Many Corrupt Ukrainian Bank Workers Assist Cyber Criminals

Ukraine's national security agency had detected a rise in bank-related cyber in the country. Apparently many of the attacks rely on insiders, as banks are advised to review and strengthen their employee selection processes.

Kyiv Post reports that the National Bank of Ukraine (NBU) has sent a letter informing local banks of an increase in the number of financial cyber crime incidents in the country. "SBU registered a stable trend of the increase in the number of computer criminality in the banking sphere in 2009-2010. SBU prevented illegal actions using information and telecommunications technologies by some groups," the notification reads.

Sluzhba Bezpeky Ukrayiny (SBU), or Security Service of Ukraine in English translation, is Ukraine's equivalent for the NSA. The organization is oversees the country's national security and is tasked with fighting terrorism, smuggling and drug trafficking. It also protects Ukraine's President and other high-ranking officials.

In its letter, the NBU explained that many of the incidents investigated by the SBU were the result of banks failing to meet the proper security requirements for their IT infrastructure. It also expressed concern regarding insider threats - corrupt workers who assist cyber criminals for a share of the illegal proceeds. In this respect, the institution recommended better background screening processes for potential employees, especially those in key positions involving access to sensitive documents and systems.

But Ukraine also serves as a hub for international bank-related cyber criminal activity. Large fraud networks who target U.S. and Western European banks are coordinated from Ukraine and other Eastern European countries.

It was believed for a long time that in order to avoid prosecution, Ukrainian and Russian hackers hold back from targeting their compatriots. However, it seems that since their profits have decreased as a result of the financial crisis, the gloves came off.

Last year we reported the discovery of the first ATM malware samples in Russia. In addition to US dollars, they also targeted Russian and Ukrainian currencies, and required insider help to be installed.

You can follow the editor on Twitter @lconstantin