Large banks, such as Sberbank, VTB, UniCredit and Otkritie, began to introduce direct bans on photographing computer screens using personal mobile devices. Restrictions are fixed in regulatory documents or contracts.
The reason for this was the previously mentioned problem of insider information leaks in Russian companies. Sberbank deputy chairman Stanislav Kuznetsov spoke about combating them at the international cybersecurity congress. Also such actions were discussed by the Board of UniCredit Mikhail Alekseev and the representatives of the Bank Otkritie and VTB.
Sergey Nikitin, the deputy head of the Group-IB computer forensics lab, explained that the attackers place an ad on a darknet with orders for “breaking through” in order to get information about the card balance, operations on it, etc. The cost of such data varies from 800 to 8 thousand rubles, depending on the service and the bank. The ban on photographing the screen is designed to help with this problem.
“Naturally, everyone is informed that this cannot be done, and we react to it very negatively,” said Mikhail Alekseev.
Vladimir Zhuravlev said that the sanctions for photographing in order to transfer information to fraudsters are “the toughest”. In the Otkritie Bank, the ban concerns photo and video shooting of monitor screens, official documents, presentations and customer data. In addition, employees are not allowed to keep audio recording of service talks on personal mobile devices and other equipment.
Stanislav Kuznetsov also noted that employees convicted of this immediately dismissed. If it was possible to transfer the data to third parties, the materials are immediately sent to law enforcement agencies.