SINGAPORE: According to cybersecurity solutions provider Check Point Software Technologies, the financial sector currently faces a total of cyber threats from three main areas, namely: The SWIFT network, consumer banking malware, and information theft.
In its recently-published 2018 Security Report, Check Point uses Far Eastern International Bank’s Oct 2017 US$60 million ($78.7 million) cyber theft as a prime example of how proprietary banking systems are still vulnerable to SWIFT attacks.
To stay protected against the exploitation of SWIFT networks, the firm recommends that financial institutions implement not only standard security measures, but also “cutting-edge protections which will deter even the most sophisticated attacker”.
For example, in Far Eastern’s case, the Taiwanese bank could have provided full visibility by monitoring and recording all endpoint events – including files affected, processes launched, system registry changes and network activity.
“A solution should be in place that traces and reports the steps taken by malware and that blocks a perpetrator’s attempt to hide their tracks,” says Check Point.
The good news is that banks have now implemented many measures to detect and prevent attacks on their customers’ accounts, such that the number of banking malware has declined.
Check Point however believes this trend has led to malware developers turning their attention to easier targets such as the consumers themselves to avoid the strict defenses of banks.
“As thieves no longer need to break into a bank account itself in order to acquire the victim’s money, this has resulted in a direct increase in ransomware attacks. In this way it is enough to simply hold a victim’s computer for ransom and extort their money from them,” explains Check Point.
To that end, it suggests that financial organisations put sophisticated measures in place to block both known and unknown threats. A threat extraction and emulation system, for instance, would consolidate monitoring, logging, reporting, and event analysis to correlate data and give actionable attack information, and therefore save valuable time for an IT security team.
It is also important to note that theft is not only limited to money, but also the information that banks and credit agencies hold – although attackers are increasingly becoming discouraged as security monitoring and controls tighten, in Check Point’s view.
“Financial institutions should understand that protecting their customers’ data in the cloud is a shared responsibility between themselves and their cloud service provider,” emphasises the firm.
“As part of that responsibility, financial organisations should ensure they patch all known vulnerabilities immediately as well as have comprehensive cloud threat prevention solutions implemented that offer zero-day protection and agile and automated delivery management that is scalable to their needs.”
News Source: Link