Lossesincurred by Russian lenders as a result of hacker attacks on correspondent accountsheld with the local central bankexceeded 2 billion Russian rubles during the last quarter of 2015 and the firstquarter of 2016, Vedomosti reported May4, citing a representative of the regulator.
The officialalso said hackers attempted to steal another 1.5 billion rubles, but those attackswere prevented.
recently said that hackers stole 508 million rubles from its correspondent accountin January 2016. The lender later managed to retrieve 338 million rubles of thissum and took a number of measures to improve its cyber security. In March, anotherRussian lender, OAO AKB Metallinvestbank,said hackers stole 667 million rubles from its correspondent account, with the fundstransferred to individual accounts in various Russian banks, Vedomosti reported.
Hackerscarried out the attacks by withdrawing funds through the Automated Working Stationof the Central Bank Client, which is free software used to deliver payment fileson behalf of the central bank. When lenders send payments to their correspondentaccounts with the regulator, hackers are able to falsify certain files, as a resultof which the funds end up on accounts controlled by them, Vedomosti noted. The newspaper added that many banks have now learnedto track and block fraudulent transfers.
The regulatoris aware of the vulnerability of the AWS system and plans to review its workingconcept as well as security requirements for the payment environment, while smalland medium-sized banks that do not have enough resources to ensure information securitywill receive recommendations on outsourcing such services, the news report said,citing Artem Sychev, the deputy head of the central bank.
As of May 5, US$1 was equivalentto 66.73 Russian rubles.