- August 21, 2020
- Posted by: Pat Riot
- Categories: CyberSecurity, Finance, Managed Detection and Response, Security Operations
“We remain devoted and diligent to protect privacy and stay cyber safe — we will do what it takes.”
This is a quote by J.P. Morgan Chase CEO, Jamie Dimon, from his 2019 Shareholders Letter. We’ve all heard of cybersecurity and how it keeps our computers & information safe. But what exactly is it keeping us safe from?
The internet is a vast, ever-growing, unpredictable landscape that has dangers lurking around every corner. No one is truly safe. Last year two typhoons in the financial industry suffered cyberattacks: In March 2019, Capital One Credit Union was hacked exposing 140,000 social security numbers and 80,000 linked bank account numbers. In May 2019, First American Financial Corporation had a data breach that exposed 855 million personal records and financial files.
Both large and small financial firms are prime targets for cyber-attacks. Large firms, who maintain strong security postures, unwillingly boast that they have sensitive data that is worth protecting. Which makes that data much more appealing to a cybercriminal or organization. While smaller firms simply lack the necessary tools & staff to defend against cyber threats.
So, what exactly is a cyber-attack? Cyber-attacks have various forms & methods depending on what the attacker is after. Below, we will break down the most prominent & troublesome cyber-threats that are faced by the Financial Industry:
DDoS Attacks – Distributed Denile of Service attacks are when massive amounts of data are flooded to a company network or website rendering the servers useless preventing user access. Each successful DDoS attack averages a cost of $1.8 million, per LookingGlass. (DDoS attack kits can be bought on the dark web for $400)
Insider Threats – By far the most vulnerable aspect of an organizations network is their employees. Most people simply lack the proper knowledge & skills to handle cybersecurity threats. Last year, it was reported that 58% of data breaches in the financial industry were caused by inside employees however, only 5% of those attacks were malicious & on purpose. Emphasizing how much people don’t understand network vulnerabilities. A very common attack used to exploit the lack of knowledge in cybersecurity is a phishing attack. A Phishing attack is when an attacker disguises themselves as an authoritative figure and messages an employee seeking login credentials & other various personal information. Once login credentials have been obtained the sky is the limit for an attacker.
Outdated & Rudimentary Software – Internet & technology are on an exponential path of growth & evolution. And with that, come the growth & evolution of cyber threats. What worked 4-5 years ago most likely won’t be very helpful today. New malware software & intrusion methods are designed in such a way to bypass traditional firewalls & anti-virus protections making them obsolete. Positive Technologies reported that 68% of financial services used outdated software. Malwares are malicious software’s that are downloaded onto a device to gain access to personal information. Stolen information is often used as a form of blackmail for financial gain. This is known as Ransomware.
So, now the question is, how can an attack be stopped? The truth is attacks can & will happen all the time. Most of our devices are compromised right now and we don’t even know it. Data breaches go unnoticed for months & can take years to fix. Being able to detect a breach or an attack in real-time is essential. If a network is breached, and the attack is noticed immediately, with correct measures & procedures can be remedied within the day. Saving a company millions of dollars and months of labor.
Here, at Steel Patriot Partners, our MDR Platform gives any organization the ability to detect suspicious patterns & anomalies in real-time. Our software is powered by machine learning artificial intelligence that proactively searched for any strange or dangerous behaviors. It monitors all data flow so it can detect if someone is trying to flood a network with massive amount of data, and alert security experts to immediate take action. User behavior is also monitored 24/7 and can detect, isolate, and remove any device from the network if foul play is noticed. Finally, our software is constantly learning and adapting to the ever-evolving threat landscape meaning we can keep networks secure for decades to come.
For more information on how our SPP MDR Software can help your company detect threats please give us a call at 703-297-4405 or e-mail [email protected]. We’re excited to help!