NexTek logo
  • Home
  • About Us
  • Our Services
    • Cloud Managed Services
    • Fully Managed IT
    • Cybersecurity
    • VoIP Phone Systems
    • WiFi & Network Design
    • Data Backup & Recovery
    • Server & Desktop Support
    • IT Project Management
  • Resources
    • Blog
    • Cyber Security Assessment
    • Newsletter
    • Free eBooks
  • Areas We Serve
    • Fort Lauderdale
    • Miami
    • Palm Beach
  • Contact Us

Cyberthreats and the finance sector

Avatar for Nextek
Nextek
March 6, 2019
Cyberthreats and the finance sector

The financial sector has long been heavily targeted by cybercriminals. Over the years, the number of attacks that involved extortion, social engineering, and credential-stealing malware has surged rapidly. This means that financial institutions should strive to familiarize themselves with the threats and the agents behind them. Here are seven new threats and tactics, techniques, and procedures that security professionals should know about.

Extortion
Distributed denial of service (DDoS) attacks, which are typically delivered from massive botnets of zombie computers or internet of things (IoT) devices, have been used to bring down banking networks. This occurs when a targeted server or system is overwhelmed by multiple compromised networks. It’s essentially like a traffic jam clogging up the highway, preventing regular traffic from arriving at its intended destination.

Some cybercriminals are relentless with DDoS attacks and follow them up with cyberextortion, demanding payment in return for release from costly downtime. Banks cannot defend against these attacks alone, so they rapidly share information among themselves through organizations such as FS-ISAC4 and rely upon the ability of their internet service provider to handle and redirect massive quantities of traffic.

Social media attacks
This happens when fraudsters use fake profiles to gather information for social engineering purposes. Thankfully, with new regulations such as the General Data Protection Regulation (GDPR), big companies like Facebook and Twitter have significantly enhanced their security and privacy policy with regards to their data handling practices. The unprecedented reach of social media is something companies cannot afford to ignore because of the possible implications a data breach can have on businesses.

Spear phishing
Spear phishing is an attack where cybercriminals send out targeted emails ostensibly from a known or trusted sender in order to trick the recipient into giving out confidential information. Over the years, hackers have upped their game and cast a bigger net, targeting unwitting employees to wire money. This attack is called business email compromise (BEC), where a fraudster will purport to be a CEO or CFO and request for large money transfers to bogus accounts.

Point-of-sale (PoS) malware
PoS malware targets PoS terminals to steal customer payment (especially credit card) data from retail checkout systems. Cybercriminals use a memory scraper that operates by instantly detecting unencrypted type 2 credit card data, which is then sent to the attacker’s computer to be sold on underground sites.

ATM malware
GreenDispenser is an ATM-specific malware that infects ATMs and allows criminals to extract large sums of money while avoiding detection. Recently, reverse ATM attacks have also emerged. Here, PoS terminals are compromised and money mules reverse transactions after money is withdrawn or sent to another bank account. In October 2015, issuers were mandated to shift to EMV or Chip-and-PIN system to address the weakness of the previous payment system.

Credential theft
Dridex, a well-known credential-stealing software, is a banking Trojan that is generally distributed through phishing emails. It infects computers, steal credentials, and obtain money from victims’ bank accounts.

Other sophisticated threats
Various data breach methods can be combined to extract data on a bigger scale. Targeting multiple geographies and sectors at once, this method normally involves an organized crime syndicate or someone with a highly sophisticated setup. For example, the group Carbanak primarily targeted financial institutions by infiltrating internal networks and installing software that would drain ATMs of cash.

Additionally, with the rise of cryptocurrency, cybercriminals are utilizing cryptojacking, a method that involves the secret use of devices to mine cryptocurrency.

The creation of defensive measures requires extensive knowledge of the lurking threats, and our team of experts is up to date on the latest security information. If you have any questions, feel free to contact us to find out more about TTPs and other weapons in the hacker’s toolbox.

Published with permission from TechAdvisory.org. Source.

Post navigation

Previous Post Previous post:
Every business needs an MSP for cybersecurity
Next Post Next post:
Think twice about selling or donating a Mac

Find out if your company’s ready for The Cloud.

NexTek logo
954-780-7159
4722 Rothschild Drive Coral Springs, FL 33067
  • Home
  • About Us
  • Contact Us
Our Services
  • Fully Managed IT
  • The Cloud
  • Cybersecurity
  • VoIP Phone Systems
  • WiFi & Network Design
  • Data Backup & Recovery
  • Server & Desktop Support
  • IT Project Management
Resources
  • Blog
  • Cyber Security Assessment
  • Newsletter
  • Free eBooks
Areas We Serve
  • Fort Lauderdale
  • Miami
  • Palm Beach
  • Coconut Creek

© 2023 Nextek, Inc. All Rights Reserved. | Privacy Policy

MSP Website by Seota