3 Biggest Threats to a Bank’s Cybersecurity

June 1st, 2021 Jim Hughes Leave a comment

Our world is changing. It is undergoing rapid and massive digitization. It would be safe to claim that we have the global pandemic to blame for that. However, we believe that we would have gotten there anyway given the trajectory of our current technological advancements.

Education, various business processes一almost everything can already be done online these days. The world has passed a point of no return and will never go back to what it was pre-pandemic. What has been made digital will remain digital. While this new normal does offer a lot of conveniences, it also presented a new set of challenges, particularly in cybersecurity. And of all the industries that have gone online, it is probably the world of banking that we are most concerned for. What are the financial problems that these changes will pose?

In this article, we are going to talk about the biggest threats to cybersecurity in the banking sector. Let’s start with the most basic: unencrypted data.

Unencrypted Data

Data encryption is the process of converting data from a readable format into a decoded one. Various institutions usually have their own specific codes. In this way, no one would be able to easily read their data outside the firm, should their data fall into the wrong hands.

Think of data encryption as both the vanguard and the rear of cybersecurity. An effective encryption process can deter people with malicious intent. And if they ever get their hands on the said data, they would still have to try to decrypt it anyway before it can be of any use to them. These added security measures can be truly valuable for any financial institution.

Malware

The next imminent threat is malware. While we have no doubt that most financial institutions work with competent cybersecurity agencies in order to protect their devices from being hacked, it is also true that this might not include their staff.

A breach into a system is still possible through a compromised employee phone. All he needs to do is to connect to the office’s computer network and a hacker can already begin accessing compromising information.

The same thing can happen when you’re collaborating with a third-party service. We understand how convenient it is to employ a third-party service. It can potentially save time, money, and other resources.

However, it can also expose your financial institution to certain risks if your partner doesn’t have effective cybersecurity measures in place.

The best solution to prevent potential attacks in this manner remains to be adequate employee training. Make your staff aware of the very real (and billion-dollar) repercussions of a security breach.

It is also possible to limit the access of your employees. Just let them access the minimum data that they need in order to perform their tasks. This is for their own protection as well.

Finally, running comprehensive background checks and being particularly careful with the people you hire will also help. Just make sure that your checks remain compliant to prevent any issues.

As for business partners, one should never be afraid to ask about potential partners’ cybersecurity efforts.

Data Manipulation

Another big concern is data manipulation. There are three ways in how your data can be manipulated. First, it can be stolen, copied, and distributed elsewhere, much like how hackers are able to create realistic company pages for phishing. This is called spoofing.

Data can also be deleted. This is particularly true for bigger financial institutions with competing firms. An attacker might not really have the intention to steal information but to mess up the system by deleting crucial bits of data.

Can you imagine the panic that will ensue if a financial institution suddenly lost all its client information?

Finally, data can be edited without the owner’s knowledge. Despite the common belief that data-stealing is the worst cybersecurity attack that can happen, we still believe data alteration worse. That’s because this attack is a bit difficult to detect right away.

It’s easy for bigger companies to detect if their data has been stolen and being used with malicious intent. Data deletion is a complete giveaway. You will learn that an attack has happened right after it did. There’s even a chance of stopping it halfway if you’re lucky to catch it early enough.

What makes data alteration particularly detrimental is the fact that it can’t easily be detected. A firm can go on for months without even knowing that an attack has happened. After all, the manipulated data may look unaltered on the surface, but the truth is, hundreds (if not thousands) of micro edits have already been made. If the hacker succeeds, the financial institution may be held liable to pay millions of dollars in damages.

How Imminent Is the Threat?

The cybersecurity threats that we have mentioned above are just some of the most common ones that financial institutions globally are faced with every day. It’s just the tip of the iceberg. There are definitely other forms of cyberattacks out there, and even more, being developed by the minute.

According to Mark Whelan, a banking expert from the Australia and New Zealand Banking Group, cyberattacks are more prominent and brazen than ever before. It has even reached the point that they are receiving up to 10 million attacks in a month.

For him, this is the biggest threat that financial institutions are currently facing, and experts predict that it’s only going to get worse.

