UK Banks Blackmailed by Crackers 98
Palin Majere writes "This story from USAToday reports on how banks in the UK are finding it cheaper (and easier) to pay off cracker groups rather than try and defend themselves properly."
This discussion has been archived.
No new comments can be posted.
UK Banks Blackmailed by Crackers
Related Links Top of the: day, week, month.
Friction is a drag.
types of blackmail (Score:1)
If I go to a company and say - I found those security breaks in your system, I can fix them if you'd pay me.
Is that blackmail?
Re:Does it make sense? (Score:1)
Bank: What did you do to break in?
Blackmailer: Well, I... (yadda yadda yadda)
Where is the trust in this situation? As mentioned before in the comments, the blackmailer could have multiple ways in, or multiple backdoors, etc. It would only take one easy way in to do more damage -- or have the potential to do more damage.
Blackmail is not about trusting someone. It's about knowing that you definitely don't trust them, but attempt to make the situation better for yourself. Getting answers from blackmailers would be just as easy as eating an asphalt pie.
Cracker Bank (Score:1)
Consider the scenario of a banks communication network breaking down.
Here's how it might work:
Lets say the main branch in London has a computer failure. Now, that's all ok for an hour or too, but if it lasts much longer, especially at some strategic time (like during backups) then the bank will start having problems.
Now, instead of transferring monies out of an account the crook simply withdraws the money from several banks, one after the other. They won't notice untill after the link comes back up.
Ok, so the banks that are offline can't deal with major withdrawals. So now, they really can't do anything, except dissalow withdrawals. Then, when the news hits, there may be a run on the bank... (This is really bad news.)
Now, the tricky part here is that the bank would rather pay someone to not attack than to loose it's buisness for a day, no big deal. As soon as the scenario becomes reasonably common, the bank may well move to more economical means of protection.
Also, it seems like this kind of scenario is likely to be an inside job. A banker should be well versed in how to perform massive money transfers discreetly, and have appropiate contacts to do so. The insider already has acess to the system, and can easily forge an e-mail by simply bypassing physical security.
Furthermore, with inside information, the crook could verry well know what sums of money would be considered small enough to be acceptable payoffs.
Otherwise there are massive issues with this sort of caper. AFAIK most banks use proprietary systems. Most of these systems were written a long time ago by professional high-end programmers, not the indian sweatshop programs available from MS, so each system is unique, and may well require insider info. The actual transfer of money would also be very difficult to perform securely.
NTG
Re:Money transfer networks (Score:1)
There is a lot of sensitive information in a bank, and more importantly, a bank's financial success depends on it's public image.
Can you imagine the bad press if a cracker group post a/c details of some corporate clients?
mmmmm... bad medicine....
Re:Been happening for a long time (Score:1)
--Phil (Pardon if I misunderstood--as I said, I haven't yet had much experience in this area.)
Re:Privacy going downhill (Score:2)
My bank has an interesting solution here: It uses a client, which does all the wacky password stuff, and then acts as a local proxy, so that you can use your normal browser, but only with the security program working. It can be a bit of a pain to setup when you're already using a proxy, but not all that bad. And it seems to work - I haven't heard of any great problems yet.
Of course, the nice thing about just having stuff on the web is that you don't need any proprietary software - it'll work on any OS that has a browser!
Of course, you'll want decent encryption - would a "simple" solution that used 128 bit encryption be generally decent? Would most of you trust it?
(of course it would depend on a lot of other things... but hey)
If so, all we need is to allow 128 bit encryption everywhere! There's that familiar refrain again...
Stupidity (Score:1)
I also can't believe that these skript kiddiez all have secret Swiss bank accounts or something. Wouldn't a deposit of $400,000 by an unemployed teenager be suspicious? This isn't exactly an amount of money you can hide under your bed.
Reminds me of a local incident a couple years ago, where a couple skript kiddiez hacked an e-commerce server, stole credit card numbers, then had stuff *shipped to their homes*. And they wonder why they got caught...
"During your times of trial and suffering, when you see only one set of footprints, it was then that I was riding the pogostick."
Re:Long term /Short term and Capitalism (Score:2)
Re:Homer: mmmmm....Crackers.... (Score:1)
Jason.
Re:It's Ungoed-Thomas (Score:1)
-nme!
