By Anthony Giandomenico, Senior Security Strategist and Researcher, FortiGuard Labs
The phrase “all roads lead to Rome” was used as early as the 1100s to refer to the ancient Roman highway system where all roads across the empire radiated from the capital.
The same concept holds true for cybercrime and the Financial Services industry. At the end of the day, regardless of who the ultimate victim of a cyberattack is, the end goal of most cyber events continues to be financial gain. And capitalizing on the theft of information, whether credit card or banking data or the selling of PII on the dark web, ultimately involves taking advantage of someone or some organization associated with the Financial Services sector.
Cybercriminals increasingly target online banking and mobile apps
According to a recent Threat Landscape Report, over one-quarter of organizations experienced a mobile malware attack in Q3 of 2018, with the vast majority of those attacks targeting or originating from devices running the Android operating system. In fact, of all the threats organizations faced last quarter from all attack vectors, 14% were Android related. By comparison, only .000311% of threats were targeted to Apple iOS.
Exploits targeting banking apps on mobile devices, for example, are a significant part of this growing threat trend that must be addressed. Compromising mobile devices not only allows attackers to steal data stored on that device, but can be used to collect personal banking information using phishing apps, intercept data moving between a user and his or her online bank, and monitor financial transactions when purchasing goods or services online. The Android. banker. A2f8a malware, for example, targeted more than 200 different banking apps to steal login credentials, hijack SMSs, and upload contact lists and other data onto a malicious server. It also displayed an overlay screen on top of legitimate apps to capture additional information.
These apps aren’t just being downloaded from risky sites. Between August and October of this year, 29 banking Trojans masquerading as legitimate apps were removed from the Google Play store, but only after they had been installed by over 30,000 users. But even that is only part of the exposure. Compromised devices are also becoming a gateway through which the larger financial services network can be exploited.
Additional threat trends the financial sector needs to follow
In addition to mobile threats, we have documented three additional attack strategies over the third quarter of 2018 that financial security teams need to be paying special attention to:
Cryptojacking has become a gateway for other attacks. In many industries, including financial services, cryptojacking has leapfrogged ransomware as the malware of choice. While ransomware continues to be a serious concern for financial networks, the number of unique cryptojacking signatures nearly doubled in the past year, while the number of platforms compromised by cryptojacking jumped 38%. Perpetrators include advanced attackers using customized malware, as well as “as-a-service”options available on the dark web for novice criminals. Although cryptojacking is often considered to be a nuisance threat that only hijacks unused CPU cycles, a growing number of new attack techniques include disabling essential security functions on devices, thereby enabling cryptojacking to actually become a gateway for additional attacks.
Encrypted Traffic Reaches a New Threshold.While encrypted traffic has always been a staple of financial organizations, it now represents an unprecedented 72% of all network traffic, up from 55% just one year ago. While encryption can certainly help protect data and transactions, it also represents a challenge for traditional security solutions. The critical firewall and IPS performance limitations of most legacy security solutions continue to limit the ability of organizations to inspect encrypted data at network speeds. As a result, rather than attempting to slow down time-sensitive financial transactions, a growing percentage of this traffic is simply not being adequately analyzed for malicious activity, making it an ideal mechanism for criminals to spread malware or exfiltrate data.
Botnets are getting smarter. The number of days that a botnet infection was able to persist inside an organization increased 34% during Q3, rising from 7.6 to 10.2 days, indicating that botnets are becoming more sophisticated, difficult to detect, and harder to remove. This is also the result of many organizations still failing to practice good cyber hygiene, including patching and updating vulnerable devices, protecting IoT and other devices that can’t be directly hardened, and thoroughly scrubbing a network after an attack has been detected. The importance of consistent security hygiene remains vital to addressing the total scope of these attacks as many botnets can go dormant upon detection, only to return after normal business operations have resumed if the root cause or “patient zero” has not been rooted out.
Addressing the Challenge
The challenge facing many financial organizations is that new digital transformation efforts have spread security resources thin, restricting visibility and fragmenting the controls of many IT teams. Addressing these latest attack vectors includes:
- Beginning your security transformation.Digital transformation requires an equivalent security transformation effort. This includes shifting from point security products, manual security management, and reactive security to a strategy where different security elements are integrated into a single system, security workflows can span multiple network ecosystems, threat-intelligence is centrally collected and correlated, and threat detection and response is automated and uniform.
