By Philippe Alcoy, Security Technologies for NETSCOUT
The way in which financial institutions operate has changed dramatically due to the events of the last year and a half. The Covid-19 pandemic forced the vast majority of organisations in the industry to implement remote working measures and adapt their operation models as a result. When employees are working from home however, large swathes of private and sensitive data are left exposed to threat actors outside of the traditional perimeters, due to the data being accessed from external locations. Predictably, cybercriminals have been quick to pounce on this potentially lucrative opening.
As such, a sharp increase in Distributed Denial-of-Service (DDoS) attacks has emerged since the start of the pandemic. Evidence of this can be seen in the latest NETSCOUT Threat Intelligence Report, which highlights that threat actors launched around 5.4 million DDoS attacks globally during the first half of 2021 – an 11 percent increase from the same time frame in 2020. If this trend were to continue, we would hit nearly 11 million DDoS attacks in 2021, which would surpass the current record of 10 million attacks set last year.
When looking specifically at the financial sector, the report observed that in the first half of 2021, more than 50 percent of organisations targeted by DDoS extortion attacks were in the financial industry. This aligns with the primary target base of the Lazarus Bear Armada campaign, the group who most notably knocked the New Zealand stock exchange offline for two days in August 2020. What’s more, commercial banks and payment card processors were also targeted by threat actors, with the sector hit by more than 7,000 DDoS attacks in the first six months of 2021. Several of these attacks were successful, negatively affecting both the targeted business and downstream consumers trying to use credit cards. As credit card processors are capable of servicing more than 5,000 transactions per second, even a minute’s worth of downtime can lead to millions of pounds in lost revenue, while also having a negative impact on the company’s reputation.
What has caused this rise in DDoS attacks?
There are a number of different factors that have led to the increase in DDoS attacks. Firstly, many internet users are not sufficiently protected against cyberattacks when working away from the office. This is due to the fact that the enterprise-grade security systems used at most external locations do not prevent DDoS attacks. Subsequently, there has been a rise in incidents, such as the Lazarus Bear Armada DDoS extortion attacks, with the threat actors behind these attacks targeting Virtual Private Network (VPN) concentrators.
Further to this, cybercriminals have come to the realisation that instead of disrupting 10-20 percent of a business’s workforce, as was the case when employees were working from the office, they can now play havoc with an entire organisation with employees working remotely. What’s more, threat actors have been able to exploit the vulnerabilities caused by the significant increase in internet usage during the last 18 months. As more people are online than ever before, attackers have an opportunity to launch more damaging attacks.
Finally, attackers have taken advantage of the current circumstances. With the continued reliance on remote working, cybercriminals have displayed their opportunistic nature. Having observed the importance of online infrastructure in terms of keeping businesses in operation and remote workforces connected, threat actors have launched an increased number of attacks against the internet publishing and broadcasting industry. In fact, this sector, which includes companies like Zoom, Microsoft Teams and other video conferencing applications used for business meetings and training, was among the most attacked in the first half of 2021. As such, organisations in the financial sector have been heavily impacted by this as they rely on these applications to communicate with one another, especially when working remotely. Overall, these factors indicate the vital role played by the pandemic in leading to the increase in DDoS attacks.
Why it is vital to develop secure DDoS defence systems
Although it is impossible to predict what will happen in the future, DDoS attack rates are showing no signs of significantly slowing down. Therefore, organisations operating in the financial sector are still in danger of being on the receiving end of a damaging attack. Additionally, the damage that DDoS attacks can do from a monetary perspective is considerable. NETSCOUT’s latest Worldwide Infrastructure Security Report observed that downtime associated with internet service outages caused by DDoS attacks cost organisations $221,836.80. As such, businesses must create strategies capable of combatting these attacks, in addition to having an effective DDoS defence system in place.
In order to address this ongoing threat, it is vital for businesses in the finance industry to invest in a DDoS protection system that is both strong and effective. A system like this is capable of defending an organisation’s public-facing online infrastructure from DDoS attacks. This will give businesses peace of mind should they be on the receiving end of a DDoS attack, as well as full confidence in the system they’re deploying. If an organisation has proactively secured its system with a powerful DDoS mitigation solution, then the damage inflicted by a DDoS attack should be limited.
It is also necessary for financial institutions to test their DDoS mitigation system periodically. By doing this, organisations ensure that changes made to their online systems are included in the comprehensive defence plan, protecting the entirety of the online infrastructure from DDoS attacks. Furthermore, businesses should consider employing an on-demand DDoS attack expert. Through the use of a DDoS expert, organisations can navigate unfamiliar terrain and circumstances, which can be extremely beneficial for the team and the entire company.
As threats become increasingly sophisticated and DDoS attacks continue to evolve and become more complex, it is vital for organisations in the financial sector to keep on investing in appropriate security. Through the implementation of robust preventative measures, these businesses will be in a position of strength when it comes to protecting themselves from the cyberthreats that have emerged as a result of the new business normal.
HOW CAN BUSINESSES BREAK INTO MARKETS BEYOND THE EU?
Atul Bhakta, CEO of One World Express
The build-up and aftermath of Brexit impeded the long-term plans of businesses both in the UK, and of EU businesses trading to the UK. The heavily protracted negotiations induced a culture of uncertainty in business, with few able to adequately prepare for all the future trading landscapes left on the table.