Final Thoughts

Indeed, it is a brave new world that we’re living in. The risks and threats that we are facing right now are so stark in contrast to what we have experienced in the past. Gone are the days of bank heists with guns blazing. Instead, the bigger threat is probably wearing a sweatshirt right now in a random room somewhere across the globe. The fact that you wouldn’t have to take such a risk on your life makes the prospect even more appealing.

This has led financial institutions to prioritize cybersecurity efforts and training. Fortunately, with adequate risk assessment and planning, we are confident that you will be able to prevent severe cyberattacks from happening.

_______________________________________________________________________

Jim Hughes is a content marketer who has significant experience covering technology, finance, economics, and business topics. At the moment, he is the Director of Content at OpenCashAdvance.com.

Archives, Global Trade Daily, Software

Why DDoS Attacks Are the Biggest Threat to Your Business in 2021

April 21st, 2021 MJ Shoer Leave a comment

In the 21st century, it’s hard to imagine functioning without technology. Just think of how many times a day you look at your phone or switch on your computer. When you need an answer, you turn to Google; when you want to relax, Netflix is there. In fact, it seems that the internet can take care of your every need — be it social, financial or recreational.

Unfortunately, though, technology isn’t just useful to you but also to those who want to harm you. As technology grows more advanced, hackers and cybercriminals obtain new and sophisticated tools to launch their DDoS attacks, threatening your safety. But what is a DDoS attack, and why is it so dangerous? Keep reading, and you’ll find out!

What Are DDoS Attacks?

DDoS stands for distributed denial of service, and it’s one of the most common tactics hackers use to bring down a server. To put it simply, they flood a network with so much traffic at once in order to overwhelm the server, and it crashes. To do this, hackers use a large group of compromised computers called a botnet.

Now, the problem is that anyone can become a part of a botnet without even realizing it. If your antivirus program isn’t up to date, or you visit unsafe sites, your computer can become infected by malware. Contrary to popular belief, malware doesn’t just corrupt your files or damage your device. In fact, hackers often use it to covertly gain control over your computer and use it for their malicious purposes.

An infected device works as usual, but you’re no longer in charge. The actual owner, the hacker, can order your device to start sending requests to a server of their choice, along with hundreds of other devices. Ultimately, that leads to a crash.

Of course, servers can crash when they gain a lot of traffic naturally. But that’s not a DDoS attack — DDoS always comes with malicious intent. The hacker who’s launching it rarely does so just for fun – they usually have rather serious motives.

Why Do Hackers Perform DDoS Attacks?

If you’re new to the world of cyberattacks and criminals, it might not be obvious what the purpose of DDoS is. What could a hacker gain from disrupting a server? Sadly, there’s no easy answer — the motives behind these attacks vary. Here are some of the most common reasons.

Financial Gain

Hackers often use DDoS attacks to target corporations and large businesses, knowing that they have high profits. Once they bring their servers down, they send a message asking for a ransom. The network stays under their control until they receive the sum they asked for, after which everything goes back to normal.

Ideology

Political and ideological wars are no longer waged out in the battlefield. These days, the real frontlines are in cyberspace. Whether it’s rebellious groups using hackers to protest against oppressive governments or those governments targeting protesters, DDoS attacks are commonly used in this type of warfare.

Gathering Information

If a large business handles lots of private information, it can easily become the target of a DDoS attack. In such a case, the attack serves as a distraction. While everyone is busy trying to resolve the problem, the hacker gains access to classified records and finds the information they need. The most sophisticated hackers leave very little trace, and no one even knows they were there.

Why Are DDoS Attacks Detrimental to Businesses?

Whatever the hackers’ motives may be, the most common DDoS attack targets are businesses. Large or small, they all face a similar danger as long as they are online. But how can a DDoS attack hurt your business, exactly?

Just imagine that a hacker attacks your company’s servers and brings them down for a few hours. The customers that would typically visit and purchase your products suddenly don’t have access to your site. New clients may be trying to visit your site too, but when they see that your website isn’t functional, they’re unlikely to return. In short, you can lose hundreds, if not thousands, of dollars as well as potential new clientele.

The longer your servers are down, the worse it gets. Soon enough, you’ll need to hire a team of experts to deal with your problem, which obviously won’t come cheap. On top of that, the hacker might ask for ransom, and after a few hours of losses, you’ll probably be more than willing to pay it.

