Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.
Category: Technology

Keyboard and Mouse are the new Bonnie and Clyde: How Can Banks Stop Today’s Cyber Criminals?

Keyboard and Mouse are the new Bonnie and Clyde: How Can Banks Stop Today’s Cyber Criminals?

By Adi Ashkenazy, VP Product at XM Cyber

If you thought the days of the Wild West were over, one look at the banking industry may change your mind. We may no longer see masked gunmen storming into local bank branches and demanding everything in the safe, but banks are still being robbed blind on a regular basis. The only difference is that the crimes are happening digitally. From the SWIFT hack to the recent attack on India’s Cosmos Bank, financial institutions are losing millions to cybercriminals.

Today’s criminals have it easy; digital theft is a lot safer than going into a bank guns blazing.

It’s also much harder for banks to keep up with all the new cyber-attack vectors, as well as the tools needed to prevent a robbery from succeeding.

Hackers are constantly finding new ways to get through the defenses of banks, whether they’re large ones or local community branches. These aren’t just brute force attacks either; they often mask themselves by employing legitimate tools and impersonating real user behavior. In the case of the SWIFT hack, according to a police report, the assailants “spent several months inside the network of one customer, preparing for the eventual attack by stealing user credentials and monitoring the bank’s operations using software that recorded computer keystrokes and screenshots.” Clearly, this isn’t some sort of smash and grab that happens in seconds; it’s a process that takes months.

Fighting Back with Red and Blue Teams

In order to fight back, banks need to think like a hacker. Some have begun implementing red or blue team drills, wherein a so-called “red team” tries to penetrate a company’s network and move laterally to target assets, and a “blue team” is hired to defend it. However, these are generally implemented separately, without the groups interacting with each other. This leads to stagnant security, as neither teams are adapting to each other’s behavior. Sure, it’s important to know where your weaknesses are, but it’s just as important to know about the latest types of schemes that hackers might be using to break through your defenses.

To overcome this issue, some companies have been hiring red and blue teams to work against each other in real-time, exposing vulnerabilities in the existing security stack. This is called “purple teaming,” and is definitely a step in the right direction. However, while security experts are an invaluable part of your defense, they do not scale, and cannot manually cover the breadth of a modern enterprise network.

Automated Purple Teaming

But what if the purple team process was automated so that the bank’s security was constantly testing itself and evolving 24/7? This would combine the best aspects of penetration testing and proactive defense, while removing the downsides like cost and human error, and improving your organization’s cybersecurity posture.

The most appealing aspect of this approach is that it continuously identifies vulnerabilities in the bank’s network and suggests steps to plug up possible security gaps. An automated purple team can simulate, assess and validate all the latest cyber-attacks and advanced persistent threat (APT) techniques along the entire kill chain from breach point to compromising critical assets. It looks for any vulnerability that a cyber-criminal might exploit — from software that hasn’t been updated and password hashes stored on a computer to a privileged session that can be hijacked. Once the attack vectors are determined, the defense kicks in to analyze attack data and prioritize remediation strategies accordingly.

An automated purple teaming solution does not require a dedicated staff with hyper-intensive cyber-knowledge to run it. After all, major banks like Chase and Bank of America might have dozens of trained cybersecurity analysts, but most small and mid-sized banks do not, leaving them extremely vulnerable. With an automated purple team, all it takes is for one person to flip the on-switch.

Enterprises that have the luxury of highly skilled staff can empower them by providing them with an automated purple teaming tool. Instead of having their in-demand staff working on dull and repetitive tasks, they can divert them to identify new vulnerabilities in the network, while providing scalability through the utilization of the automated tool.

Cyber threats are never going to stop evolving, which means your cyber defense can’t either. Automated testing is one of the most effective ways to make sure your bank’s defense is just as good as the hackers’ offense. A system that can run in the background without disrupting normal day-to-day activity and doesn’t require a special team to operate effectively is the perfect tool for a bank to have in their arsenal.

Share
19/11/2018