CIOInsider India Magazine
IT Security In The Financial Sector
Headquartered in Mumbai, the Financial Technologies group operates one of the world’s largest networks of 10 exchanges connecting fast-growing economies of Africa, Middle East, India and South East Asia.
As we move ahead from a busy May, which kept us all busy keeping ‘Wannacry’ at bay. We look back upon the world statistics of the attack and wonder if what measures we have implemented are holding the attackers back or its pure luck. It is always a sigh of relief that the most dreaded call “We are hit!” from a team member was not received. However, there is something inside us, which silently keeps the fear alive of when we are going to be next.
Although there have been numerous articles on IT security that we read day in and out, I am sure the facts below would definitely raise a brow. As the global economy grows exponentially so does cyber-crime.
The Financial Services Sector is the most targeted sector by cyber criminals and will remain so.
Statistics of Present Attacks
Everyday 300,000 unique malicious object, that’s right everyday.
Cybercrime costs the world USD 400-500 billion per year. (Source: Lloyds Insurance and Juniper research)
The Bangladesh Bank heist: Stolen - USD 81 Million (4 orders) Blocked because of typo (Fandation)- USD 870 Million (31 orders) Could say the most expensive typo in human history.
The Carbanak attack: USD 1 Billion. The most sophisticated attack known till date, where 100’s of bank machines were infected and slowly the entire bank intelligence was harvested. Followed by mimicking the staff to transfer funds to fraudster accounts, E-payment systems, inflating accounts and finally ATMs were made to dispense cash at a predetermined time.
Percentage of these in financial sector:
• 30 percent of all cyber-attacks happen on banks and this is increasing.
• After demonetization, there are a number of reports pointing to a surge in cybercrimes related to One Time Password (OTP) fraud, as well as sprouting of malicious mobile applications.
• Banks are targeted for their customer’s online credentials and internal networks for SWIFT transfer and ATM heist.
Percentage of these in financial sector:
• 30 percent of all cyber-attacks happen on banks and this is increasing.
• After demonetization, there are a number of reports pointing to a surge in cybercrimes related to One Time Password (OTP) fraud, as well as sprouting of malicious mobile applications.
• Banks are targeted for their customer’s online credentials and internal networks for SWIFT transfer and ATM heist.
• Mobile malware from Applications Store (Google Play)
Proactive equipment monitoring is crucial for asset-heavy manufacturers to negate the uncertainty around the reliability on machines
The latest attacks are now seen on trading software, depositories and investment institutes as these are classified as big targets. Most of the trading software use Windows and once the malware has compromised security, it gains access to the trading software. (Buying and selling at will).
HFT (High frequency trading) robots are stolen and modified for market manipulations.
A Russian bank Energy bank had 6 malicious trades, resulting in a 10 percent fluctuation of the USD to the RUB in 5mins, which left the bank with $ 50,000,000 loss.
A depository institution holds the securities in electronic form also known as book-entry form, or in dematerialized or paper format such as a physical certificate.
Once the hacker gets access to the depository, he/she can change the ownership and take over the entire company. A similar case happened where 10 percent shares (market value USD 6 Billion) of a public company were transferred to a hacker.
Solutions
Security breaches are no longer just possible. They are inevitable. That’s because attackers’ tactics change faster than security teams so they can't adapt to them. To effectively combat fraud, Financial sector must go beyond conventional anti-fraud solutions. Intelligent platforms are now available that harness data in real-time from across channels to not only deliver a unified anti-fraud mechanism but also help create a secure ecosystem. Acquiring the ability to carry out a cyber-fraud investigation using data analytics and profiling techniques is a continuous process. While using granular network segmentation, restricting existing pathways to valuable data is an exercise, which is inevitable.
The use of multi-layered Advanced Threat Detection solution is strongly recommended that would provide visibility into different infrastructure levels (such as network, server and endpoint), which is capable of deep object analysis, and leverages a comprehensive multitude of Threat Intelligence sources. This would ensure that even the most well-tailored targeted attacks would be discovered as the threat is persistent, adaptive and sophisticated - and it is here to stay.
Dividend payout heist:
Example:
X Corp announced 7 percent dividend
The Record Day on 1 April 2017
Ex-Dividend Day on 29 March, at 15:30 (Market closed)
You have access to depository with 5 percent ownership of X corp stocks.
29 March at 15:25 ---> Change ownership to hacker account.
At 15:35 ---> Change ownership back to Real owners.
20 April: DIVIDENDS paid to hackers accounts.