But the worst damage you’ll suffer isn’t financial — it’s reputational. If your clients find out that your servers were hacked, they might have trouble trusting you with their personal information. No matter how loyal they were in the past, no one wants to believe their personal information is vulnerable. Soon enough, your pristine reputation will be tarnished, and not even by your own fault!

The only way to avoid this worst-case scenario is to put in place measures against DDoS attacks. That means you’ll need firewalls, antivirus software and perhaps even a special IT department to monitor your servers. It will surely cost you more, but in the long-run, you’ll be glad to have some peace of mind.

Protect Yourself Against DDoS Attacks

DDoS attacks are not child’s play — in fact, they have become the biggest threat to businesses in 2021. If anything, this threat will only get worse as our world becomes more digital. Don’t let yourself become a target; start looking into DDoS protection today. It’s the only way to ensure your customers’ safety and your company’s rise to success.

________________________________________________________________

MJ Shoer is SVP, Executive Director, CompTIA ISAO, at CompTIA, the Computing Technology Industry Association. CompTIA is the world’s leading tech association. Its mission is to advance the global technology industry. The CompTIA ISAO is an Information Sharing and Analysis Organization whose mission is to raise the cybersecurity resilience of the global tech industry. MJ has over 30 years’ experience in the IT industry, having founded and run an MSP for nearly 20 years before it was acquired as well as consulting with MSPs, SMBs and channel organizations.

Archives, Commentary, Global Trade Daily

Is It You Or An ID Thief? How AI Uses Document Verification To Keep You Safe.

January 20th, 2020 Stephen Hyduchak Leave a comment

It’s a moment most people have experienced.

You’re required to show your ID for something and you wait as the person studies both your face and the photo on the driver’s license, passport, or another document, making sure you’re not an impersonator trying to pull a fast one.

These days, artificial intelligence is playing a role similar to that security person, with software that allows validation of IDs remotely through digital document verification. This way you can do business through your smartphone, and someone on the other end can make sure you’re who you say you are and that a thief hasn’t stolen your identity.

And that’s especially important at a time when identity theft has been on the rise, says Stephen Hyduchak, CEO of Aver (www.goaver.com), an identity-verification service.

“Fraudsters are getting creative, but so is technology,” Hyduchak says. “It’s important to keep up because there are so many ways to create fake documents that allow someone to claim to be you and maybe even get away with it.”

Hyduchak says there are a few categories of document fraud:

Illegitimate documents. These documents are completely false. They have characteristics such as missing holograms or other current standards that are essential parts of a legitimate version of that document.

False documents. This is a document that belongs to one person, but that another person tries to use in an effort to authenticate himself.

Modified documents. This is when an original document is altered. Hyduchak says the alterations can be caught with software that detects whether fonts and text match the originals.

How do fraudsters even get the ID documents to start with? Hyduchak says it’s a matter of data security breaches – and often a combination of more than one breach. He gives this example. Just recently, the cryptocurrency exchange Binance, using a third-party Know-Your-Customer (KYC) provider, was the victim of a hack that leaked over 10,000 photographs of purported Binance KYC data. This breach affected up to 60,000 people.

“On Binance, users buy and sell cryptocurrency, something that is privacy-centric by its very nature, but still vulnerable,” Hyduchak says. “Coupling leaks like this with major data breaches like Equifax and Target, our personal information can be manipulated for the fraud with some basic photoshop work.”

A digital verification process is one way to head off any subterfuge, Hyduchak says. For example, his company has a program that works this way: The user captures a picture of their ID or passport using their smartphone. The user then takes a selfie to verify they are the same person pictured on the ID or passport. Facial recognition software compares the images through algorithms.

“As time goes on,” Hyduchak says, “I think you are going to see digital facial checks become the standard for ID verification, and that will eliminate most types of fraud.”

_____________________________________________________________

Stephen Hyduchak is the CEO of Aver (www.goaver.com), an identity-verification service. Hyduchak worked in corporate finance for companies such as PRA Health Sciences before finding the entrepreneur bug. He began working on media and design for small businesses, which led him to consulting projects in the blockchain space, and eventually to founding Aver.

