Finding an effective weapon to thwart cyber-attacks
BY Aji Joseph
A few months ago, when cybercrime and extortion organization DD4BC, which stands for ‘DDoS for bitcoin,’ hacked into some of the U.K.’s leading banks and demanded ransom in bitcoins to avoid a total takedown of the system, it was just one in a long list of rising high profile cyber-attacks against financial services institutions.
According to a report by U.S. technology firm, Akamai, 58 percent of all DD4BC attacks globally target the financial services institutions. And these attacks can have a major financial impact, with banks receiving ransom demands ranging from anywhere between 25 bitcoins ($6,150) to 100 bitcoins ($25,000), to be paid within a stipulated deadline. Non-payment can result in a long-term impact for the attacked organization in terms of possible fraud and downtime-related costs as well as additional non-tangible losses of brand image, customer confidence and investor faith.
With a challenge of such magnitude facing the financial services sector, companies need to tighten up their IT and data systems with advanced defense and mitigation techniques to safeguard against becoming the next cyber-attack target.
Since financial institutions are required—by most country laws—to continuously store their customers’ personal data, this makes them a prime target for hackers and they are forever venerable to the next big attack. This is particularly the case with hackers becoming ever more sophisticated and new hacking tools being developed on an almost daily basis. Ensuring complete security is becoming almost a nightmarish ordeal for companies worldwide.
To combat this situation, financial institutions are doing everything from strengthening malicious malware detection capabilities to investing in employee training and education.
For example, U.S.-based JPMorgan Chase has steadily been ramping up its focus on internet and data security – evident in the size of its digital security team that currently staffs over 1,000 people. Further, it is also opening a new facility in the U.S. focused entirely on cyber security services. These efforts are a direct fallout of a major cyber-attack the company faced in August 2014, that affected 76 million households.
However, not all companies have the kind of resources that are at the disposal of JPMorgan, and with limited in-house expertise and bandwidth available to stave off these cyber threats, a lot of financial firms are turning towards outsourcing their IT security functions to specialized companies offering managed security services.
This approach is proving to be successful for a host of key reasons. To begin with, a managed service adds an extra protective layer on the company’s core assets and IT infrastructure. This allows for an early and timely detection of cyber-attacks on the firm’s network, before it impacts the core infrastructure. The managed services providers do this by diverting traffic away from the banks or financial institute’s website, cleansing it of any malicious activity, and re-routing it back to the original site.
Additionally, the outsourced security partners also ensure that sensitive financial, human resources, and customer credit card data is always strongly encrypted. Thus, in the event of a security breach, the compromised data cannot be easily, if at all, downloaded and reused.
However, despite these advantages, partnering with a specialized security services firm alone cannot guarantee a secure environment for financial institutions to operate online. There is still a lot of work that needs to be done to create a threat-free environment for all stakeholders in the ecosystem—including customers, financial institutions and governments.
To begin with, law enforcement and investigative functions need to be bolstered to act as a deterrent to the attackers. For example, it took over a year for the perpetrators of last year’s JPMorgan attack just to be identified—their conviction is still some time away. Such situations need to be addressed promptly in the future.
Further, since cyber-attacks know no geographic borders, greater international collaboration is needed to ensure that stringent vigilance and enforcing mechanisms are established that have a global remit without affording any safe havens to hackers. These, and similar other measures are needed to ensure that cyber criminals are brought to book in a timely manner.
However, until these initiatives are in place, all companies, especially those in the financial services sector, need to proactively install or outsource extensive defensive capabilities that can thwart their next big hack-attack, as well as, decrease the time needed to quickly and effectively respond to the adverse consequences arising from an attack.