Sign up to save your podcasts
Or
Share The Evolution of Hackers and Payments
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Evolution of Hackers and Payments
The following is a transcript of an interview between
PaymentsJournal and Tia Ilori, VISA’s Senior Director of Global Fraud and
Breach Investigations, at the Money 20/20 event:
PaymentsJournal
Welcome to the PaymentsJournal podcast. I’m your host Ryan
Mac, and today’s episode was recorded at the Money20/20 event in 2019. Now
during this episode, I’m going to be joined with Tia Ilori, who is the Senior
Director of Global Fraud and Breach Investigations for VISA around hackers. But
more specifically, we’re going to be taking a look at hackers’ motivations, how
they’ve evolved throughout the years and a specific type of attack called ATM
cash-out attacks. So without any further delay, let’s start the show.
So Tia, thank you so much for joining me on today’s episode. So you’ll be speaking about the evolution of hackers during a panel discussion at Money20/20. So how have hackers evolved over the past couple years?
Tia Ilori
Well, thanks, Ryan. So hackers, they don’t wear hoodies. They’re a cast of misfits and criminals today are sophisticated in talent funding, organization, and tactics. They’re increasingly backed by nation state actors and they use a combination of attacks that are leveraged concurrently against mainly financial institutions.
PaymentsJournal
Yeah, I think it’s always so interesting that there’s just that the stereotype of what a hacker looks like and how it is that they are in that dark room, with a hoodie, in their parents’ basement, and it’s just the one individual. But hackers really have kind of evolved to essentially kind of be an enterprise business and they almost run their operations as though a business would be in terms of like, “okay, here’s the risk, here’s the reward”, like “what am I actually going to gain from this?” other than just kind of “oh, I’m doing this for the sake of being disruptive.” In it, there seems to be more of a business purpose to a lot of these hacks that you’re seeing here. So now, as we’re taking a look at these new hackers here, what are their motivations? You know, are their motivations the same or have they changed over the years?
Tia Ilori
Yes, the motivations are the same and their goal is to steal
money, but their approach and their methods are very different. They’re
leveraging technology to scale and they communicate just like legitimate
organizations, and they’re aware of advanced technologies, such as AI, to
optimize these attacks. Most importantly, again,
They’re using a combination of high-tech and low-tech to
facilitate their crimes. For example, ATM cash-out: these attacks are against
financial institutions and the goal here is manipulating the financial
network’s business logic errors. For example, a man in the middle attack that
can insert malware to gain control of an ATM network to take over the roles
that would have alerted the financial institution of nefarious activity on
their network. They use a low tack, in terms of money mules, to physically
withdraw money from ATMs all over the world.
PaymentsJournal
So now obviously, with you working at VISA, you have a ton of insight into this because VISA obviously sees a ton of data. So, from your standpoint, what should FIs do about this hacker problem?
Tia Ilori
So, traditional compromise detection works from the bottom
up by analyzing fraud trends, businesses need to be more proactive and take up
a top down approach to prevent compromises before the attack begins. Banks and
financial institutions should remember that prevention is better than a cure.
PaymentsJournal
All right, now in our previous question here, you had talked about a certain type of attack here: ATM cash out attacks. So what does VISA do to help prevent those type of attacks?
Tia Ilori
So we have a suite of security capabilities that are built
into our payment network that all VISA and clients enjoy as a benefit of being
a participant or client. One in particular, as we said vital signs, actively
monitor for transactions that are potentially fraudulent activity at the ATM
that may be indicative of a cash-out. And to limit losses of financial
institutions, VISA can coordinate with clients to step in and suspend them and
malicious activity.
PaymentsJournal
No, interesting. I certainly think, you know, when you kind of really start to dive deep into the different methods and ways that hackers are using to steal money, data and information, you can kind of get sucked into this wormhole of it being like a really scary environment out there. So for our last couple of questions here, one, what do you want financial institutions to know about hackers in general and the relationship between financial institutions? Second, what are some final thoughts that you could give our audience around this subject?
Tia Ilori
So my parting thoughts are VISA has your back. As criminals
innovate, so do we. We employ a multi-layered approach to fraud prevention by
empowering consumers with tools to help prevent fraud. We also invest in
intelligence and technologies, and we help by setting high standards of
governance for payments. We also have a 24/7 risk operation center that is
designed to support our clients’ existing capabilities and monitor for
anomalous activity.
PaymentsJournal
Excellent. Well to thank you so much for joining me on
today’s episode to talk about hackers and financial institutions and I hope to
have you back on the podcast real soon.
Tia Ilori
Thanks, Ryan.
The post The Evolution of Hackers and Payments appeared first on PaymentsJournal.