Archives, Commentary

5 Ways For Healthcare Providers To Build A Fortress Against Cyber Threats

December 28th, 2019 Alex Zlatin Leave a comment

The healthcare industry has yet to find a cure for cyberattacks. Housing personal health data, all kinds of providers are vulnerable targets of hackers and patient care can be put at great risk.

News of breaches in healthcare computer systems is a regular occurrence. Over 100,000 medical records were recently leaked as a result of a data breach at a Montana hospital. And research this year showed an upsurge in malware attacks on healthcare providers. Phishing messages, a means of malware delivery via email, have been found to come in the form of alerts from the US Centers for Disease Control and Prevention (CDC).

As cyberattacks become more sophisticated and widespread, the need for adequately securing computer networks at hospitals and all medical facilities has never been greater, says Alex Zlatin, CEO of Maxim Software Systems (alexzlatin.com).

“The costs of cyberattacks for healthcare providers can be enormous,” Zlatin says, “but how hackers can literally stop facilities from functioning and keep patients from getting care and medication should get everyone’s attention. “It’s all about prevention, and for many providers, being secure as possible will involve a retooling and re-thinking of how they approach cybersecurity from the human and technological standpoints.”

Zlatin provides five tips for healthcare providers to better protect against cybersecurity threats:

-Educate employees about phishing attacks. Many breaches start with human error. Employees make the mistake of responding to an email, link or website designed by hackers to access private information. “Email is a popular phishing technique,” Zlatin says. “The best ways to prevent them from doing damage are to educate your employees on what suspicious emails look like and to use strong email spam filters. Also, your software should automatically scan any links or attachments. This prevents new or unrecognizable URLs from sneaking past company safeguards.”

-Beware of ransomware. Ransomware has been a big menace to the healthcare industry, holding data for ransom, paralyzing facilities and putting patients at risk. Zlatin says the first step in dealing with ransomware is backing up your system, ideally with a cloud backup to protect data. “Failure to do backup can cause irreparable damage,” he says. “And while hackers continually find ways to infiltrate, your security software should contain the most updated anti-malware and anti-ransomware protection. When a ransomware attack occurs, the first thing employees should do is contact their IT team — not try to resolve it themselves.”

-Have a top-down security program. There can be a disconnect and gaps in cyber security procedures when a medical facility’s security staff and IT team don’t overlap. “Including cybersecurity duties at a managerial level, perhaps even as an executive position, can ensure that correct initiatives are created, launched, and enforced, and that funding for security initiatives is available,” Zlatin says. “This also helps enforce regular risk assessment, which should be part of any healthcare provider’s cybersecurity threat program.”

-Make sure vendors have protection. The Healthcare Industry Cybersecurity Task Force, which was established by the U.S. Department of Health and Human Services and the Department of Homeland Security, warned providers about areas of security vulnerability in the supply chain. “Vendors should take the proper steps to detect threats,” Zlatin says. “They include all healthcare business partners, such as insurance companies and infrastructure providers, all of whom should have good security records and be able to protect medical information. It’s especially important for organizations that outsource IT personnel from third-party vendors.”

-Update passwords often. “Using the same passwords for most platforms is a big mistake,” Zlatin says. “It increases vulnerabilities. If a criminal discovers one password used for several accounts, it leads to a disastrous theft of data. So, have employees generate new passwords periodically and not get stuck on convenience.”

“Too often, many healthcare facilities aren’t vigilant enough about defending their medical records security,” Zlatin says. “Healthcare providers face a constant threat that requires constant vigilance because they and their patients have too much to lose.”

________________________________________________________________

Alex Zlatin, author of the book Responsible Dental Ownership (alexzlatin.com), had more than 10 years of management experience before he accepted the position of CEO of dental practice management company Maxim Software Systems. He earned his MBA at Edinburgh Business School and a B.Sc. in Technology Management at HIT in Israel.

His company helps struggling dental professionals take control of their practices and reach the next level of success with responsible leadership strategies.

Archives, Global Trade Daily, Special Reports

A Cybersecurity and Artificial Intelligence Forecast for 2020

December 23rd, 2019 Saumitra Das, CTO, Blue Hexagon Leave a comment

As a cybersecurity and artificial intelligence innovator, we are often asked about our predictions for the year to come. AI, in all its flavors, is a hot technology and it is being applied in many fascinating and powerful ways. Our focus, of course, is on using deep learning to advance the standards in malware detection (and we see a lot of good happening in that regard) so we bring a unique perspective to these two areas.

