Know the Types of Cyber Threats.
Dr. Atif Ali
Book Author, CRC Press/ Taylor & Francis London | Writer | Researcher | IT Consultant | AI/ML Expert | Platform Manager | QA
Learn about the most common cybersecurity threats and tips to prevent them at your financial institution.
?
Cyber threats change at a rapid pace. Tactics and attack methods are changing and improving daily.
Cybercriminals access a computer or network server to cause harm using several paths, which are also called attack vectors.
Common ways to gain access to a computer or network include:
The Division of Banks (DOB) encourages all financial institutions and non-depository financial institutions to develop detailed cybersecurity policies to deter attacks.
Types of cyber threats your institution should be aware of include:
Malware
Malware is also known as malicious code or malicious software. Malware is a program inserted into a system to compromise the confidentiality, integrity, or availability of data. It is done secretly and can affect your data, applications, or operating system. Malware has become one of the most significant external threat to systems. Malware can cause?widespread damage and disruption, and requires huge efforts within most organizations.
Spyware, a malware intended to violate privacy, has also become a major concern to organizations. Although privacy-violating malware has been in use for many years, it has become much more common recently. Spyware invades many systems to track personal activities and conduct financial fraud.
Organizations also face similar threats from several forms of non-malware threats. These forms of cyber threats are often associated with malware. A more common form is phishing. Phishing involves tricking individuals into revealing sensitive or personal information.
Tips for preventing Malware from the?National Institute of Standards and Technology (NIST) Guide to Malware Incident Prevention and Handling:
Ransomware
Ransomware prevents or limits users from accessing their system via malware. Ransomware asks you to pay a ransom using online payment methods to regain access to your system or data. Online payment methods usually include virtual currencies such as bitcoins.?Ransomware is one of the most widely used methods of attacks.
Ransomware enters computer networks and encrypts files using public-key encryption. Unlike other malware, this encryption key stays on the cyber criminal’s server. Cyber criminals will request ransom for this private key.?Cyber criminals are using encryption as a weapon to hold the data hostage.
领英推荐
Ransomware is hard to detect before it’s too late, and ransomware techniques continue to evolve. Because of this, your institution should focus on prevention efforts. Prevention efforts include training for employees and strong information security controls.
The DOB recommends developing strong business continuity plans and incident response plans. Plan development may?help in the event of a ransomware attack.
Distributed Denial of Service (DDoS) Attacks
DDoS attacks make an online service unavailable by overwhelming it with excessive traffic from many locations and sources. Website response time slows down, preventing access during a DDoS?attack. Cybercriminals develop large networks of infected computers called Botnets by planting malware. A DDoS attack may not be the primary cybercrime. The attacks often create a distraction while other types of fraud and cyber intrusion are attempted.
The?Federal Financial Institutions Examination Council (FFIEC) issued a?joint statement on?DDoS attacks, risk mitigation, and additional resources.
Spam & Phishing
Spam includes unwanted, unsolicited, or undesirable messages and emails. Phishing is a form of social engineering, including attempts to get sensitive information. Phishing attempts will appear to be from a trustworthy person or business.
Cybercriminals pretend to be official representatives, sending you an email or message with a warning about your account information. The message will often ask for a response by following a link to a fake website or email address where you will provide confidential information. The format of the message will typically appear legitimate using proper logos and names. Any information entered into the fake link goes to the cyber-criminal.
The FBI developed?tips for preventing phishing attacks.
Corporate Account Takeover (CATO)
CATO is a business entity theft where cyber thieves impersonate the business and send unauthorized wire and ACH transactions.? The unauthorized funds are sent to accounts controlled by the cyber-criminal.
Many businesses are vulnerable to a CATO attack. Institutions with weak computer safeguards and minimal controls over online banking systems are easy targets. This form of cybercrime can result in large?losses. Cybercriminals use malware to infect a computer through e-mail, websites, or malware disguised as software.
The Conference of State Bank Supervisors (CSBS) developed a?CATO best practices document.?
Automated Teller Machine (ATM) Cash Out
ATM Cash Out is a type of large dollar-value ATM fraud. Cash-outs involve simultaneous large cash withdrawals from several ATMs in many regions. It may also include large withdrawals at one ATM.
The Cash Out attack usually affects small- to medium-sized financial institutions. It involves changing the settings on ATM web-based control panels. Cybercriminals change the ATM's dispense function control to "Unlimited Operations."?The “Unlimited Operations" setting allows withdrawal of funds over the customer's account balance or beyond the ATM’s cash limit. Stolen ATM or debit card information is often used to withdraw funds. As a result, your financial institution can suffer large dollar losses.
The DOB recommends reviewing your control over information technology networks, card issuer authorization systems, ATM parameters management systems, and fraud detection and response processes to prevent ATM Cash Out attacks.