A bank Information Security Officer (ISO) faces more challenges now than ever. As the cyber threat landscape continues to evolve, ISOs must stay abreast of current threats to maintain environment security. Let’s look at some currently exploited risks to see what an ISO can do about them.
Evolution of the Cyber Landscape
COVID-19 reshaped many aspects of the banking business, including how people access their bank accounts, complete transactions, and open and close accounts. This shifting demand was sudden and stretched banks’ virtual resources regarding online platforms as value-added features, rather than a primary account access method. As the pandemic grew, an unprecedented number of customers began to use online tools.
This uptake of online service use presented challenges to ISOs worldwide. Service issues like crashing and overloaded online platforms may have been predictable and rectified, but other emerging threats were harder to foresee. Spear-phishing campaigns rose sharply during the first waves of shelter-in-place mandates, as did VoIP and SMS attacks. With the quick transfer to online services, bad actors took advantage of the confusion to steal information, hack systems, and take over accounts. ISOs could not have predicted all the new pandemic-related threat vectors.
Advanced Persistent Threats
Advanced Persistent Threats (APTs) are the go-to strategy for criminals who exploit systems for financial gain. ISOs can guard against APTs by knowing how they work and stopping them before they start. APT attacks are multi-phase, usually long-term, and sophisticated. They begin with perimeter scanning to detect exploitable firewall or website weaknesses. If they find a vulnerability, the bad actor can use it to enter the system. If there is no technical weakness, they use social engineering to establish a foothold. Once inside the network, the APT actor installs malware that allows them persistent reentry.
APT actors then install monitoring tools to look for weaknesses in the network and steal credentials that allow lateral movement toward the most sensitive data. Once this data is exposed, APT actors strike and either exfiltrate the data or encrypt it with ransomware. APT attacks follow basic formulas. Interrupting the method can help ISOs significantly reduce the likelihood of APT exploitation.
IoT Devices as Attack Vendor
Another cybercriminal strategy involves the use of IoT devices as attack vendors.
While the newest Internet of Things (IoT) device coming to market may not be an ISO’s primary worry, there are reasons to pay attention to IoT development. As virtual assistants like Siri, Alexa, and Google Assistant get access to banking details, shopping details, and other personal data, the ISO needs to consider how it will be protected or exploited. To understand IoT device risks, security expert Kaspersky deployed over 50 honeypots worldwide. These honeypots detected more than 105 million attacks originating with 276,000 unique IP addresses in the first half of 2019 alone. These numbers represent an increase from 2018’s 12 million attacks, from only 69,000 IP addresses.
Cloud environments like Azure and AWS, and the shared services models they represent, pose potential threat vectors as multi-tenant environments support IoT devices used by customers. With all these risk vectors to consider, how can the modern ISO rise to the challenge and ensure security maturity will follow the threats?
Critical infrastructure security tools can reduce IT security challenges by hardening the network against critical weak spots.
Hypori’s Virtual Mobility solution is the advanced security option that ISOs should consider to protect against the most significant threat vectors. By isolating the data used to increase attacks on the home network, Hypori eliminates the most common compromise of the corporate system, people. Taking user error and misuse out of the equation reduces exploitation by emerging threats, APTs, and IoT proliferation. Hypori delivers a highly secure, centrally managed virtual mobile infrastructure that maintains 100% separation of employee devices and network data, ensuring a truly secure Enterprise Mobility Solution.