And not to brag, but when the question came up last year we provided a modest forecast that turned out to be fairly accurate. Here’s a quick recap:

-We said that AI would be a key component to the delivery and management of 5G wireless services, which is in-line with what the industry is now saying about its roll-out.

-Our bet was behind the emergence of AI-as-a-Service. It’s comforting to know that Microsoft CEO Satya Nadella agrees, and sees a $77 billion market by 2025, according to Motley Fool.

-Last year we predicted the emergence of more sophisticated learning techniques, advancing the capabilities and efficacy of machine learning and deep learning algorithms, and that has been happening.

-We’ll even take credit for our prediction that AI in all its forms would see greater commercialization and consumerization, even though that one was probably self-evident in hindsight. Development and improvement in products like smart assistants, smartphones, autonomous vehicles, medical devices and more will continue apace now that AI is mainstream.

So what can we expect for 2020? We’re going to keep our forecast in the realm of cybersecurity and AI this year, looking at both the threat landscape and the emergence of innovative defenses. Here are five trends we see developing in the new year.

Cybercrime will focus on ransomware and cryptojacking

The focus of the global hacker community will shift to emphasize ransomware and cryptojacking. Ransomware has proven to be a lucrative source of income for hackers, and as associated malware and delivery techniques become more effective, that is only going to embolden them. Most hackers launch attacks from locations beyond the reach of U.S. authorities, and they collect payments in the form of cryptocurrency to minimize the risk factor of their illicit endeavors. And as cryptocurrency becomes more mainstream, we foresee a sharp increase in attacks intended to hijack computing resources to power the computations necessary to “mine” coins. What we’re seeing in Blue Hexagon Labs research is that cryptojacking attacks appear to have an inverse relationship to ransomware attacks. This is likely driven by hacker motivations; as the value of cryptocurrency increases, it may be more lucrative (and easier) to focus on cryptojacking than ransomware.

Malware-as-a-Service becomes increasingly sophisticated

Criminal hackers are innovators and entrepreneurial (even if they are evil, self-centered, and destructive innovators and entrepreneurs). As such, they are keen on minimizing cost and risk, and one way they are doing that is by productizing their tools and skills. As a result, Malware-as-a-Service hacking groups are now selling kits and automated services on dark web marketplaces. In March of this year, we wrote about Gandcrab ransomware-as-a-service. We will see these services increase in sophistication in the coming year–for example, the ability to select customizations such as the type of obfuscation or evasion techniques, and the way the malware is delivered. This will make it easier for anyone to get in on the malware game, creating a force multiplier effect that will increase the number of threats enterprises will face in the years to come.

First malware using AI-Models to evade sandboxes will be born in 2020

Malware developers already use a variety of techniques to evade sandboxes. A recent article explained that “Cerber ransomware runs 28 processes to check if it is really running in a target environment, refusing to detonate if it finds debuggers installed to detect malware, the presence of virtual machines (a basic “tell” for traditional sandboxes), or loaded modules, file paths, etc., known to be used by different traditional sandboxing vendors.”

In 2020, we believe that new malware–using AI-models to evade sandboxes–will be born. This has already been investigated in academia. Instead of using rules to determine whether the “features” and “processes” indicate the sample is in a sandbox, malware authors will instead use AI, effectively creating malware that can more accurately analyze its environment to determine if it is running in a sandbox, making it more effective at evasion. As a result of these malware author innovations and existing limitations, the sandbox will become ineffective as a means to detect unknown malware. Correspondingly, cybersecurity defenders’ adoption of AI-powered malware defenses will increase.

The rollout of 5G networks will bring new attack vectors

The infrastructure needed to roll out and manage new 5G networks requires a more complex, software-defined architecture than older communication networks. This new architecture means services will operate within a more complex environment with a broader attack surface that requires more security diligence on the part of the service providers. In addition, the advent of 5G networks will enable more endpoint devices that will require security at the network edge. Hackers, in particular, nation-state threat actors, will work hard to find and exploit weaknesses in this architecture to intercept traffic, disrupt services, and deliver payloads to endpoints and networks.