CitiBank fought the crackers and paid the price (Score:1)
Unfortunately, as these things go, the press ran with the usual "CitiBank gets hacked!" headlines, with the result that CitiBank lost nearly all of its most lucrative accounts almost immediately. This lesson has not been lost on other banks, who will now gladly pay a protection racket "reasonable" fees rather than loose their own lucrative accounts. This will probably go on until either the authorities jail some high-level banking executives for obstruction of justice or complicity in covering up a crime, or depositers wise up and realize that a bank like CitiBank is probably a much more secure place to put one's money than a competitor which gets cracked in exactly the same way, but covers up the incident and finances future cracking missions with payoffs to boot!
Re:Catch them when they pay the bribe? (Score:1)
It's simply a matter of reading... (Score:1)
And on a related note: Until recently TSB's ATM network in The UK used modem dial-up to network their cash machines in the North of Scotland to the rest of their network. Further more no encryption was employed over these lines. Unencrypted transfers on public lines - sheesh!
Re:What actually is the moral of this story? (Score:1)
- A bit of hype about those evil hackers will go a long way (i.e., from newspaper to newspaper, country to country...)
- Sufficient doses of hype will induce TREMBLES (Traumatic Reflex Evoking Multiple Blank Line Entry Syndrome), as evidenced in your message.
Hope this helps...(I will admit I was unable to distinguish in this case between TREMBLES and MUMBLES [Monkey Using Multiple Blank Lines for Emphasis Syndrome] so I gave you the benefit of the doubt.)
Non-story (Score:1)
Some members of a mailing list I subscribe to (ukcrypto) have suggested that this is simply a scare story whipped up by GCHQ (think British NSA) to try to get big companies to use their consulting services.
See this archive [ucl.ac.uk].
This was all made up by the UK's NSA. (Score:3)
The original story has bizarre references to "hackers" holding up banks "with crypto" - I know it's a munition, but you can't point it at a bank teller!
See for example thi s article [ucl.ac.uk] by highly respected cryptologist and computer security expert Ross Anderson, who is also co-author of AES candidate Serpent. Note also thi s observation [ucl.ac.uk] on bank panic stories, or read the whole thread [ucl.ac.uk] (search for "today's Times").
I'll also echo the comments here about Jonathan Ungoed-Thomas's hilarious attempts to cover security issues, among other iGaffes.
--
Double-plus Ungoed (Score:2)
Many times he has been caught sending out emails from his work account, pretending to be a female eco-terrorist. Then he started using hotmail but filled out the registration form with his own name, and it was sent with the emails. He is astoundingly stupid and clueless.
Now, there may have been some extortion attempts against banks recently by script-kiddies. During the Secondary DNS Con, civic minded hackers announced that the Scottish National Party's web site had no security. They then gave the web masters 2 weeks to fix it (the idiots applied a single M$ patch), then cracked the system and defaced the home page with some very funny stuff. Obviously the hack was long in the making.
Since then, there has been a lot of poking around websites all over the place in the UK, and since most of the security holes are application based, adding firewalls doesn't do much good.
I expect some script-kiddies sent an email to a web master at a major bank, demanding money or "the web site gets it". Mr double-plus-Ungoed has managed to fabricate a huge threat out of that with his tabloid trash writing.
Bank security for transactions doesn't go through web sites, despite what clueless wanna-be hackers would love to think. Any real cyber-threat to banks is well funded by organized crime, and the hacks are months in the execution. The payoff can be huge, and usually requires inside knowledge. Mr Ungoed can't even figure out hotmail
the AC
Old news: Spiegel ran stories about it years ago! (Score:1)
Btw, a couple of years ago, there was an incident where somebody fraudulently transferred away a large sum of money from Pernot-Ricard's (famous pastis drink producer) account to a numbered account in Switzerland. The perps were hoping that the incident would stay undiscovered, in the naive belief that at a company nobody would check bank accounts...
Re:Been happening for a long time (Score:1)
If this is so easy, then it *really* ought to be trivial to listen to any phone conversation you want (I mean come on, a lot of the phone network isn't even digital).
If you are such a badass information warfare expert, why don't you just tap into a few conversations between CEOs of huge evil companies (ie MSFT) and let everyone know about the nefarious schemes they are hatching.
And hey if it's so easy to jump from the PBX into the data network, it should be just as easy to do it from the power grid, right? I mean c'mon they're all wires that are sorta, somewhat, in some way connected with each other.
Gimme a break. Somehow I just don't think getting information is quite as easy as you say, or we wouldn't have the NSA squawking about encryption technologies and the like all the time.
