When money is the at the top of the mind of
cybercriminals, where do they turn their heads to? The
Banking Sector. This SlideShare takes you through the top 5 cybersecurity risks that banks and other financial firms face today.
2. 2
INTRODUCTIONWhen money is the at the top of the mind of
cybercriminals, where do they turn their heads to? The
Banking Sector. With countless operations including
Wealth Management, Trading, and Revenue
Management, Investor Accounting, it is no light matter
when we say that cybersecurity threats keep banks up at
night. With data breaches rampantly hitting all types of
organizations across the world, the banking sector, for
obvious reasons, stays under a constant and increased
pressure for safekeeping of their customer's data and
more importantly, their money.
According to PwC’s Global Economic Crime Survey 2016,
cyber crime is now the second most reported crime
globally. And a study done by IBM in 2016 says that
Financial Services ranks 3rd in the top 5 industries at risk
of cyberattacks, after Healthcare and Manufacturing.
2
3. 3
GLIMPES FROM
THE CURRENT THREAT LANDSCAPE
• 50 incidents of cyberattacks affecting 19 financial organizations
have been reported from 2016 till June 2017
• 3 government-owned banks were infiltrated by attackers to create fake trade
documents like letters of credit (LC) and guarantees
• Since June 2016, SWIFT systems of 4 Indian banks have been targeted.
• Bangladesh Bank official's computer was hacked to carry out a
$81 million heist
• In 2016, banks in India had to reissue 3 million debit cards and faced a
combined loss of more than $2 million after hackers allegedly penetrated the
system of Hitachi
• Cyberattacks against financial services cost consumers £8bn
in 2016, research reveals
3
Sources:
https://blog.netwrix.com/2017/07/31/infographics-top-cybersecurity-risks-in-finance/
http://economictimes.indiatimes.com/industry/banking/finance/banking/indian-banks-are-waking-up-to-a-new-kind-of-cyber-attack/articleshow/56575808.cms
www.moneycontrol.com/news/india/50-cyber-attack-incidents-reported-in-financial-sector-govt-2342009.html
https://www.pwc.com/us/en/financial-services/research-institute/cybersecurity.html
http://www.investopedia.com/articles/personal-finance/012117/cyber-attacks-and-bank-failures-risks-you-should-know.asp
http://www.reuters.com/article/us-cyber-heist-philippines-idUSKCN0YA0CH
http://www.wallstreetandtech.com/security/morgan-stanley-data-theft-exposes-insider-threat-and-need-for-more-restrictions/d/d-id/1318623
http://www.bankinfosecurity.in/infographics-c-373
http://www.businessinsider.com/legacy-banks-dont-have-the-it-to-fight-financial-crime-2017-5?IR=T
4. 427
RISK #1
INSIDER THREAT
An insider threat could be a
current or a former
employee who is responsible for
a security breach in an
organization.
82%
of financial organizations consider
insiders with legitimate access the
main threat to security.
Netwrix 2017 IT Risks Survey
55% 27%
Employees Third-party with legitimate access
In 2015, Morgan Stanley fired a
financial adviser in its wealth
management division who stole
data from 350,000 clients, or
about 10% of its customer base.
“
4Sources:
https://blog.netwrix.com/2017/07/31/infographics-top-cybersecurity-risks-in-finance/
5. 527
RISK #2
POOR DEFENSE
Cybersecurity Investments by most financial firms
An Accenture Survey
Merely spending on the best
cybersecurity products does not
form a comprehensive defense
strategy against advanced
threats of today.
75% 66% 20%
Expect to invest in
hardened devices
and encryption
Expect to invest
in intelligence
gathering and
assessment
Expect to
invest in better
protection
A passive intelligence-focused
approach leaves most firms
open to UKNOWN THREATS
Increased digitization is exposing
banks to threats from insiders,
third-parties, and geopolitical risks.
