UK bankers fear cyber attacks more than a faltering economy or political interference. These bankers should be worried as the attempted hack at the end of January on HSBC confirms that financial institutions are at continuous risk.
Cyber crime is evolving at a blistering rate and is, as a result, becoming increasingly sophisticated. Its clear that financial institutions are struggling to sew together legacy banking systems, with new digital channels making themselves an easy target. The weaknesses that exist within their networks are being exposed by criminals who are combining the simplicity of daylight robbery with the malware and hacking techniques that have been born out of modern technology.
In addition, the surge in mobile banking within the financial services industry has added further vulnerability to the sector as hackers have access to a slew of new attack vectors. Highly sought customer and business data can be retrieved through sophisticated botnets and other ‘backdoor’ cyber threats.
Given the strategic importance of the financial sector, any large-scale cyber attack represents a serious threat to the larger economy and may have a significant impact on how it performs on a wider platform. Cyber security, therefore, has a key role to play in this sector and must be implemented appropriately and without fault.
A strong budget does not equal strong defences
Knowing they’re a target, many financial institutions have hefty security budgets designed to build a strong defence. Yet too often they rely on tools like firewalls, sandboxing, email scanning and web controls to protect the fortress walls. As the threat from cyber crime continues to intensify, these solutions, even with a good log management strategy, are no longer enough to stop cyber criminals in their tracks. More security solutions won’t lead to better detection as criminals are still able to find the holes in an organisation’s defence and exploit them.
For example, ATMs have previously emerged as a popular point of entry with jackspotting becoming common practice. The security systems protecting ATMs are often outdated and surveillance tends to be lower as the machines are often located away from the physical bank. Attackers are able to physically open the ATM’s case, insert a USB loaded with malware, install it and then reboot the system. Malware then takes control of the cash-dispensing function and will make the system hand out cash in mass quantities.
The Bank of England lays down the law
Last year in big businesses have found their networks compromised by attackers looking to steal extremely sensitive financial information and intellectual property. Unsurprisingly, concerns about a cyber security onslaught on the UK’s financial system have intensified. In response, the Bank of England is including cyber attack scenarios in its annual stress testing exercise for UK banks. In addition, financial institutions will be required to fulfil specific security measures and notify regulators about specific cyber incidents after European MEPs reached an agreement on the first cyber security rules for the European Union (EU), the Network Information Security (NIS) directive.
Fighting fire with fire
To build effective governance strategies and ensure financial institutions can quickly recover if attacked, organisations need to beat cyber criminals at their own game - responding to any threats at machine speed.
Understanding the environment is the first step to having a single view of where sensitive information lives and knowing which operating systems have the highest criticality, value and importance. An active behaviour-based technology that monitors both the endpoint and network and correlates the activity is also important to gain increased visibility into the threat activity within an environment. Only then is it possible to develop a process to identify serious threats and ensure the response matches the speed at which attacks are being generated.
Criminals are now lurking in the shadows waiting to ambush institutions with a number of tactics at their disposal. While they are adopting a stealthier approach, attacks remain explosive and fast.
In 2016, no financial institution is safe from cyber warfare. Everyone from big banks to lenders, payment systems, clearing houses and security exchanges is a target. In order to protect valuable assets, every financial institution needs to assume a state of continuous compromise. In order to counter the barrage of cyber attacks, the focus needs to move to adopting an adaptive security framework. One that not only detects, but responds and remediates at machine speed.