We recently had the chance to hear a presentation by the chief information security officer of a leading financial services firm, which gave a number of valuable insights into today’s top security challenges.
To set the stage, the speaker shared recent cyber attacks that may not have caught an individual’s attention but definitely made financial institutions aware that cyber attacks and data breaches were very real threats. In December 2012, the NSA discovered that the Iranian government was sponsoring distributed denial of service (DDOS) attacks against the NASDAQ, other financial markets, and specific financial services firms in Manhattan. These attacks became so severe that the NASDAQ did not trade for several days in January 2013.
What made it worse was the fact the industry could not respond. “If Iran had been firing Hellfire missiles into lower Manhattan, we would have had a strong response,” said the speaker. “But because they were using ‘cyber bullets,’ there was nothing we could do because the U.S. doesn’t have an official policy to deter cyberattacks.”
Three sources of cyber attack threats that all financial institutions need to be concerned with:
The CISO then spent a good portion of her presentation describing the current cyber security threats that are affecting all financial services firms, and therefore, concerning to consumers that use their products or services.
North Korea is currently facing staunch international sanctions, has virtually no domestic economy, and is attempting to fund an extremely expensive missile program. All of these factors are pushing them to pursue a number of strategies to accomplish a national imperative: to fund their country.
One way to do this is to attempt to hack into banks and try to bring money back into the country. Some estimates show that there could be up to 7,000 North Koreans doing this on a full-time basis (likely motivated to avoid labor camps). Additionally, the government starts evaluating children at the age of 11 to find the next generation of talented hackers.
They have been successful, too as evidenced by the prominent examples of the Bank of Bangladesh, and in Turkey, Russia, Malaysia, Nepal, Taiwan, Mexico, and other countries.
While North Korea was the most concerning to the speaker, other countries still remain active players in cyber attack threats, including China, Russia, and Iran.
Cyber criminal syndicates
Hackers for hire
Equally as sophisticated are cyber criminal syndicates. These types of attackers are criminals who fit the same mold as the North Korean hackers but could work for any government. By day, they may work in the government’s cyber program, but during their off time, they can use these new skills to become hired hackers for a larger criminal syndicate.
These hackers for hire can also form larger groups. For example, there is currently a group called Moneytakers in Russia that has successfully hacked into 20 regional banks in the U.S. in the last 18 months alone.
Hacktivists, those groups that use cyber crime to promote a social or political cause, are also a troubling source of cyber attack threats. For example, the hacktivist group Anonymous has been running a special campaign, dubbed “Operation Icarus” that is focused on destabilizing the global financial economy in order to punish banks for Anonymous’ belief that they are responsible for economic inequality and recession. They are attempting to do this by conducting targeted DDOS attacks against central banks all over the world.
While many U.S. financial services firms are currently not under attack by these types of hacktivists, the CISO pointed out that they’re not far away. Two of the largest Canadian banks, which are currently funding the transcontinental natural gas and oil pipeline projects so opposed by environmentalist groups, report that they are under attack from these types of cyber security threats each and every day.
We should all be concerned about the rise in fraudsters, a type of hacker who may buy millions of breached credentials and PII data on the Dark Web and try to use them to gain access to a bank or other financial service company.
Malware is a well-known method used by hackers. However, new malware software is emerging that is specifically designed to target mobile devices. One example is Marcher, a very sophisticated program that first presents itself as a solitaire game to encourage users to download it. As part of the install process, it requests admin privileges, so when a mobile banking app is opened, the malware can capture the username and password.
This is all scary stuff, but don’t worry. The speaker did offer a number of strategies and best practices companies and individuals can follow to improve security and safeguard their personal information against these sources of cyber attacks. Stay tuned for our second blog in this series to learn more.
CSPI: Your Security Solution for Cyber Attack Threats
At CSPi we know just how important it is to protect critical data, enterprise-wide – no matter where it is stored, used or accessed. Our award-winning security solutions, including ARIA™ SDS and Myricom® nVoy Series, are uniquely fit to address the challenges of cyber attacks and data breaches. In addition, these solutions simplify securing highly flexible DevOps environments, as well as help organizations meet today’s stringent data privacy requirements by facilitating the ability to encrypt application data, conduct timely breach analysis, and obtain highly detailed breach impact reporting, and thereby avoid compliance fines if such data is breached.