“
5Sources:
https://www.accenture.com/t20161212T044221Z__w__/us-en/_acnmedia/PDF-13/Accenture-Strategy-Cybersecurity-in-banking.pdf#zoom=50
6. 627
RISK #3
LEGACY
Until banks move over
from their legacy
technology, their
cybersecurity defense will
remain half-baked.
A study on 168 UK banking members
by LexisNexis and the British Banking Association (BBA)
92%of respondents think that
their organizations' legacy
technology will make it
difficult to combat financial
crime in the next
1 - 2 years.
39%of banks feel ready
to protect
themselves against
threats specific to
cybercrime.
this
means
Attackers have benefited from
new technologies that make it
easier to hack into legacy
banking systems.“
350%(approx.) increase in
cybercrime reported in
India from 2011 – 2014
because of legacy
technologies.
A study by
ASSOCHAM-PwC
6
TECHNOLOGY
Sources:
http://www.businessinsider.com/legacy-banks-dont-have-the-it-to-fight-financial-crime-2017-5?IR=T
http://www.business-standard.com/article/current-affairs/350-rise-in-cybercrime-in-india-in-3-years-study-116082500999_1.html
7. 727
RISK #4
MALWARE & FRAUDS
Banks and financial
institutions are extremely
vulnerable to various forms
of cyberattacks and online
frauds.
Over the past
3 YEARS
India has moved up the
ranking for countries with
the highest number of
financial Trojan infections
of Banking, Financial
Services and Insurance
(‘BSFI’) businesses have
been attacked at least once.
40%
Credit and debit card fraud
cases have increased
SIXFOLD
40-45%financial transactions
are being conducted on
mobile devices today.
60-65%Expected growth in
mobile banking
frauds.
It took 6 weeks to detect the fraudulent
transactions which affected 32 lakh
cards in the largest data breach in the
country that occurred in Oct 2016.
“
7Sources:
https://ccgnludelhi.wordpress.com/2017/02/08/cybersecurity-in-the-financial-sector-an-overview/
8. 827
RISK #5
UNPACTHED
Given their cumbersome
infrastructure, most
banks work with
applications that contain
unpatched, known
security vulnerabilities.
Major Vulnerabilities
Consistent Across Financial Industry
A Security Scorecard Survey
7,111
financial firms were assessed. 1,356 of
these were found to have at least one
unpatched security vulnerability.
72% 38% 23%
Found vulnerable to
POODLE
Found vulnerable to
DROWN
Found vulnerable to
FREAK
ALL THESE VULNERABILITIES REPRESENT ISSUES WITH SSL CONFIGURATION
60% of 2.25 lakh ATMs in
India run on the outdated
Windows XP exposing them to
cyberattacks.
“
8
SYSTEMS
Sources:
https://cdn2.hubspot.net/hubfs/533449/SecurityScorecard_2016_Financial_Report.pdf
9. Helps mitigate all such security threats with its range of
Dynamic, Scalable, and Future Ready solutions:
SEQRITE Endpoint Security
SEQRITE Unified Threat Management Solution (TERMINATOR)
SEQRITE Mobile Device Management
SEQRITE Data Loss Prevention
99
10. Endpoint Security FEATURES
PATCH MANAGEMENT
Enables IT administrators to check and
install missing security patches for all
applications installed on enterprise endpoints
from a centrally managed console.
WEB SECURITY
Automatically blocks websites infected with
malware or designed for phishing attacks.
APPLICATION CONTROL
Categories of applications can be authorized or
unauthorized from being executed within the
network.
DATA BACKUP AND RESTORE TOOL
Automatically and periodically (multiple times a
day), takes a backup of all important and well-
known file formats like PDF and Microsoft Office
files that are present on a computer.
RISKS MITIGATED
RANSOMWARE ATTACKS
INSIDER THREATS
CORE PROTECTION (IDS/IPS & FIREWALL)
IDS/IPS blocks threats that exploit software
vulnerabilities and Firewall thwarts malicious
attempts to access the corporate network.
