Financial services organizations recognize innovation, agility, and cost savings are absolutely vital to survive today’s evolving business landscape. For many, this means adopting cloud technologies to launch new products and services as well as develop self-service portals and mobile apps instantly connecting to existing back-end systems to improve their customers’ experience.
We live in an app-driven world, and people expect the same level of service from their local bank that they receive from Amazon.com.
The dark side of this innovation, however, is the increase in cyberthreats pervading the financial services landscape. According to a recent survey, employee, customer, and “soft” IP data (e.g. trademarks, copyright, design rights) are the top three targets of cyberattacks, but theft of hard intellectual property (e.g. patents) soared 183 percent in 2015.
Financial services organizations boosted their information security budgets by 14 percent in 2015, and 92 percent of those surveyed are implementing risk-based frameworks. However, the situation is progressing so rapidly that it can be hard to know where to invest.
The business dynamics specific to financial services don’t help, either. The financial services industry is one of the most prolific participants in mergers and acquisitions, which makes implementing standard security policies for newly integrated organizations a challenge. An increase in remote work capabilities means financial services companies must protect employees and maintain security policies outside the four walls of their own offices like never before. There is a disastrous talent shortage for cybersecurity professionals – a 500,000-professional shortfall in 2016 alone – which makes the fact that many financial services organizations are already juggling a disjointed patchwork of IT solutions even worse. To top it off, there are more advanced cyberthreats to financial services than ever before.
Hackers are targeting privileged account access, which provides powerful controls enabling them to move laterally to other systems faster and easier – and with little risk of detection – persisting for months or even years. Quick one-off attacks are no longer enough for these cyber criminals. Privileged account access would enable hackers to pull off multi-million dollar heists of banks like the one in Bangladesh earlier this year. A FBI report found at least 80 percent of all serious security incidents investigated include compromises and misused privileged accounts at some point during the attack. Here are the three ways hackers are trying to gain privileged account access:
- Malvertising: This is where online advertisements are used to spread malware. Victims are infected while conducting their normal Internet browsing (such as reading a trusted news source). The scary part is that malware can be downloaded without the user even clicking on the offending advertisement.
- Watering Holes: This isn’t your local bar. Attackers use specific industry-related websites to deliver malware. In the financial services world, this can include websites employees check frequently for financial or regulatory data.
- Phishing: A combination of spam and social engineering, these are emails appearing to be legitimate in an attempt to gather personal or financial information from the recipient. Let’s say your company’s chief executive just delivered a keynote at an industry conference. An attacker could send your boss an email claiming to have a video of the speech and to click on the link to view it. When the link doesn’t work, it directs the executive to update a driver appearing to be normal but in reality is loaded with malware.
In our work with financial services companies throughout the U.S., we’ve helped them prevent privileged account access from falling into the wrong hands with these four principles:
- Be proactive. Simply reacting to cyberattacks is no longer acceptable. With these intrusions increasing in frequency and scope, it’s important to continually monitor, test, and enhance capabilities in line with the ever-changing threat landscape.
- Expand your traditional view of risk management. Consider cyber-risk alongside traditional enterprise risks so you can more effectively make decisions surrounding risk management. In a recent study, 65 percent of financial services executives state cyber and IT risk have an increased impact on their businesses.
- Work with trusted cybersecurity experts. Connect your internal IT teams with outside expertise and cloud providers in order to provide a unified front against hackers. This also means increasing your willingness to share information regarding cyberthreats with governments and industry groups.
- Emphasize the human aspect of cybersecurity. Oftentimes we focus on the technology rather than the people behind it. Most breaches result from human error – be it through negligence or malicious intent. Implement programs to raise cybersecurity awareness, encourage proper procedures, and assign responsibility when individuals are at fault.
Visit our website to learn how US Cyber Vault monitors, protects, and secures your company and its data from cyberattacks by combining the industry’s strongest team of intelligence experts and technology.
Written by Rob LaMear, CEO, US Cyber Vault
Once a month we share where we will be speaking in the world as well as expert opinions on cyber security, data loss prevention, and information security that we like from the larger community. Receive our next issue by signing up here.