Indian companies at center of global cyber heist


Two companies with major operations in India were the weak links
that opened the door to a $45 million global cyber heist brought
to light by U.S. authorities this week.

EnStage Inc, which operates from Bangalore, and ElectraCard
Services, which is based in Pune, processed card payments for
the two Middle Eastern banks that were hit in the theft,
according to several people familiar with the situation.

U.S. prosecutors said on Thursday that hackers broke into two
card processing companies, raising the balances and withdrawal
limits on accounts that were then exploited in coordinated ATM
withdrawals around the world.

The prosecutors did not name the two companies but said one was
based in India and the other in the United States.

According to a U.S. official and a bank employee, who both
spoke on condition of anonymity, ElectraCard Services was the
company that processed prepaid travel cards for National Bank
of Ras Al Khaimah PSC RAKB.AD (RAKBANK). RAKBANK suffered a $5
million coordinated heist at ATMs around the world on December
21 last year, according to the U.S. indictment.

Ramesh Mengawade, the chief executive of ElectraCard Services
and its parent company, Opus Software Solutions, could not be
reached through his assistant or by email on Saturday. Calls to
the mobile phone of another company official were not answered.

EnStage, which is incorporated in Cupertino, California, is the
company that processed card payments for Bank of Muscat BMAO.OM
of Oman, according to a source close to Bank of Muscat. Bank of
Muscat lost $40 million in a coordinated heist on February 19,
according to Thursday’s indictment.

Officials at enStage could not be reached on Saturday, either
in Bangalore or in Cupertino. In a statement in the Times of
India, Chief Executive Govind Setlur said the company has
implemented security enhancements and monitoring since the
theft.

“Our customers were adversely affected by this sophisticated
crime,” Setlur said in the statement. “We are deeply committed
to information security, and we will continue to take all
reasonable measures to ensure our networks are secured from
criminal actors.”

MORE WORK FOR BIG PROCESSORS?

Bank of Muscat has not commented on the case.

MasterCard (MA.N), the network under which the cards used in
the heist were issued, has said its security was not
compromised. MasterCard bought a 12.5 percent stake in
ElectraCard in 2010, ElectraCard has said.

Cyber security experts said the global scope and speed of the
$45 million bank theft was unprecedented. The global gang had
operatives in 27 countries who fanned out to thousands of ATMs
in a matter of hours, withdrawing money using fraudulent
prepaid debit cards, according to U.S. prosecutors.

The U.S. Justice Department gave details of the heist on
Thursday in an indictment against eight men accused of being
the New York cell of the organization. The department said
seven of the men have been arrested.

The ringleaders of the global operation were believed to be
outside the United States, but U.S. prosecutors have declined
to give details, citing the continuing investigation. Germany
is the only other country so far to announce arrests.

Eddie Schwartz, chief information security officer for RSA Inc,
a firm that helps banks fight payment card fraud, said that it
is not surprising that hackers would target banks that rely on
Indian firms to process transactions.

Schwartz, who is based in Washington, said there is not as much
government oversight in India as there is in the United States
and Western Europe.

“Hackers view India as a target. It’s got a fast-moving
economy, a fast-moving IT infrastructure,” Schwartz said.

Madeline Aufseeser, a senior analyst with Aite Group who
follows payments processors, said she was relieved to learn
that the case appeared to be limited to smaller processors.

“It looks like an isolated, very targeted incident,” she said,
noting that the major firms in the industry have highly
sophisticated protocols to limit fraud damages.

The big players include First Data Corp, FIS (FIS.N), Galileo
Mastercard Inc’s (MA.N) Mastercard Integrated Processing
Solutions, Tsys (TSS.N) and Visa Inc’s (V.N) Visa Debit
Processing Service.

Philip Philliou, managing partner of Philliou Partners LLC, a
firm that helps banks and retailers select payment processors,
predicted smaller processing firms will lose business as a
result of this theft. Banks will decide they are not willing to
assume the additional risk that comes with using smaller firms,
he said.

Via: http://www.timesofoman.com/News/Article-15254.aspx

Posted in Technology. Bookmark the permalink. Follow any comments here with the RSS feed for this post. Both comments and trackbacks are currently closed.


Comments are closed.


Related Posts:

Microsoft hopes ‘Titanfall’ can boost Xbox One

WeChat revolution: China’s ‘killer app’ speaks to the masses

Japan researchers testing tiny ear computer


Search Classified Listings


  • Breaking News

  • Weather for Muscat

    Today Saturday Sunday Monday
    It is forcast to be Partly Cloudy at 10:00 PM GST on July 11, 2014
    Partly Cloudy
    34°/30°
    It is forcast to be Clear at 10:00 PM GST on July 12, 2014
    Clear
    36°/32°
    It is forcast to be Partly Cloudy at 10:00 PM GST on July 13, 2014
    Partly Cloudy
    37°/29°
    It is forcast to be Mostly Cloudy at 10:00 PM GST on July 14, 2014
    Mostly Cloudy
    34°/31°


  • Most Viewed past 3 days:


    Horoscopes

    Get your free daily horoscope + free daily forecast below.
    Choose your zodiac sign:
    Aries
    March 21 - April 19
    Libra
    September 23 - October 22
    Taurus
    April 20 - May 20
    Scorpio
    October 23 - November 21
    Gemini
    May 21 - June 20
    Sagittarius
    November 22 - December 21
    Cancer
    June 21 - July 22
    Capricorn
    December 22 - January 19
    Leo
    July 23 - August 22
    Aquarius
    January 20 - February 18
    Virgo
    August 23 - September 22
    Pisces
    February 19 - March 20

    Latest Classifieds


    Our weather forecast is from Wunderground for WordPress