BEHAVIOR DETECTION
Detects and blocks unknown viruses and
malware in real-time.
INFECTED WEBSITES
PHISHING ATTACKSINFECTED EXTERNAL DEVICES
SECURITY VULNERABILITIES
110
11. Data Loss Prevention
ADVANCED DEVICE CONTROL
- Configure access policies for more than 25 device types.
- Blocks unverified devices.
- Prevents autorun infections.
ENHANCED PRIVACY PROTECTION & COMPLIANCE
- Identifies Office documents based on their origin.
- Prevents data leakage propagated by worms, Trojans,
and other malware threats.
- Issues regular notifications to reinforce user behavior on
data security.
LOWER COMPLEXITY & COST OF DEPLOYMENT
- Easy integration with existing Seqrite EPS.
- Defines DLP security polices and reports across multiple
endpoints in scattered locations.
- Centralized management and monitoring of crucial business
data.
CONTENT AWARE PROTECTION
- Monitors all actions on confidential files.
- Instantly notifies admins about unauthorized data leakage.
- Ensures that no confidential data leaves the organization.
- Targeted Attacks
- Human Error
- Bluetooth
- USB Drives
- Web Email
- Cloud Storage
DATA LEAKAGE caused by:
RISKS MITIGATED
FEATURES
111
12. TERMINATOR
GATEWAY ANTIVIRUS
Scans all incoming and outgoing network traffic
at the gateway level. Augments existing virus
solutions by reducing the window of vulnerability
(WoV).
FIREWALL
Admins can permit or block access for traffic
between internal and external networks based
on enterprise compliance policies.
VIRTUAL PRIVATE NETWORK
Provides IT administrators with a means for
secure communications between the company's
remote users and for building site-to-site
connections.
IDS / IPS
Scrutinizes network traffic in real-time and
prevents a broad range of DoS and DDoS
attacks before they penetrate the network.
DoS & DDoS ATTACKS
INTERNET DOWNTIME
GATEWAY MAIL PROTECTION
Scans incoming/outgoing emails or attachments at
the gateway level to block spam and phishing
emails before they enter the network.
CONTENT FILTERING
Allows blocking of non-business related websites
including streaming media sites, downloads, instant
messaging, etc., in order to reduce unnecessary
load on enterprise bandwidth.
MALICIOUS INTERNET TRAFFIC
MALICIOUS EMAILSMAN-in-the-MIDDLE ATTACKS
ADVANCED PERSISTENT THREATS
FEATURES
RISKS MITIGATED
112
13. MDM
APPLICATION CONTROL
Apps can be remotely managed/ installed/
blocked in order to maintain policy compliance
and productivity within the network.
VIRTUAL FENCING
Preset virtual boundaries that restrict device
usage and functionality. These boundaries can
be triggered by geolocation-based, time-based
or Wi-Fi network-based data.
UNIFIED MANAGEMENT CONSOLE
Manage and synchronize all connected devices
through a centralized graphical interface.
NETWORK DATA MONITORING
Admins can view details of Internet data used
over mobile networks or Wi-Fi. They can also
monitor all incoming and outgoing calls and
SMSs on enterprise mobile devices.
DATA THEFT FROM LOST/
STOLEN MOBILE PHONES
ANTI-THEFT
Prevents misuse of lost/stolen mobile phones by
remotely tracking and locking them. Also prevents
data breach by remotely erasing the phone’s data.
INTERNET THREATS
JAILBREAKING/ ROOTING
OF MOBILE DEVICES
MALICIOUS MOBILE APPS
SECURITY MANAGEMENT
Features such as browsing protection, web
filtering, anti-theft, and geolocation tracking
ensure the safety of enterprise devices.
MOBILE MALWARE
BAD SECURITY HYGIENE
FEATURES
RISKS MITIGATED
113