- As the speed of threats rapidly increases, the time windows for prevention, detection, and remediation continue to shrink. Rapid response times are crucial, which makes the implementation of truly expansive and integrated security automation essential, from data collection to coordinated responses to threats. To do this, organizations need to implement an integrated security platform where each element is designed to communicate with all the others in real time.
- Identifying and trackingall mobile and IoT devices. One essential approach to combatting things like cryptojacking involves maintaining a comprehensive inventory of devices (especially the mobile devices of end users) through third-generation network access controls and then baselining their behavior. With this information in hand, you’re able to monitor for aberrant behavior that may reflect cryptojacking and other malicious activity.
- Securingany customers that use mobile banking apps.One recent analysis found that nearly a third of businesses around the globe used a mobile device to access a corporate bank account or facilitate a corporate transaction – a trend that researchers said is “certain” to continue. To protect these customers, start by educating them about your legitimate banking applications. This includes constantly reminding them of what sorts of information you will – and won’t – ask for, such as online “password validation” or “account validation” techniques used by phishers and scammers.
In addition, some major banks have begun adding things like biometrics to their applications to protect consumers and better secure data and transactions. In addition, organizations should regularly scan the internet for fraudulent applications, warn consumers when they are found, and apply pressure on application stores to remove them from their inventories.
Cybersecurity challenges continue to grow, and financial institutions– especially those in the midst of digital transformation efforts – are being highly targeted by cybercriminals. Commercial Banks, Credit Unions, Stock Brokerage Firms, Asset Management Firms, and Insurance Companies that support digital transactions through mobile apps are increasingly being targeted and exploited by malicious criminals. At the same time, they are suffering the same challenges of other organizations, including figuring out how to inspect and secure the growing volume of encrypted traffic, battling the persistence of botnets, and addressing new malware trends such as cryptojacking.
To successfully address today’s challenges, the security teams of financial services organizations need to rethink their strategy, from automating their security hygiene measures to replacing isolated security devices with an integrated security fabric architecture that can seamlessly span the growing attack surface.
About the author:
Anthony Giandomenico is an experienced Information Security Executive, Evangelist, Entrepreneur and Mentor with over 20 years of experience. In his current position at Fortinet he is focused on delivering knowledge, tools and methodologies to properly demonstrate advanced threat concept and defense strategy using a practical approach to security. Anthony works closely with FortiGuard Labs and Fortinet System Engineering to respond to advanced threats as they break – and proactively plan beforehand.
Japan’s jobless rate seen up in January due to COVID-19 emergency measures – Reuters poll
TOKYO (Reuters) – Japan’s jobless rate is expected to have edged up in January as service industry businesses suffered renewed restrictions on movement to fight spread of the coronavirus in some areas, including Tokyo, a Reuters poll of economists showed on Friday.
While industrial production activity picked up in Japan, emergency curbs rolled out last month such as asking restaurants to close early and suspending the national travel campaign hurt the jobs market, analysts said.
The nation’s unemployment rate likely rose 3.0% in January, up from 2.9% in December, the poll of 15 economists found.
The jobs-to-applicants ratio, a gauge of the availability of jobs, was seen at 1.06 in January, unchanged from December, but stayed near September’s seven-year low of 1.03, the poll showed.
“As the impact from the coronavirus pandemic prolongs, it is hard for firms, especially the service sector, to expect their business profits to improve,” said Yusuke Shimoda, senior economist at Japan Research Institute.
“So, their willingness to hire employees appear to be subdued and it is difficult to see the jobs market recovering soon.”
Some analysts also said the government’s steps to support employment and existing labour shortages will likely prevent the jobless rate from worsening sharply.
The government will announce the labour market data at 8:30 a.m. Japan time on Tuesday (2330 GMT Monday).
Analysts expect the economy to contract in the current quarter due to the emergency measures to counter the spread of the disease.
(Reporting by Kaori Kaneko; Editing by Simon Cameron-Moore)
China’s economy could grow 8-9% this year from low base in 2020 – central bank adviser
BEIJING (Reuters) – China’s gross domestic product (GDP) could expand 8-9% in 2021 as it continues to rebound from the COVID-19 pandemic, Liu Shijin, a policy adviser to the People’s Bank of China, said on Friday.
