According to them, the involvement of IT workers in leaks is indicated by unloading from access control systems, the presence of service fields in the merged tables, as well as the availability of a full backup with a large number of lines.
DeviceLock clarified that this type of theft accounted for only 2% of the total number of theft of user data from banks.
“Technological solutions to prevent leaks protect employees of business units from fraudulent actions, but not IT specialists, for example, with administrator authority,” said Ashot Hovhannisyan, Technical Director of DeviceLock.
According to him, proving the guilt of an IT department employee is an order of magnitude more complicated than a manager who sells data via Telegram, tied to a SIM card under his name.
Earlier, Sberbank of Russia spoke about the most popular schemes that scammers use to steal money from customer cards.