Netbanking and encryption (Score:2)
It grew from a touch-tone system (which I avoid using) to a proprietary client to a browser based app. They recently phased out the propietary client.
However, I would not be able to legally access my info outside of North America. Yep, it only allows 128-bit crypto. It'll reject anything else.
Between that and the phone, I trust the browser more. It is really easy to just record a phone session and get the touch-tone password and card number.
So banks outside North America are getting the shaft due to dumb US export restrictions.
Quite frankly, I'm surprised they're "letting" us use it. But then again, is that IP owned by the US government? What right do they have to impede international business?
What pisses me off the most is that I can't really do anything about it. They're not going to listen to me, as I'm not a US citizen.
All of you US people should each write a monthly letter to their politicians, or a monthly fax. Let them know how strongly you feel.
It seems to make sense (Score:1)
Second, you fix the holes quietly to prevent other crackers to do the same. And you still keep it quiet.
Trust is really important when you give somebody your money. You trust the bank that they give back the money you gave them. Therefor you trust them to be able to protect the integrity of the finance tracking system.
Let's take that a bit farther: What if it becomes known, that more than one or two banks, namely nearly all banks, are vulnerable and not too difficult to crack? What might happen? The customers may lose their trust in the banks and get their money back and/or keep it to themselves. If this happens on a big scale you decrease the available money for the servies of the banks like investing and credits. Without being able to get a decent credit other investments will not be made and so on... The financial system slows and the economy suffers. Therefor there is less money on the side of the investors, which they still keep to themselves...
Trust is really important for the economy. You have to trust the government, that those cheap printed paper slips with numbers on them are really worth more than the paper value. You have to trust the banks, that you get your money back. And therefor they have to pretend that they are invulnerable. Behind the scenes they may act completely different, but in the face of the public they have to keep their face.
BTW: I really liked it, too, that the author didn't mix hackers with crackers as many others do.
Björn
Economics 101 (Score:1)
So what's the uk rate for a competent sysadmin? 80 pounds or so? An ounce of prevention...
--Shoeboy
So is the deception going to cost them more? (Score:1)
This is bad timing - just in time for the Y2k currancy rush. I wouldn't want to be working at a bank at the moment. Remind me to have more on my credit card than in my bank account on the 31st of December...
CJ.
PS. First post again?!?
Pathetic (Score:1)
Its amazing.
I don't understand how it could be so easy to crack what should be such a single-minded system..
Sounds like the bank is trying to do too much on one server..
Or maybe is it a lack of encryption issue?
If I can set up my linux box to accept packets with a simple service, and I proof the code enough, then I don't have to worry about anything but DoS attacks.. and the firewall should be handling that...
And if they are cracking your firewall, you need to hire a new admin, because the old one is incompetent.
they got it right (Score:1)
Homer: mmmmm....Crackers.... (Score:1)
Is it just me or did they get that backwards? :)
Well, at least they actually used the proper term some of the time...
Ribo
Re:Long term /Short term and Capitalism (Score:1)
Just one thing that came to my mind: If the crackers are so good that they can do what they want (or at least that's what the banks think they are), why don't they just transfer the amount of money they want to their own accounts? Why go all the trouble in blackmailing the banks? Makes me wonder if a bank would give me money if I sent them a note I'll crash their machines if they don't..
--
Privacy going downhill (Score:2)
Does anybody know if these crackers are anything more than greedy script kiddies?
With this kind of thing (governments eroding privacy, eroding any attempts to use encryption, private sector being even worse about privacy, etc.) the average law-abiding citizen in any country might as well post a daily log of all their activities and financial statements to USENET, because everybody could get to the info anyways.
And, jeez, how hard is it, really, to separate a bank network from the internet entirely and only allow absolutely necessary things through firewalls? (and to keep computers up-to-date, for that matter) Or is this all mostly being done by people that manage to get access (somehow) to terminals in the banks themselves?
Been happening for a long time (Score:5)
The methods of blackmail are very simple as most of the systems run over standard high bandwidth lines. It's a simple enough problem to get into these systems by going through the exchange points rather than walking through the front door of a bank (just like breaking into most company networks is actually much easier to break the PABX system and then jump across into the data stream that contains the network link rather than trying to attack the firewall directly).
Most of the time, the banks don't even bother with varifying the cracker's claims. They just pay up the cash and be done with it. You'd be surprised as just how lax most banks are with thier internal security. Oh, this system is inside the network so we don't even have to worry about encrypting the comms between our two mainframes even though their located at two different sites 50Km apart.
