Carbanak: The story of an virtual bank-heist, just ready in time for some PR

The New York Times published a disturbing article about cyber (in-)security on Friday titled „Bank Hackers Steal Millions via Malware“. Read it, it’s an interesting one.

The second paragraph about the article of the so-called Carbanak-heist says:

In a report to be published on Monday, and provided in advance to The New York Times, Kaspersky Lab says that the scope of this attack on more than 100 banks and other financial institutions in 30 nations could make it one of the largest bank thefts ever — and one conducted without the usual signs of robbery.

Chris Dogged, the Kaspersky Lab business guy / Managing Director of North America, is cited in the article. Twice. A business person? I can only assume that he’s the best source of relevant information about the „Carbanak cybergang“. Thankfully, there’s another guy from Kaspersky cited: Sergey Golovanov, a principal researcher at Kaspersky Lab.

Published in the New York Times, online on a weekday and in print on saturday – high circulation! Nice job! Good PR! I’m quite sure that Golovanov will hear this on Monday when he gives his talk about „The Billion Dollar APT“ on the Kaspersky „Security Analyst Summit“.

Even better: Die Welt*, N24, Zeit, Spiegel, heise, Golem…. big ones here in Germany cover the story! The German press department of Kaspersky puts its press release out on a Sunday. It contains even this (english) infographic which shows IT-guys where to look for „Carbarnak“.  The german press release says that the attacks are ongoing! At least German banking guys know it timely! Hooray! Valuable Information! When the PR guys in this country work on the weekend, we can surely expect that from the guys looking after the IT-systems counting our money. Germany’s safe now.

But not every country. A Sunday, really the best time to reach awareness online? Not everyone at Kaspersky maybe thinks so: Kaspersky’s French „Contact pour la Presse“ did not publish the PR and the information on how to detect Cabernak on Sunday. They’re in good company: Spain, Portugal, Italy, UK, Sweden – no PR / infographic. Besides Germany, only the Netherlands have the piece about the „Grootste bankroof“.

Insecurity by obscurity

If Kaspersky (at least in Germany) has an infographics ready that provides relevant information to stop ongoing attacks that already caused a billion dollar loss (and an article about this incident has already been pushed via Kaspersky’s publication partner), it’s not ok that this seemingly valuable information is not published immediately by Kaspersky on its global site. However if it’s only a PR stunt, than it’s not OK to make readers belief it’s urgent.

The New York Times neither bought that it’s a matter of urgency nor that a billion dollar were stolen. And I personally don’t buy two or three things in the German PR release. At best, they were only poorly translated.

I hope a video of Golovanov’s talk will be put online. The article from 2014 by Mikhail Prokhorenko about virtual bank heists was quite mouth-watering.

* I work at the product department of „Die Welt“ / N24. We use products from Kaspersky. I like them.