It has been revealed that Tesco has enlisted the help of GCHQ to investigate the attack on its banking business which involved money being stolen from 20,000 customers’ accounts. GCHQ is working alongside the National Crime Agency to look into the cyber-attack, which is believed to be the biggest attack in the history of British banking. It is thougt that the hackers originated from Brazil and Spain, and this follows months of cyber criminals targeting the bank’s customers with persistent phishing campaigns.
Ross Brewer, vice president and managing director of EMEA at LogRhythm, made the following comments:
“The scale and scope of this cyber-attack is extraordinary. If initial reports are to be believed, this was a well thought-out, persistent attack by criminals that intended to exploit any and all of the bank’s vulnerabilities in order to get access to what they wanted most – the money.
“While it hasn’t yet been confirmed exactly how the attack took place, this successful hack is the perfect example of what we are now dealing with. Hackers are determined, tenacious and clever, and with banks set firmly in their sights, this could be a big problem for our critical national infrastructure. Banks are the backbone of our economy and their success relies heavily on customers’ trust, so it’s imperative they have tools in place that can spot anomalous activity, including unusual transactions or unauthorised access, at the point of compromise – not once the damage has been done.
“Cyber-attacks are inevitable, there’s no doubt about it, but organisations cannot afford to sit back and let them happen. Banks must start addressing their defences and implement measures that monitor their customers’ accounts at all times. It will be interesting to hear what GCHQ and the NCA find when investigating this hack. However, regardless of the outcome, the fact remains that banks will remain vulnerable unless they use security intelligence to accelerate the speed that they detect and respond to incidents.”