Another interesting whole to watch out for in the future will be the increasing use of direct fibre channel connections. Some of the setups that I've seen put the mainframe connection in one site and the drives and backdrives in two separate sites. The drives are hooked up using fibre channel as though they were local hard drives to the machine. If you know what you're doing, getting inside one of these links can be quite easy.
Despite repeated demonstrations of how easy some of these systems are to break, the banks just don't seem to be interested in trying to make it more secure. They don't want to spend the extra money because it eats into the profit margin. Security through obscurity seems to be their favourite mantra. Fscking idiots!
Once you pay Danegeld, (Score:2)
of all the policies I've heard, this is the most short sighted. Of course, not much detail is given out, but I can see this already:
1. crack root on one bank's machine.
2. metastatize into the whole LAN.
3. install backdoors everywhere.
Now:
4. give a vivid demo + ransom instructions, signed
with one handle. Obtain ransom. Observe which backdoors are undone. Restore what you can.
5. wait.
6. if (backdoors >= 1) {
a. select new handle and set of ransom
instructions.
b. repeat steps 4 and 5.
}
Lovely, eh?
Long term /Short term and Capitalism (Score:3)
Thi is exactly the kind of attitude I can't understand in the Capitalistc world were leaving in.
.....
Sure on the short terms it's cheaper to pay the hackers to send them elsewhere (like your comperitor). But on the long term this really is bad:
* Crackers will see in such deal a good way to make money, they'll come back (this will increase the cost of security)
* Since they just pay the cracker and don't do anything about security, what will happen when the cracker dosn't try to get paid by the bank but takes what he wants
On the long trem the money should be spend on increaing security
cha-ching! (Score:1)
Make $$$ in your spare time! Have the bank pay you for your cracking skills!
strongarm mafia tactics (Score:1)
Encouraging Bad Things (Score:1)
Furthermore, this is bad because banks depend heavily on the trust of regular people. Since they take the money you deposit into your savings account and loan it out, making money on the interest the borrowers must pay, it isn't good for the bank if too many people lose faith at once and come for their savings.
I wouldn't feel good about having my money in a bank that gives in to the demands of script kiddies.
Take care,
Steve
British banks, eh? (Score:1)
Idiots.
cHrackers (Score:3)
"Did you pay off the hackers?"
"Yes, they're covered."
"How bout the crackers?"
"Ya, we got them too."
"Snackers?"
"Trying to find them."
"Meat packers?"
"I can only work so fast boss..."
Hotnutz.com [hotnutz.com]
Don't believe everything you read in the Times. (Score:1)
uniquely British system of banking. And London
journalism is nothing if not sensational.
Des Cracking doesn't require BIG funding anymore. (Score:1)
LINUX stands for: Linux Inux Nux Ux X
Re:Long term /Short term and Capitalism (Score:2)
Cheers,
Rick Kirkland
Re:Encouraging Bad Things (Score:1)
"I think that, at some point, giving in to these people will legitimize malicious cracking in the eyes of many. "
Haha! Bank Robbery will undergo a renaissance,
after a lull in popularity since the 1930's!
A whole new generation of underworld gangsters
to worship in the *next* gens media!
Re:Been happening for a long time (Score:4)
This story is at best old, at worst a hoax (Score:2)
Now I wonder why GCHQ want to know how banks and institutions secure themselves?
This person is lying. (Score:2)
Does it make sense? (Score:1)
I can think of two possible scenaria, one which makes sense and another which does not:
Re:It's Ungoed-Thomas (Score:1)
Being convinced that the internet is the tool of anti-capitalist anarchists, and was used to orchestrate violence at a demonstration in london, he contacted the organisers of the demonstration purporting to be interested in more direct action, as opposed to shouting and waving a placard about... ie yer basic journalistic sting. The only problem was, he used his Times email address to send the email, which was a bit of a bad oversight, really.
Not one to be worried, he tried again, this time sending from a hotmail account. Unfortunately, the thought never occurred to him that he should register the account in a name other than his own, thereby advertising who he was for all to see in the From: header.
Doesn't exactly inspire much confidence in his abilities...
Re:Catch them when they pay the bribe? (Score:2)
Re:Homer: mmmmm....Crackers.... (Score:3)
Even leaving it at reports of 'malicious hackers' would've been correct. They're hackers and they're malicious. It isn't implying that all hackers are malicious anymore than saying 'corrupt police officer' would imply that all police officers are corrupt.
