Hacking used to be a small-time hobby often used for pranks. Now, hackers aren’t just hackers anymore. Today they’re sophisticated cyber criminals going where the money leads them – to the financial organizations that manage it. As cyber threats grow increasingly dangerous, the question remains —is your company ready?
Unlike healthcare organizations that are struggling to decide whether to invest in patient care or new security systems, the financial services industry is laser focused on cyber security. According to a research report from Raytheon and Websense, 2015 Industry Drill-Down Report—Financial Services, 80% of financial executives see cyber security as their top concern.
The finance industry may see cyber security as a top concern, but that doesn’t mean that they’re able to thwart all of the attack vectors aimed their way. In the first half of 2015 alone, there have been 30 confirmed data breaches in the finance industry. And don’t even get us started on the multi-year banking fiasco involving over 100 banks and losses in the hundreds of millions of dollars.
Watch Out for Lure-Stage Attacks - You're the Biggest Target
The finance industry is targeted by cyber attacks 300% more than any other industry. However, with so many potential attack vectors, it’s nearly impossible to figure out which one will be coming after you—or is it?
As it turns out, 33% of all global lure-stage attacks are found in the finance industry. It’s clear that these types of attacks are a favorite amongst finance hackers. They carefully survey their targets trying to score a large payoff.
Attackers have grown significantly more sophisticated than they used to be, learning to use social engineering to create professional-looking phishing emails regarding invoices or payments that prompt users to open them. Training your staff to look out for these suspicious emails is essential to the protection of your business. Everyone knows it, but attacks still happen.
What Malware is Lurking Behind these Lure-Stage Attacks?
Raytheon and Websense dug deeper into the lure-stage attacks that are so popular amongst finance hackers to discover what malware is actually stealing user credentials and sensitive data. These are the pieces of malware you should be especially wary of in the finance industry:
- Rerdom: When this malware is delivered to your users, it can spam, send malicious emails, carry out click fraud, mine for browser and email credentials or download even more malware.
- Vawtrack: This banking trojan has built-in protection against antivirus detection and is particularly good at stealing personal information without leaving a trace of its presence. Also known as Neverquest, this malware hijacks passwords, browser history and cookies to carry out attacks.
- Geodo: This malware can be used for a variety of attacks, but is used in the finance industry 400% more than any other. Hackers updated previously threatening malware, Cridex, for more effective data stealing through Microsoft Office macros. Its well-known for its self-replicating feature as it sends infected emails to and from compromised hosts to build up its backlog of credentials.
Bleak Stats Require Greater Vigilance
It’s tough to look at threat statistics in the finance industry – the sheer volume and potential danger is staggering. Any breach no matter how small can cost a company their reputation and consumer trust. And then of course there is the financial losses, notifications expenses, legal fees and other expenses tied to reparations.
Clearly, financial organization need to be vigilant. They need to ensure that all their security appliances can see 100% of the traffic coming in and out of the organization – that means using a network TAP to avoid losing packets during traffic spikes. At the same time, it is critical to know your baseline traffic and investigate any deviations from the norm. While technology is critical for identifying and repelling attacks, be sure to train each and every employee to be on the lookout for suspicious behavior. When the entire organization is on high-alert, you’ll be able to spot more issues and avoid getting lured by even the most sophisticated attackers. Concern is one thing – vigilance takes a security program to a higher level.
Determining your baseline traffic is the first step in determining a threat or breach. Download the whitepaper How to See Your Baseline Traffic to learn how to get a point of comparison for your network.