Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .


Combating Cyber-Attacks Against the Financial Community


How Banks Can Maintain Information Security by Bolstering Internal Controls

Bala-VenBy Bala Venkatramani –
Marketing Manager
at ManageEngine Password Manager Pro

News media in the U.S. are abuzz with stories about cyber-attacks on top banks as financial institutions emerge as the prime targets of cyber-criminals. Reports suggest that since September 2012, cyber-attacks on bank networks have exploded.

Actually, banking and other financial institutions have always been a top target of hackers. During the past few years, renowned banking organizations across the globe have fallen prey to criminal hacks. Beyond huge financial losses, the victims suffer irreparable damage to their trust and credibility, the hallmarks of financial institutions.

The hackers’ predominant activities include spreading malware infections, syphoning of login credentials and denial of service attacks that disrupt service to legitimate users. The traditional security attack channels include viruses, key logger trojans and cross-site scripting. The Trojans monitor keystrokes, log them to a file and send them to remote attackers. Scripting, on the other hand, enables malicious attackers to inject client-side script into web pages viewed by other users and exploit the information to bypass access controls.

Evolving Attack Patterns

Perimeter security software and traffic analysis solutions help in combating traditional attack vectors. However, hackers are starting to change their modus operandi. Cyber-criminals are now siphoning off login credentials of employees and administrative passwords of IT resources, using techniques that include spam and phishing emails, keystroke loggers, and Remote Access Trojans (RAT).

Once the login credential of an employee or an administrative password of a sensitive IT resource is compromised, the institution is vulnerable. The criminal can initiate unauthorized wire transfers, view the transactions of customers, download customer information and/or carry out sabotage.

Another emerging threat is sabotage caused by the insiders at the financial institutions. Disgruntled staff, greedy techies and sacked employees have all been involved in cyber security incidents. Clearly, breaches of trust can occur anywhere, leading to grave consequences.

In internal and external attacks alike, unauthorized access and misuse of privileged passwords — the ‘keys to the kingdom’ — have emerged as the main activities. Administrative passwords, system default accounts and hard-coded credentials in scripts and applications have all become the prime targets of cyber-criminals.

Overlooking Privileged Passwords

While internal and external hackers are exploiting administrative passwords with increasing frequency, many financial institutions fail to recognize the importance of this crucial aspect of privileged password management. Passwords of enterprise IT resources are often stored in spreadsheets, text files, homegrown tools, papers or even in physical vaults. Yet these volatile sources are inherently insecure and do little to enhance data security or business reputation.

Passwords are further compromised in IT divisions that deal with thousands of privileged passwords, which are used in a ‘shared’ environment. This is a standard practice, which leaves a group of administrators to use a common privileged account to access a given resource.

Apart from the ‘officially shared’ passwords, users also tend to reveal administrative passwords to their colleagues, unofficially, for some reason or other. The most common reason for unofficial sharing of a password is to handle an emergency, e.g., an IT manager may reveal the password to a senior member when the manager is on vacation.

Developers, help desk technicians and even third-party vendors may require access to privileged passwords purely on a temporary basis. The passwords are often supplied via email or over the phone, both of which are highly insecure media. Worse, there is no process to revoke access and reset the password after the temporary usage, leaving an even bigger security hole.

Privileged password negligence often proves costly. Haphazard password management makes the enterprise a paradise for hackers inside and outside the financial organization. Many security breaches stem from inadequate password management policies, access restrictions and internal controls.

Tightening Internal Controls

Combating sophisticated cyber-attacks demands a multi-pronged strategy incorporating an exhaustive set of activities. Financial institutions need to deploy security devices, enforce security policies, control access to resources, monitor events, analyze logs, detect vulnerabilities, manage patches, track changes, ensure compliance and monitor traffic among other activities.

Of all the combat measures, bolstering internal controls holds special significance in light of the recent attack trends. Access to IT resources should strictly be based on job roles and responsibilities. But access restrictions alone are not enough and must be supplemented with clear-cut trails that reveal ‘who’ accessed ‘what’ and ‘when.’ Likewise, password sharing should be regulated, and a well-established workflow should be in place for release of passwords of sensitive resources. Standard password management policies, including usage of strong passwords and frequent rotation should be enforced.

One of the effective ways to bolster internal controls is automating the entire lifecycle of privileged access management and systematically enforcing best practices. Privileged password managers like ManageEngine’s Password Manager Pro replace manual practices and automatically assist with securely storing privileged identities in a central vault, selectively sharing passwords, enforcing policies and above all, restricting access to and establishing total control over privileged identities. Enterprise-class password managers offer advanced protection of IT resources by helping establish access controls to IT infrastructure, and seamlessly video recording and monitoring all user actions during privileged sessions, providing complete visibility on privileged access.

Bolstering internal controls as detailed above will ensure that privileged identities will not be compromised — even if a hacker manages to penetrate the perimeter. Similarly, the threats due to attacks by malicious insiders are greatly mitigated.

Staying Vigilant

Once internal controls have been tightened, financial institutions must remain vigilant and keep an eye on activities going on inside and around them. Logs from critical systems carry vital information that could prove effective in preventing security incidents. For instance, monitoring activities like user logons, failed logins, password access, password changes, attempts to delete records and other suspicious activities could help identify hacking attempts, malicious attacks, DoS attacks, policy violations and other incidents. Monitoring network activity to establish real-time situational awareness is essential to enterprise security.

Of course, not all security incidents can be prevented or avoided. Nor can privileged password management thwart all cyber security incidents. However, too many security incidents occur as a result of lax internal controls — poor password management, in particular — and those violations can certainly be prevented. It’s time for IT organizations to take the bull’s eye off of the financial community networks and data and enforce some enterprise-class password protection.

ManageEngine is exhibiting at Infosecurity Europe 2012, the No. 1 industry event in Europe held on 24th – 26th April 2012 at the prestigious venue of Earl’s Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise. For further information please visit



Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post