It Security in the Financial Sector

IT security in the Financial Sector

As we move ahead from a busy May, which kept us all busy keeping ‘Wannacry’ at bay. We look back upon the world statistics of the attack and wonder if what measures we have implemented are holding the attackers back or it's pure luck. It is always a sigh of relief that the most dreaded call “We are hit!” from a team member was not received. However, there is something inside us, which silently keeps the fear alive of when we are going to be next.

Although there have been numerous articles on IT security we read day in and out, am sure the facts below would definitely raise a brow. As the global economy grows exponentially so does cyber-crime.

The Financial Services Sector is the most targeted sector by cyber criminals and will remain so.

Statistics of present attacks

Everyday 300,000 unique malicious objects… that’s right everyday

Cybercrime cost the world $ 400 - $500 billion per year. (*Lloyds Insurance and Juniper research)

The Bangladesh Bank heist:         Stolen -         $81 Million (4 orders)

Blocked because of typo (Fandation)- $870 Million ( 31 orders)

Could say the most expensive typo in human history.

The Carbanak attack:                $1 Billion. The most sophisticated attacked know until date, where 100’s of bank machines were infected and slowly the entire banks intelligence was harvested. Followed by mimicking the staff to transfer funds to fraudster accounts, E-payment systems, inflating accounts and finally ATM’s were made to dispense cash at a predetermined time.

[pic 1]

% of these on financial sector:

• 30% of all cyber-attacks happen on banks and this is increasing.
• After demonetization, there are a number of reports pointing to a surge in cybercrimes related to One Time Password (OTP) fraud, as well as sprouting of malicious mobile applications.
• Banks are targeted for their customer’s online credentials and internal networks for SWIFT transfer and ATM heist.

Modus operandi:

• Penetration test and Vulnerability test reports are the easiest ways to understand where the company is vulnerable and these reports are the most sought after in the dark net.
• LinkedIn profiles of IT team members usually broadcast what their primary area of responsibilities are and hackers can narrow down on them knowing exactly whom to target.
• USB pen drives containing malware are known to be thrown around parking lots of companies to be attacked; the employee gets the same to office and tries to check. Although the USB’s are usually blocked for all employees, it is a different story if an administrator who usually has access to the same finds the USB.
• Well known legitimate companies who are in software business usually distribute the updates through FTP. These are now known to be compromised and infected files are placed, which a customer thinks to be a legit download as from a trusted source.
• Mobile malware from Applications Store (Google Play)

Shift of attacks from Banking to Retail / Institutional Investors and Depositories.

The latest attacks are now seen on trading software, depositories and investment institutes as these are classified as big targets. Most of the trading software use Windows and once the malware has compromised security, it gains access to the trading software. (Buying and selling at will).

HFT (High frequency trading) robots are stolen and modified for market manipulations.