Privacy regulations drive more spending in cybersecurity

The European Union’s General Data Protection Regulation (GDPR) has inspired a number of privacy regulations, including the new California Consumer Privacy Act (CCPA). In the CCPA, California has created a combined privacy and breach disclosure law that goes into effect on January 1, 2020. The office of the California attorney general recommends NIST (800-53 or CSF) or ISO 27001 as their standards for implementation, and uses CIS Controls for security program guidance. That means an emphasis on malware detection and prevention, and with data breach violations reaching hundreds of millions of dollars in the EU and U.S., we predict CCPA and the recent history of enforcement will drive a significant increase in cybersecurity spending.

Even though the overall theme of these predictions suggests increasing threats and risks to the enterprise, we do see cause for optimism. Our experience with the application of deep learning to meet the challenges of threat detection and prevention give us hope that, as our efforts and those of other innovators continue and build momentum, we are confident that 2020 will be regarded as the year our industry finally turned the tide against hackers.

Archives, Global Trade Daily

Hackers Covet Your Identity; 5 Ways To Thwart Their Efforts To Steal It

December 21st, 2019 Chris Hoose Leave a comment

Each day people take a virtual trip through the internet to do their banking, make hotel reservations, shop for a new car, or engage in a myriad of other activities important to them.

It’s so routine that it’s easy to forget that you need to be just as careful about protecting yourself on those virtual journeys as you would on an actual one.

“Hackers are creative about dreaming up new ideas for stealing your identity, so it’s important that you stay vigilant even if you already have taken action to guard yourself and your data,” says Chris Hoose (www.choosenetworks.com), an IT consultant who works with small businesses.

Hoose says a few steps you can take to protect your identity include:

Use a password manager. One problem with passwords is that people often use simple ones that are easy to remember, but also easy to hack. A password manager provides an encrypted database where you can store unique, long, complex passwords for each of your online accounts, and access them when you need them. “With a password manager, you can have better passwords that are harder to hack, and you don’t have to memorize them,” Hoose says.

Do your online activities with a VPN. Worried that your online browsing will lead identity thieves right back to you? One solution, Hoose says, is a virtual private network (VPN), which lends you a temporary IP address and hides your true IP address from every website or email you connect with. “It also prevents the sites you visit from learning your physical location,” he says. “You just need to remember to connect to it when you want to use it.” A VPN usually costs about $40 to $50 a year, he says.

Be wary on social media. Most people check in on social media routinely to catch up on family news, connect with college buddies, or perhaps to share photos of a new puppy. Unfortunately, cyber thieves lurk in the background. “They know that social media platforms are an excellent source for personal information and information about your contacts, which makes identity theft that much easier for them,” Hoose says. To stay safe on social media, he suggests you check to see if you have already been compromised; avoid password reuse; update your security settings regularly; and limit your connections because the more you have, the more potential for a fraudulent or compromised account to send you a malicious link.

Keep tabs on your credit report. One way to make sure no one has taken on debt in your name, and damaged your credit in the process, is to request a full credit report from any of the three major agencies: Equifax, TransUnion and Experian. You can get a free copy from any of them through the site www.annualcreditreport.com. Also, it might be time to get off the mailing list for all those credit offers you receive that say you are pre-approved. “Those offers are a gold mine for identity thieves,” Hoose says. You can opt out of pre-approved credit offers by visiting www.OptOutPrescreen.com.

Be sure to install anti-virus/malware software. Your first and best line of defense against identity theft on your computer remains anti-virus software and anti-malware software, Hoose says. When choosing one, he suggests making use of the trial period most companies offer. “That way you can try them out and decide which one works best for you,” he says.

“The more people try to foil identity thieves, the more sophisticated those thieves seem to get in their methods,” Hoose says. “But by being watchful and attentive, you can stay safe and enjoy your time online.”

________________________________________________________

Chris Hoose (www.choosenetworks.com) is the president of Choose Networks, an IT consulting firm for small businesses. Hoose started the company in 2001 to give large-scale solutions and support to businesses that can’t afford their own in-house IT department. He earned a Master of Information Systems Management from Friends University.