Re:What actually is the moral of this story? (Score:1)
Re:Privacy going downhill (Score:2)
That may be the way it works in Oz, but here in the UK you do access NetBanking via a simple browser. And because of the US government's insane stance on cryptography, it'll be a browser with crippled, weak security.
The financial institutions over here have made it particularly easy for crackers to get into their systems, so it's probably no big surprise that we're the ones being targetted.
Well.. (Score:1)
Ungoed tricks (Score:1)
(extracted from Schnews [schnews.org.uk] - Brit eco-activist newsletter)
If you receive any unsolicited emails from wide-eyed activist females, don't count yourself so popular; it could be our mates at the Sunday Times with another lesson in the value of media liaison. While journalist Mark Macaskill came across reasonably enough, emailing activists with an approach to interview them, his colleague took a different tack.
So, it must now be our turn to take the piss out of super-sleuth journo John Ungoed-Thomas, who sent out a few emails under false names, in the hope of getting back some juicy info for an article.
'Jo' is just one 'committed environmental and anti-corporation activist' apparently now flocking to the ranks of our burgeoning movement, if an email recently received by Friends of the Earth is anything to go by. She wants to know how to get more involved indirect action, having ' really enjoyed' June 18 [anti- capitalist riots in London earlier this year]. Likewise, 'Laura' who eco-columnist George Monbiot of the Guardian was privileged to hear from, describes herself as a 'committed anti-corporationist' and is eagerto help in any way she can. Any ideas? Perhaps Laura and Jo might benefit from a few words of advice from someone more canny in covering their tracks, for both sent emails from addresses leading back to Clouseau-esque Ungoed-Thomas, the master of disguise himself. Hardly for us to take the piss now; he's practically giving it away.
Even better... (Score:2)
Just as people don't call rustlers "cowboys" or (sea) pirates "sailors", so they won't call crackers "hackers" (though the former is almost an included set of the latter in all three cases).
Good for you, USA Today!
Been through this before. (Score:2)
So soon they were networked, and checked the real records of the account. Big improvement.
But it costs a lot to keep the banks' machines up 24x7. So they went to standalone mode on weekend nights. And again they trusted the card, and again they were vulnerable.
I hear that one major bank in Detroit didn't bother with the extra shift on Sunday night when they were only losing $10K/weekend. When it got up to $100k, they paid for the extra shift, and the window of opportunity became very narrow and sporadic. (And nowadays the hosts are up so much of the time that they can program the ATMs to go out-of-service if they can't reach the host. So for these machines the window is zero.)
The same will likely happen with the blackmailers. If there are ever so many that it's cheaper for the banks to fight them than to pay them off they'll fight 'em. Menawhile, they can gain breathing room to work on their security by keeping the current few at bay with payoffs. And they can try to trace the payoffs and bust the blackmailer-of-opportunity now and then.
Re:Netbanking and encryption (Score:1)
They just say either Internet Explorer or Netscape is required. Thanks....
What I tell people to do is to use Fortify (http://www.fortify.net [fortify.net]) which updates your browser to 128bit (apparently)
Oops. Re:Get the quote right (Score:1)
Re:Long term /Short term and Capitalism (Score:1)
Mafia 2000 (Score:1)
Insurance? (Score:2)
They're probably just cracking PC networks (Score:1)
However, I'd imagine that the PC networks of your average bank is like most companies' networks - leaking like a sieve. I'm sure there's plenty of material lying around on those corporate hard drives that's quite blackmail-worthy.
Catch them when they pay the bribe? (Score:3)
It seems much more likely that authorities could trace a single such (planned) transaction (even if it goes through an online Swiss bank or something) than if J. Random Cracker just transferred the $10 million to his account without the bank's knowledge. So, why would J. even demand a payoff at all unless he's bluffing or too stupid to realize he's increasing the chances of being caught?
How about the golden rule? (Score:1)
Now, there may be some arguments about morality and ethics and all that, but we are after all talking about large corporations, which aren't exactly paragons of virtue. They should phone up Big Tobacco or the gun lobby in the States if they need some pointers on technique.
It's Ungoed-Thomas (Score:5)
As I suspected when I saw the reference to the Sunday Times, the original article [sunday-times.co.uk] that was cited in USA today was authored by Jon Ungoes-Thomas. Readers of ntk.net [ntk.net] will be familiar with Ungoed-Thomas as a journalist who is long on unsubstantiated sensation, and very short on fact checking, and who is building a career out of predicting the collapse of civilization as a result of the Internet.
