- May 21, 2020
- Posted by: Pat Riot
- Categories: CPA, CyberSecurity, Finance
On February 13th, 1866 a group of men following orders from the notorious outlaw Jesse James robbed the Clay County Savings Association in Liberty, Missouri. According to the Crime Museum, they escaped with $60,000 total cash, equaling to about $967,505 in today’s currency. The Financial Industry is still suffering at the hands of criminals to this very day. On July 24th, 2019 a group of individuals worked together and initiated a Phishing attack on the National Bank of Blacksburg in Blacksburg, Virginia. The attacks documented here, gave these modern outlaws the ability to install malware onto the company’s network, gain access to a U.S. bank card processing services, and ultimately withdrawing about $1.8million in a single weekend. 154 years later and people are still robbing banks, they’ve just changed their tactics and strategies. But, as the threats have evolved, so has the Financial Industry.
Today, Industry’s across the globe are transferring to a Cloud-Based infrastructure. The cloud offers cost-effectiveness and allows companies to create an effective remote work environment. The Virginia Society of CPA’s (VSCPA) came out with a report in October 2019 on how converting to the Cloud is the best move CPA’s can make in terms of cybersecurity. The report said: “…the cloud and an experienced cloud partner are a CPA firm’s best defense against an ever-evolving cybersecurity threat matrix”. The cloud also creates a more secure environment for data rather than traditional servers. However, relying on the cloud alone for data security is a lot like relying on only a single pad lock on the front door to protect your home. Sure, a lock on the front door does provide some security, but what about the backdoor and the windows? These backdoors and windows are exactly what cybercriminals exploit when they are hacking into a cloud-based infrastructure.
Cybercriminals use various types of techniques to cause damage to a company’s network and retrieving the data they are after. One of these methods was mentioned earlier known as a phishing attack. This is where a person or group of people disguise themselves as verified accounts and extract sensitive information from company users. This is one of the most common methods for hackers to use in the Financial Industry because they can obtain information such as username, password, and credit card information.
In a world that is shifting to a cloud-based infrastructure it is imperative for all financial companies to make sure they are maximizing their data security. The financial industry is and always will be the favorite target for criminals because that is where the money is.
If you would like talk about these types of attacks and the history we love about cybersecurity or you are just curious about how to secure your companies network, we would love to talk! Find out what options you have with information security by leveraging security operations, endpoint security, or managed detection and response for your business even if you don’t know where to start.