Huge attack that required fraud and systems penetration for nearly 2 years, maybe longer. Banks affected span the globe, Highly sophisticated and methodical attack. Unfortunately, the initial vector in, AGAIN, was the weakest link in virtually any system: the humans.
In many ways, this hack began like any other. The cybercriminals sent their victims infected emails — a news clip or message that appeared to come from a colleague — as bait. When the bank employees clicked on the email, they inadvertently downloaded malicious code. That allowed the hackers to crawl across a bank’s network until they found employees who administered the cash transfer systems or remotely connected A.T.M.s.
Read the article below, though, for more information on how the hackers gained information about operational procedures, employee routines, etc. to blend in and bilk hundreds of millions of dollars.