View all episodes
By The PaymentsJournal PodcastThe following is a transcript of an interview between
PaymentsJournal and Tia Ilori, VISA’s Senior Director of Global Fraud and
Breach Investigations, at the Money 20/20 event:
PaymentsJournal
Welcome to the PaymentsJournal podcast. I’m your host Ryan
Mac, and today’s episode was recorded at the Money20/20 event in 2019. Now
during this episode, I’m going to be joined with Tia Ilori, who is the Senior
Director of Global Fraud and Breach Investigations for VISA around hackers. But
more specifically, we’re going to be taking a look at hackers’ motivations, how
they’ve evolved throughout the years and a specific type of attack called ATM
cash-out attacks. So without any further delay, let’s start the show.
So Tia, thank you so much for joining me on today’s episode. So you’ll be speaking about the evolution of hackers during a panel discussion at Money20/20. So how have hackers evolved over the past couple years?
Tia Ilori
Well, thanks, Ryan. So hackers, they don’t wear hoodies. They’re a cast of misfits and criminals today are sophisticated in talent funding, organization, and tactics. They’re increasingly backed by nation state actors and they use a combination of attacks that are leveraged concurrently against mainly financial institutions.
PaymentsJournal
Yeah, I think it’s always so interesting that there’s just that the stereotype of what a hacker looks like and how it is that they are in that dark room, with a hoodie, in their parents’ basement, and it’s just the one individual. But hackers really have kind of evolved to essentially kind of be an enterprise business and they almost run their operations as though a business would be in terms of like, “okay, here’s the risk, here’s the reward”, like “what am I actually going to gain from this?” other than just kind of “oh, I’m doing this for the sake of being disruptive.” In it, there seems to be more of a business purpose to a lot of these hacks that you’re seeing here. So now, as we’re taking a look at these new hackers here, what are their motivations? You know, are their motivations the same or have they changed over the years?
Tia Ilori
Yes, the motivations are the same and their goal is to steal
money, but their approach and their methods are very different. They’re
leveraging technology to scale and they communicate just like legitimate
organizations, and they’re aware of advanced technologies, such as AI, to
optimize these attacks. Most importantly, again,
They’re using a combination of high-tech and low-tech to
facilitate their crimes. For example, ATM cash-out: these attacks are against
financial institutions and the goal here is manipulating the financial
network’s business logic errors. For example, a man in the middle attack that
can insert malware to gain control of an ATM network to take over the roles
that would have alerted the financial institution of nefarious activity on
their network. They use a low tack, in terms of money mules, to physically
withdraw money from ATMs all over the world.
PaymentsJournal
So now obviously, with you working at VISA, you have a ton of insight into this because VISA obviously sees a ton of data. So, from your standpoint, what should FIs do about this hacker problem?
Tia Ilori
So, traditional compromise detection works from the bottom
up by analyzing fraud trends, businesses need to be more proactive and take up
a top down approach to prevent compromises before the attack begins. Banks and
financial institutions should remember that prevention is better than a cure.
PaymentsJournal
All right, now in our previous question here, you had talked about a certain type of attack here: ATM cash out attacks. So what does VISA do to help prevent those type of attacks?
Tia Ilori
So we have a suite of security capabilities that are built
into our payment network that all VISA and clients enjoy as a benefit of being
a participant or client. One in particular, as we said vital signs, actively
monitor for transactions that are potentially fraudulent activity at the ATM
that may be indicative of a cash-out. And to limit losses of financial
institutions, VISA can coordinate with clients to step in and suspend them and
malicious activity.
PaymentsJournal
No, interesting. I certainly think, you know, when you kind of really start to dive deep into the different methods and ways that hackers are using to steal money, data and information, you can kind of get sucked into this wormhole of it being like a really scary environment out there. So for our last couple of questions here, one, what do you want financial institutions to know about hackers in general and the relationship between financial institutions? Second, what are some final thoughts that you could give our audience around this subject?
Tia Ilori
So my parting thoughts are VISA has your back. As criminals
innovate, so do we. We employ a multi-layered approach to fraud prevention by
empowering consumers with tools to help prevent fraud. We also invest in
intelligence and technologies, and we help by setting high standards of
governance for payments. We also have a 24/7 risk operation center that is
designed to support our clients’ existing capabilities and monitor for
anomalous activity.
PaymentsJournal
Excellent. Well to thank you so much for joining me on
today’s episode to talk about hackers and financial institutions and I hope to
have you back on the podcast real soon.
Tia Ilori
Thanks, Ryan.
The post The Evolution of Hackers and Payments appeared first on PaymentsJournal.