posted on Jun, 20 2014 @ 01:36 PM
a reply to: greyhat
To clarify a little on the main/backup data centres, imagine it like a non-local encrypted RAID system. By law, at least in Canada anyway, banking
backup data centres have to be at least 60 miles away from the main data centre at head office just in case of nuclear war or other major catastrophe.
They use encrypted servers/clients at both ends to update data "on the fly" for the backup servers and use a private network that doesn't even
interface to the internet, meaning their own leased fiber optic cables.
Getting to the head office servers is difficult, but can be done through the ATMs and local bank network feed systems. It could be done by simply
adding a promiscuous server between the bank and head office then skimming data until you had the "local" keys to the kingdom or maybe by inserting
buffer overflow attacks but this kind of attack will be noticed quickly so the whole hack, crack and insert virus process would have to be automated
and operate within a second or two, that might work. But really that's probably not enough, more than likely now you would need physical
superuser/admin access at head office to get that virus in place from a local networked superuser/admin allowed machine or directly at the main data
But there is still another problem, you can possibly take control of the main servers, but in order to change the data, you have to do it in the main
data centre servers as well as the backup data centre servers, in sync and over time, it can't all be done at once or with too much data change or the
system halts. So, you would have to understand the system and use it against itself, over time, but even that sets off warning flags. A good hacker
might need a day or two going in "blind" to figure all this out and take intelligent control, but that is way too much time, they would be caught.
So the insertion of an automated control system would have to be implemented physically at the main head office servers and the data centre servers in
sync, however that is only good if one is running a "scorched" earth program.
This is purely examining the nature/security of main/backup data centres and I don't suggest anyone attempt this, so it's informational only.
Cheers - Dave
edit on 6/20.2014 by bobs_uruncle because: (no reason given)