Reducing the Vulnerability Threshold in Financial Services
Over the past year, attacks have soared in the financial industry. What's the best IT management strategy to defend your business?
Attacks on the Rise
Since COVID-19 appeared, the number of ransomware and phishing attacks has soared. The FBI reports that such attacks spiked by 300% since the pandemic began.
Tens of thousands of new malware threats are being unleashed every day. This is currently costing more than $3 trillion a year and that amount is expected to double in 2021, according to the Cybercrime Report published by Cybersecurity Ventures. The biggest haul comes from the financial services sector.
Here are the primary vulnerabilities and attack vectors that are impacting financial services.
The Securities and Exchange Commission issued a warning in the summer of 2020 about a rise in ransomware attacks on financial firms. Once the bad guys gain entry to the network, they unleash ransomware that shut down access to financial records and other systems. As well as large banks, such attacks have enjoyed success with broker-dealers, investment companies, and ATM manufacturers.
If a recent, uncompromised backup (one that has been verified as not containing ransomware) is available, it is possible to avoid paying the ransom by painstakingly recovering all systems and data. But with huge amounts of revenue at stake every hour, some may find it expedient to pay the ransom. The risk, of course, is that the criminals may retain some means of backdoor into the system or want more money once the initial payment is made. That’s why the FBI advises non-payment.
Phishing plays into the gullibility of users. One common tactic is to latch onto topical items and current news. Phishing emails related to COVID-19 and stimulus checks have enjoyed some success over the past year.
In financial services, cybercriminals hijack corporate logos and use email addresses almost identical to those used by major firms. By changing one letter or number in an address, users can be fooled into clicking on a malicious link or attachment. All it takes is one foolish or inattentive person and the system is compromised.
According to Statistica, financial services accounts for about 20% of all phishing traffic. The lure of money and investments makes it an ideal target for scammers. The solution is for IT to be vigilant for new phishing scams, provide users with alerts, constantly educate users on social engineering tactics and scams, and provide good vulnerability scanning to detect unusual traffic, strange behavior at certain ports, and other signs of a breach.
3. Unpatched Vulnerabilities
As shocking as it may seem, most breaches take advantage of known vulnerabilities. In many cases, the patch has been available for months but never implemented. Unpatched systems are an open invitation to cybercriminals to come on inside and wreak havoc.
Recently unearthed vulnerabilities such as those impacting SolarWinds and Microsoft Exchange generate all the headlines. Yet despite the publicity, many companies fail to patch these known security holes in a timely manner. Sometimes months can go by – or even years.
Case in point. A memory corruption vulnerability in Microsoft Office had an approved patch issued in 2017 yet it is still exploited by cybercriminals. The Department of Homeland Security listed it as one of the three most commonly used vectors by nation-state hackers.
How to Step Up Your Patching Strategy
Clearly, IT departments need to up their game on patch management. Long delays in testing patches must be eliminated. There is no longer any time to manually implement patches, and, in general, regard patching as a chore rather than an integral component of the security perimeter. The solution is intelligent automation built into patch management to eliminate the drudgery.
Syxsense Secure is a patch management platform that includes IT management and vulnerability scanning in one console. It not only shows you what’s wrong, but also deploys the solution. Gain visibility into OS and third-party vulnerabilities like defects, errors, or misconfigurations of components, while increasing cyber resilience with automated patching and security scans.
Start Your Free Trial of Syxsense
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.