I'd take this particular article with a few large and tasty grains of salt.
Get the quote right (Score:1)
You never get rid of the Dane.
From "Danegeld" by Rudyard Kipling
Money transfer networks (Score:3)
You'd not only need to be a fairly talented cracker to get into the bank's network in the first place - but you'd also have to have an in-depth knowledge of how banking transactions work to actually pass the money around.
I've been working in this industry for five years now - working with a large number of banks - and I still don't think I could get away with it...
Re:This person is lying. (Score:2)
The crackers who later defaced the website put a lot of work into a careful spoof of the contents of the site. They even speled most wurds corectly
Check out the defaced page on http://www
But since I work in the security industry, I've noticed a lot of UK businesses are asking for fast and easy security for their websites, since web site cracks are happening almost all the time. For some reason telling them to hire a competent admin and install the latest patches falls on deaf ears. But tell them that for twice the price they can buy a handful of firewalls, and they hand us a blank cheque.
the AC
Re:Long term /Short term and Capitalism (Score:1)
In the past, the biggest source of the losses are inside jobs and sheer incompetence.
How do you compensate for incompetence?! Spending money on security still has the same problems of incompetence and deliberate back doors...
Re:Privacy going downhill (Score:1)
Used to be that way. Not any more. Look at Citibank -- they used to have a special-purpose client with, basically, an ATM interface. Now it's gone and to access your account electronically all you need is a plain-vanilla browser.
Besides don't forget that the security of individual accounts depends on a four-digit PIN number -- this is by far the weakest link. Of course, if you are talking about corporate accounts and wire transfers, things do get more interesting...
Kaa
The future is upon us (Score:1)
How long will it be before eco-fanatics stop spray painting fur coats and simply trash the offending company's network? How long until terrorists simply threaten to destroy New York's phone systems until their demands are met? Not long, I say.
Yes, countries will always send soldiers with guns to do the dirty work. Many things won't change.
The potential situation with banks is just the tip of the iceberg...
Re:Mattress. (Score:1)
The money should be out on the kitchen table. Near the windows.
heh
Re:How about the golden rule? (Score:1)
Why do you think you can say that? Sure, there are abuses in some large corporations.
I don't buy for a moment, however, the sentiment that they can all be painted by the same brush.
If you're going to just offhand throw out moral and ethical arguements, then this discussion is null and void.
Re:What actually is the moral of this story? (Score:1)
Re:Privacy going downhill (Score:2)
Many worldwide banks offer NetBanking as a way of allowing customers access to their account, bill payments, loan payments, etc over the net. The way this is done is not through a browser, but through a secure on-line client terminal, developed by the bank (which is not open source
I imagine what the crackers are doing, is using this client, a bit of reverse engineering and some other unscrupulous methods to do the do. Otherwise, the only other way in is via a remote dial in.
I used to work for a co. that processed data records for a bank on to microfiche. Initially the data came on tapes, then a dedicated secure connection to the bank was connected for more efficient data transfer. There were some very, very, tight restrictions on our network and external connection before that thing went in.
Tabloid Rubbish (Score:1)
What actually is the moral of this story? (Score:1)
Please help me, I am confused.
What kind of message are we trying to give it to the Joe o' Public out there?
That blackmailing banks are good?
That crackers (or in the NYT-speak, Hackers) are bad people who make a living by blackmailing others?
That banks are wimps waiting to be blackmailed?
That the future is bleak because our money is not safe no more in those wimpy banks?
What actually is the moral to this story, huh?!
Where is the proof of this? (Score:1)
Stories like these (and, less frequently, those debunking them) have been going around for years. I'm extremely skeptical, especially with this latest article. Okay, so banks are giving payouts of millions of dollars to hackers, but the author can't get one single law enforcement officer or spokesperson to give a comment on the record? Gimme a freakin' break. Police departments would be more than happy to speak out about this, using it as an excuse to increase their funding. It's just as likely that banks are putting forth this excuse to cover up losses due to embezzlement and other crimes by their own bad-apple employees.
Whether any of it is true or not, I wouldn't rely on this article as a source if you paid me. Makes me wonder who's really being "taken for a ride," as the article puts it.
Cheers,
ZicoKnows@hotmail.com
old news ? (Score:1)
I guess newspapers have some kind of archive which they use to fill up their pages over and over again.