Financial services: assume a state of continuous compromise!

By Kane Hardy | 26 January 2016

It seems obvious that financial institutions are a ripe target of attack. At a time when cyber crime is becoming increasingly sophisticated, financial institutions are struggling to sow together legacy banking systems with new digital channels. This comes at a time when the rise of mobile banking and other innovations within the financial services industry has provided hackers with access to a slew of new attack vectors. Ones that can be used to steal customer and business data through sophisticated botnets and other threats.

The weaknesses that exist within networks are being exposed by criminals that are combining the simplicity of daylight robbery with the malware and hacking techniques that have been born out of modern technology. As a result, it’s no surprise that PricewaterhouseCoopers’ (PwC) recent Banking Banana Skins survey revealed that UK bankers fear cyber attacks more than a faltering economy or political interference. The strategic importance of the financial sector means any large-scale cyber attack represents a serious threat to the larger economy and may have a significant impact on how it performs.

Less is more?

Knowing they’re a target, many financial institutions have hefty security budgets designed to build a strong defence. Yet, to often they rely on tools like firewalls, email scanning and web controls to protect the fortress walls. As the threat from cyber crime continues to intensify, these solutions are no longer enough to stop cyber criminals in their tracks. More security solutions won’t lead to better detection as criminals are still able to find the holes in an organisation’s defence and exploit them.

For example, ATMs have previously emerged as a popular point of entry with jackspotting becoming common practice. The security systems protecting ATMs are often outdated and surveillance tends to be lower as the machines are often located away from the physical bank. Attackers are able to physically open the ATM’s case, insert a USB loaded with malware, install it and then reboot the system. Malware then takes control of the cash-dispensing function and will make the system hand out cash in mass quantities.

The regulatory effect

After a year in which several big businesses have found their networks compromised by attackers looking to steal extremely sensitive financial information and intellectual property, concerns about a cyber security onslaught on the UK’s financial system have intensified.In response, the Bank of England is including cyber attack scenarios in its annual stress testing exercise for UK banks. In addition, financial institutions will be required to fulfil specific security measures and notify regulators about specific cyber incidents after European MEPs reached an agreement on the first cyber security rules for the European Union (EU), the Network Information Security (NIS) directive.

Building adaptive security architectures

To build effective governance strategies and ensure financial institutions can quickly recover if attacked, organisations need to beat cyber criminals at their own game - responding to any threats at machine speed. Understanding the environment is the first step to having a single view of where sensitive information lives and knowing which operating systems have the highest criticality, value and importance. Behaviour-based technology that monitors both the endpoint and network and correlates the activity is also important to gain increased visibility into the threat activity within an environment. Only then is it possible to develop a process to identify serious threats and ensure the response matches the speed at which attacks are being generated.

Ultimately, the days when bank robberies consisted of masked men rushing into a bank and raiding cash drawers as part of an armed heist are long gone. Today’s criminals are going undercover and using the dark web to launch an avalanche of attacks with all of the weapons in their arsenal. However, whilst they are adopting a much stealthier approach, the warfare is just as explosive and fast. In this new age, everyone from big banks to lenders, payment systems, clearing houses and security exchanges is a target. To remain on the safe side, every financial institution needs to assume a state of continuous compromise and focus on creating adaptive security architectures that continuously detect and respond to new threats. 

By Kane Hardy, VP of EMEA, Hexis Cyber Solutions.

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development