sb-au logo
Story image

Report finds major banks under assault from stealth attacks

29 May 2018

Despite significant investments in cybersecurity, financial institutions are still under fire from cyberattacks.

A new report from Carbon Black has found that cyberattacks in the financial services sector are increasing in sophistication to the point where they are now often undetectable, global, and instantaneous.

Carbon Black’s recent report collected responses from chief information security officers (CISOs) at 40 major financial institutions, including six of the top 10 global banks.

A number of staggering findings were revealed in ‘Modern bank heists: Cyberattacks and lateral movement in the financial sector’, including:

23 percent of respondents experienced counter incident response

“Cyber attacks have moved from burglary to home invasion over the past few years, and cyber criminals, aware that there are humans on the other end devised to detect and respond to their activities, are increasingly reacting and adapting to defenders’ response efforts,” says Carbon Black chief cybersecurity officer Tom Kellerman.

“This trend will continue unless organisations establish specific threat hunting teams. These threat hunters should employ both active measures (agents deployed to endpoints) as well as passive measures (netflow, packet capture appliances) to both anticipate and better defend their organisation’s weaknesses.”

90 percent were targeted by ransomware, while 8 percent experienced destructive attacks beyond ransomware

Kellerman says the overwhelming majority of CISOs experiencing ransomware attacks is undoubtedly a concerning statistic, but what is even more concerning is that one in ten encountered destructive attacks unrelated to ransomware, a trend that Carbon Black expects to continue as hackers become more punitive.

“From application attacks to fileless malware, destructive attacks enable cybercriminals to move freely and laterally within an organisation’s network and often go completely overlooked until it’s too late,” says Kellerman.

44 percent were concerned with the security posture of their technology service provider (TSP)

“TSPs are regularly targeted by cybercriminals, who have been slow to adopt ‘intrusion suppression’ technologies and thus have become the weak links in the financial sectors information supply chain,” says Kellerman.

“Biggest weaknesses include visibility and time to detection, resulting in cybercriminals ‘island hopping’. To solve for these weaknesses, TSPs must shift to the cloud to enable delivery of faster, more accurate protection.”

8 percent are seeing secondary command and control (C2)

According to Kellerman, breach detection systems are being overcome as attackers develop new methods to not only penetrate a system’s defences, but also to dwell a lot longer in an organisation’s environment through C2.

“This new stage in the cyber kill chain – what we call the ‘maintenance stage’ – gives no reason for attackers to ever leave once they infiltrate an organisation’s system,” says Kellerman.

“Cyber defence is evolving into a high-stakes game of digital chess, and this latest report offers clear evidence that the cybersecurity challenges facing financial institutions will only worsen. Taking a more proactive approach to defence through the establishment of a threat hunting and incident response team is imperative to stopping future attacks.”

Story image
Demystifying 'zero trust' and its role in cybersecurity
The principle of ‘zero trust’ in cybersecurity is simple: Trust nothing, and verify everything.More
Story image
Christmas tech gifts pose cybersecurity risks - ProofPoint
Fraudsters are targeting last-minute Christmas shoppers via email and hackers are targeting electronic devices that feature on many wish lists.More
Story image
As digital transformation grows in A/NZ companies, misconceptions about their role in cloud security abound
While an 81% majority of A/NZ organisations are accelerating their digital transformation, a giant 99% of surveyed respondents say they believe their cloud security provider provides enough protection, according to a Trend Micro study. More
Story image
New year, time to update your passwords
The most popular passwords of 2020 were easy-to-guess number combinations, such as 123456, the word password, qwerty, iloveyou, and other uncomplicated options.More
Story image
IronNet expands Asia Pacific presence with new strategic partnership
“The combination of M.Tech’s extensive network in Asia Pacific and our unparalleled expertise in threat intelligence and detection will help more enterprises across the region to proactively identify and take down known and unknown threats before they happen.”More
Story image
BackupAssist partners with Wasabi for greater cyber-resilience
This partnership provides customers with an up to 80% less expensive solution that is faster than the competition for achieving enterprise-grade cyber-resilience, the company states. More