense advisor, haven't they heard of cyberterrorism.
Logged
----------------------------
CEH
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.068 seconds with 24 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.