Examples of corporate account takeover attacks occasionally make their way to the courts, where the full detail of the attack can be discovered. For example, the Patco Construction Company sued Ocean Bank after Patco’s computers became infected with malware, allowing fraudsters to make six wire transfers amounting to more than $588,000 using the Automated Clearing House (ACH) transfer system. Only $243,000 of the stolen money was recovered.
Patterns of cyber incidents over the recent period are pretty conclusive: the danger of CATO attacks is an evolving one. Over the past years, major enterprises across several industries have left open vulnerabilities to account takeover.
A landmark case of a CATO attack occurred in back in 2011, when the Maine-based firm Patco Construction sued Ocean Bank for negligent security practices. According to the claim, Ocean’s lax authentication protocols allowed attackers to obtain login credentials of senior Patco employees. This in turn granted them authorization to transfer over half a million dollars from Patco’s accounts.
Almost four years after the Patco – Ocean lawsuit, the case of the BancorpSouth fraud erupted in the news. BancorpSouth’s corporate client Choice Escrow and Land Title (LLC) had $440,000 stolen from their accounts after hackers obtained the login data of Choice’s executives. In this case, a federal court placed the blame on the fraud victim, stating that Choice had not done enough to secure its own authentication details.
Despite years of instances of corporate account hijacking, the world of IT is still largely exposed to the threat of CATO. Last month, Indian researchers discovered a series of vulnerabilities in multiple Microsoft applications, including Office 365 and Outlook. The flaws allowed hackers to trick accounts into forwarding them authentication details. As analysts at TechCrunch put it, “anyone’s Office account […] could have been easily accessed by a malicious attacker, and it would have been near-impossible to discern from a legitimate user.”