This speed of recovery would not mean China has returned to a “high-growth” period, said Liu, as it would be from a low base in 2020, when China’s economy grew 2.3%.
Analysts from HSBC this week forecast that China would grow 8.5% this year, leading the global economic recovery from the pandemic.
If 2020 and 2021’s average GDP growth is around 5%, this would be a “not bad” outcome, said Liu, speaking at an online conference.
China is set to release a government work report on March 5 which typically includes a GDP growth target for the year.
Last year’s report did not include one due to uncertainties caused by the coronavirus. Reuters previously reported that 2021’s report will also not set a target.
(Reporting by Gabriel Crossley and Muyu Xu; Editing by Sam Holmes and Ana Nicolaci da Costa)
Japan’s January factory output rises for first time in three months, retail sales drop
By Daniel Leussink
TOKYO (Reuters) – Japan’s industrial output rose for the first time in three months in January thanks to a pickup in global demand, in a welcome sign for an economy still looking to shake off the drag of the coronavirus pandemic.
But retail sales, a key gauge of consumer spending, posted their second straight month of declines in January as emergency measures taken in response to the pandemic hit consumption.
Official data released on Friday showed factory output advanced 4.2% in January, boosted by sharp rises in production of electronic parts and general-purpose machinery, as well as a smaller increase in car output.
“Manufacturers will continue to increase output over the near term as long as there won’t be any big shock,” said Taro Saito, executive research fellow at NLI Research Institute.
While economic growth will likely be negative in the first quarter, the strength in manufacturing would offset the negative impact of a state of emergency at home, which is mainly affecting the services sector, he said.
The rise in output, which followed a 1.0% fall the previous month, was largely in line with a 4.0% gain forecast in a Reuters poll of economists. Manufacturers surveyed by the Ministry of Economy, Trade and Industry (METI) expect output to grow 2.1% in February, followed by a 6.1% decline in March.
The government kept its assessment of industrial production unchanged, saying it was picking up.
Factory output fell in November and December as a rebound in car production ended on sagging global demand, but since then strong demand for tech-making equipment and electronic goods has helped turn the tide.
Still, some analysts worry that Japan’s economic recovery will remain hobbled by weaker conditions at home and as lockdown measures taken around the world to contain the COVID-19 crisis, particularly in Europe, weigh.
The government also released data on Friday showing retail sales fell 2.4% in January compared with the same month a year earlier, in a sign households tightened their purse strings as the coronavirus staged a resurgence.
The fall, which was in line with a 2.6% drop seen by economists in a Reuters poll, was largely due to sharp contractions in general merchandise and fabrics apparel spending. It followed a 0.2% fall in December.
Compared to a month earlier, retail sales in January fell 0.5% on a seasonally adjusted basis for the third straight month of declines. But the pace of decline was slower than in the previous two months.
“We think consumer spending will only fall around 1% quarter-on-quarter this quarter,” said Tom Learmouth, Japan economist at Capital Economics.
“We expect it to rise fairly strongly over the coming quarters as the recovery resumes and is soon given a shot in the arm by vaccines,” he added.
(Reporting by Daniel Leussink; Editing by Sam Holmes and Richard Pullin)
Bitcoin slumps 6%, heads for worst week since March
By Ritvik Carvalho LONDON (Reuters) – Bitcoin fell over 6% on Friday to its lowest in two weeks as a...
Stock markets roiled by global bond whiplash
By Tom Arnold and Wayne Cole LONDON (Reuters) – Global stocks fell on Friday, with Asian shares down by the...
British insurer RSA profit rises ahead of takeover
LONDON (Reuters) – British insurer RSA’s 2020 operating profit rose 15% to 751 million pounds ($1.05 billion), it said on...
Britain’s Sainsbury’s gives staff third pandemic bonus
LONDON (Reuters) – Britain’s second largest supermarket group Sainsbury’s will award its staff a third bonus for their efforts during...
China’s Ant to boost consumer finance unit capital as it restructures micro-lending – sources
By Julie Zhu HONG KONG (Reuters) – China’s Ant Group is in talks with other shareholders in its new consumer...