The financial services industry has been one of the most targeted in 2018, with third-party risks still the main cause of data breaches in this sector. Almost 50 percent of financial institutions were breached in the past year, found a survey conducted by Bitdefender, while almost 60 percent experienced an advanced persistent attack or seen signs of suspicious behavior in their infrastructure.
As many as 93 percent of companies in the Forbes Global 2000 list don’t include a vulnerability disclosure policy among top business concerns, according to HackerOne’s The Hacker-Powered Security Report 2018, a deep dive into bug bounty and vulnerability disclosure in the financial services and insurance industries.
Bitdefender has recently investigated a series of advanced cyberattacks aimed at financial institutions, designed to covertly exfiltrate massive amounts of money in coordinated strikes.
Businesses cannot come up with a mitigation strategy to efficiently detect, identify and manage insider threats, according to research from the Ponemon Institute, so they risk the loss of critical confidential data and resources, network shutdown and reputational damage. In the past year, 159 organizations from the United States, Canada, Europe, Middle East, Africa, and the Asia-Pacific region dealt with 3,269 security breaches caused by insider threats due to plain negligence.
The ease-of-exploit rating has made the financial sector a cybercrime magnet for years, especially for targeted extortion attacks. The industry has fallen victim to numerous security breaches, data exfiltration hacks, DDoS attacks taking down global online operations and disrupting services, and has lost millions to malware and ransomware attacks. So what’s next?
Ever since the first data breach notification law went into effect July 1, 2003 in California (SB 1386), there has been controversy surrounding what types of data being exposed should trigger data breach notifications, who should be notified, and how quickly they should be notified. In fact, it’s become somewhat of a mess.
It’s hard to believe but the conversation around how security fits in DevOps has been going on for years. It was in 2012 when Gartner analyst Neil MacDonald wrote his blog DevOps Needs to Become DevOpsSec. In this blog MacDonald wrote “DevOps seeks to bridge the development and operations divide through the establishment of a culture of trust and shared interest among individuals in these previously siloed organizations. However, this vision is incomplete without the incorporation of information security, which represents yet another silo in IT.”
A recent cyberattack on India’s City Union Bank abused the SWIFT global payments platform to transfer $2 million into accounts in Dubai, Turkey and China. While details of the cyberattack were not made public as the incident is still under investigation, officials claim hackers disabled the bank’s SWIFT-connected printer on Feb. 6, preventing City Union Bank from receiving any acknowledgement messages for the three fraudulent transactions.
In the past two years, cyberattacks on the financial sector have picked up speed. As companies in the sector struggle with the major shift toward digital transformation, some are caught off guard by the significant rise of malware designed specifically to target their sector, such as Dyre Trojan, Dridex, hybrid banking Trojan GozNym and TrickBot. Once the network is infiltrated, hackers can easily steal, read, alter and even erase top secret information.
In a report published by the U.S. Departments of Commerce and Homeland Security concluded what most security professionals have known for years: that botnets are a global threat, that technologies exist to mitigate the threats but aren’t widely used for multiple reasons, poor product security design and development, counter-productive market incentives, and low education and awareness across all market participants.
Fraudsters have moved from making a fast buck to crafting more ambitious, targeted attacks that produce long-term profits, according to an extensive analysis of real-world cybercrime attacks.
