Bringing a global approach to cybersecurity
Three key areas for the financial services sector this year
By Renee Tarun, Deputy CISO, Fortinet
As the unprecedented increase in cybercrime last year showed, financial services companies continue to be high-value targets for attackers. And that means we need to stay alert and focused on what’s to come in order to do everything we can to stay one step ahead of malicious actors. For those tasked with overseeing the cybersecurity of financial services organizations, here are three key areas to focus on in 2022.
Increase in cryptocurrency attacks
The growing popularity of cryptocurrency has also made it a much juicier target for cybercriminals. For example, we have seen the emergence of phishing campaigns specifically aimed at stealing cryptocurrency. One such example uses a Fake Amazon Gift Card Generator to steal cryptocurrency. This malware monitors the victim’s clipboard for wallet addresses and replaces them with the attacker’s wallet. It also uses fake documents to trick victims into possibly providing confidential information, such as credit card numbers, home addresses, and credentials for online shopping sites.
Last summer, a new phishing campaign was launched that included malware designed to steal a victim’s infected device’s crypto wallet information and credentials. ElectroRAT is another new tool targeting digital wallets. It combines social engineering with custom cryptocurrency applications and a new Remote Access Trojan (RAT) targeting multiple operating systems, including Windows, Linux, and macOS.
Additional malware designed to target stored cryptographic credentials and drain digital wallets is sure to appear this year. One of the reasons for this change is that criminals like to pick the fruits at hand. Capturing wire transfers has become increasingly difficult as organizations encrypt transactions and require multi-factor authentication. However, digital wallets tend to be less secure – and they represent a much larger market. This is essentially the difference between a digital bank robbery and a digital mugging. But while individual wallets may not pay as much, that’s likely to change as businesses increasingly start using digital wallets and currency for online transactions.
New and strengthened FTC and FDIC rules
Late last year, the Federal Trade Commission (FDIC) updated its “Backup rule” as a way to protect the American public from breaches and cyberattacks that lead to identity theft and other financial loss. FTC’s updated safeguard rule requires non-bank financial institutions — including mortgage brokers, car dealerships, and payday lenders — to develop, implement, and maintain a comprehensive security system to secure information of their customers.
The changes include more specific standards on safeguards that financial institutions must implement as part of their information security program, such as using encryption to secure data and limiting access to consumer data. Institutions must now also explain their information sharing practices, in particular the administrative, technical and physical safeguards that financial institutions use to manage secure customer information. And they will need to appoint a qualified individual to oversee their information security program and report periodically to an organization’s board of directors or a senior information security executive.
Another change to which financial institutions will need to pay particular attention this year is the new 36-hour cybersecurity breach notification effective April 1. This represents the shortest regulatory violation notification period of any law to date – and will apply to all banking organizations and banking service providers, as issued by the FDIC, the Board of Governors of the Federal Reserve and the Office of the Comptroller of the Currency.
The need for a holistic approach to security
The regulations set out above are directly related to this next point. New and increasingly destructive tactics used by malicious actors, coupled with new regulations, underscore the need for a comprehensive approach to cybersecurity.
It makes sense that most organizations use a multitude of different types of cybersecurity tools, as each tries to detect an attacker at different points in the sequence of activities the attacker uses to enter and move around the environment. computer of an organization. However, if each of these devices works independently, it takes a lot of work to manage and analyze different management consoles and analysis tools.
Simultaneously, bad actors are looking for ways to slip through the cracks between devices. With an integrated architecture approach, all devices communicate with each other and share information with common management and analysis tools. You can then close those gaps and make it that much harder for the criminals – if possible so hard that they’ll give up and look for an easier target.
In today’s threat landscape, network visibility is a necessity. Without it, you can go completely off the rails, both from a networking and security perspective. No human brain is fast enough, and no human memory is big enough to integrate the torrent of parameters in real time. You need automation and simplification so your security team can focus on what a human brain does best instead of agonizing over tasks like correlating logs from different solutions.
Your goal for the future
The financial services industry needs and wants top-notch security to protect its highly sought-after assets; the reputation and survival of an organization depend on it. The same goes for knowing what factors influence the threat landscape. In 2022, financial services companies need to keep an eye out for cryptocurrency attacks, new regulations that require certain cybersecurity measures, and an integrated and automated security strategy covering digital and physical locations. Consider these factors as you prepare for another year of ever-changing threats.
About the Author:
Renee Tarun is an Associate CISO at Fortinet. She focuses on enterprise security, compliance and governance, and product security. She also contributed to the book, The digital Big Bang. Previously, she served more than 20 years in the US government, including more than 12 years as a cybersecurity officer for the National Security Agency (NSA). Renee holds a master’s degree in administration and management of information and computer technology from the Undergraduate College of the University of Maryland. She is also a board member of George Mason University Volgenau School of Engineering. She is married and has two children.