The finance sector has long been a primary target for cybercrime, and that will not be changing any time soon; the challenge that most financial institutions face is staying one step ahead of their cyber adversaries.
A recent SWIFT Institute paper, “Forces Shaping the Cyber Threat Landscape for Financial Institutions,” published October 2nd, 2017, outlines the ways to think and look at how threats evolve, how they change and anticipated changes going down the line.
The author, William Carter, Deputy Director and Fellow, Technology Policy Program Center for Strategic and International Studies distinguishes three main categories of the forces that shape the cyber threat landscape:
- Changes in the attack surface
- Attacker incentives
- New Defenses
The thing to keep in mind with regard to these categories is that many of the forces and trends that shape the next generation of cyber threats are mostly out of your control. The implied way that financial institutions should approach their risk management strategies is to think how they can establish security practices, which improve the whole ecosystem and changes incentives for the attackers.
The increasing dangers of mobile technology
Per a report, almost half of banking customers across the planet use some form of mobile banking and the overwhelming majority of banks expect mobile to be the primary form of engagement with their customers by 2020.
What that means in terms of cybersecurity is that the market will likely get flooded with low-cost, low-security mobile devices all over the world, and those devices will be connecting to your network. This presents unprecedented challenges in the upcoming years.
Many banks are trying to solve the problem in advance by implementing two- factor authentication as their main form of security; however, the paper notes that the 2-FA solution has a single point of failure and cyber crooks are well aware of that.
With the ability to configure banking trojans to intercept software tokens and SMS verification codes, the whole concept of 2-FA seems to be doomed.
The instance illustrates a more serious problem – attackers exploiting not only the changes in the attack surface but also the way financial institutions defend themselves.
Another disturbing prospect with regard to the further cyber threats that the paper notes is the fact that online criminals are gaining the capabilities that once were reserved for the nation-states only.
A hacker group known as The Shadow Brokers came into prominence in 2016, when they leaked a bunch of advanced hacking tools from the National Security Agency, which they acquired by hacking an NSA contractor.
The public release of those highly advanced tools, which were once used only by the intelligence community, meant that even a low-level cyber crook could get a hold of them through open-source malware libraries. As of now, the line between nation-state hacking groups and organized crime is blurry at best.
The paper goes on to state what’s one of the most disturbing outcomes of the leak: “Enterprising cybercriminals have started to combine these tools into dangerous hybrids, making them more profitable and more difficult to detect and attribute.”
The level of capabilities that will be available to future cybercriminals is growing significantly and that will not be changing going forward.
Automation: a double-edged sword
Automation is another phenomenon that’s actively forming the future cyber threat landscape. With the consumer malware market and the perks of automation, even the most unsophisticated cyber crooks can't launch advanced attacks on a large number of targets all at once.
On top of that, the consumer malware market is booming, and it allows criminals to set up and launch attacks for a relatively low price (you can buy an off-the-shelf ransomware kit for a couple of hundreds of dollars), which directly contributes to the growing number of online crooks.
However, the benefits of automation are not only reserved for the offense. With the increasing usage of AI and Machine Learning, the defense systems will get better also and hopefully will level the playing field.
While the paper goes in-depth detailing other alarming prospects of future cyber threats that financial institutions will likely face, it emphasizes that the defense strategies with regard to the finance sector should focus on the ecosystem as a whole. Think about your place in the ecosystem, whether that’s mobile security, IoT security, or anything else, and make it a point to act in a broader sense of things.
Finally, stay vigilant thinking of what the next attack could be; acquire and share information, schedule pen-tests, collaborate. Though there’s always a hacker that cracks the best of systems, implementing cybersecurity practices and learning to tackle issues of that nature will help you stay as much ahead of your adversaries as possible.