Once a deal was struck, with just one week before the Brexit deadline of 31st January 2020, organisations were then left scrambling to improvise new processes to translate their operations to the new systems and avoid spiralling costs, shipping delays, and various other disruptions.
As a result, businesses both here and in the EU saw a substantial trading slowdown in the months following Brexit, with new rules on customs checks, lengthy tailbacks at ports, denser and knottier administrative rules and new limitations on visas for the workforce all contributing to a tense trading relationship.
Indeed, the Office of National Statistics (ONS) figures revealed a precipitous drop in trading immediately after Brexit, with UK exports to the continent plummeting 40.7% year on year to January 2021.
This is a striking decline, given the historically close economic and cultural ties between the UK and EU. Inevitably, this caused a lull in long-term confidence amongst UK businesses. Indeed, a previous study conducted by One World Express in January 2021 found that 25% of UK companies doubted that they would last until the end of the year.
Of course, Brexit is even now not a finalised issue – it will shift and evolve in significance and relevance as time passes and economies reshape; but the loss of confidence for businesses in UK-EU trade has been a tangible impact within the first year.
Accordingly, some organisations have begun exploring the scope for expansion into territories beyond the EU.
New opportunities attracting attention
As noted, the UK’s trade with the EU saw a sharp decline immediately following the formalisation of Brexit. While this decline has recovered steadily over the year, there has been an equally impressive parallel forming, as non-EU trade has remained mostly stable throughout.
Of course, UK imports from global markets have always remained at high levels, and when considering business growth and the economy as a whole, outward trade holds a heightened significance. On the export side of matters, ONS figures suggest that UK exports outside of the EU increased by 1.7% year-on-year to January 2021.
While a very modest increase, such figures indicate that international expansion could carry promise for business leaders, and hint at potentially lucrative opportunities within non-EU markets.
As 2021 progressed, it became evident that UK businesses’ appetite to explore opportunities further afield had grown. To take in the views of decision-makers, One World Express commissioned an independent survey of 752 business leaders in the UK, finding that 61% were either already operating abroad in some capacity, or had plans to expand into new territories over the coming year. More than six in ten (62%) reported Brexit as a key motivator in their decision to diversify beyond trading with the EU.
There was also some evidence that these plans were not solely in pursuit of the gains of modest uplifts in trade with non-EU countries. The survey found that more than two thirds (68%) of exporters had observed increased overseas demand for their products in the previous year, while 63% felt that markets outside of the EU were more willing to pay a premium for British-made goods.
The role of ‘Brand UK’ is significant here. For many years, products made in the UK have benefitted from the country’s reputation for high quality production and excellent service, which has driven a consistent rise in demand as emerging markets with high levels of consumer spending, such as India or China. In turn, UK businesses have found it easier than most to gain a foothold in new markets. Indeed, the majority (67%) of exporters reported their British brand had enhanced the reputation and demand for their goods and services when targeting international consumers.
Despite this innate – and highly welcome – competitive advantage, there are a number of factors UK firms must consider before diving in to unfamiliar markets.
The importance of planning
Many would be surprised to learn that a large number of businesses look to enter new markets with minimal planning in place. Notably, almost one third (32%) of exporters do not have such a strategy in place, which is likely to hamper the growth of British businesses abroad if left unaddressed. A crucial starting point for any international expansion plan lies in the research and relationship building.
Ascertaining the consumer preferences and audience behaviours in target markets, and forging appropriate connections with distributors, vendors, and ecommerce platforms, will allow firms to access consumers more easily, and in greater numbers, than marketing from scratch in unfamiliar territory. Encouragingly, according to One World Express’ research, 72% of exporters already include this in their plans.
UK organisations must also recognise the value of a robust and flexible logistics strategy. When products are being shipped to the furthest corners of the globe, there is a degree of risk if the finer details are not handled correctly. Delayed, missing, or damaged deliveries will erode consumer trust, and diminish the prospects of companies before they get off the ground. Accordingly, companies should ensure they have a transparent tracking system and efficient and user-friendly returns process. Investment in adopting the right software solutions to manage the shipping will create a streamlined and cost-effective process, affording firms the best chance at success.
Naturally, the EU will always be one of the UK’s most critical trading partners. However, as the dust settles on Brexit and the pandemic recedes into memory, the next few years present an interesting crossroads for the international prospects of UK businesses. With a tranche of new free trade agreements arriving in the near future, and international demand for Brand UK going from strength to strength, the scope for expansion into unfamiliar markets is growing apace. Provided business leaders get the finer details right, the rewards for bold investment in expansion could help charge a boom in the UK exports sector.
WHAT FIREFIGHTERS CAN TEACH FINANCIAL INSTITUTIONS ABOUT DATA COLLABORATION
Gabriele Albarosa, CEO, LiveDataset
Digital transformation can be difficult for any business, but in the financial services industry it can prove especially tricky. Replacing manual data processes is a big step, but in an industry so heavily regulated and audited, cohesive and comprehensive transformation is crucial.
Today, the challenge is no longer in convincing financial services organisations that they need to transform their processes and tasks; the vast majority understand the benefits of automating and streamlining their financial processes.
Instead, it’s about instilling the message that there is more to transformation than ripping out and replacing outdated technologies. A good financial transformation strategy must also take into account how these technologies are implemented, ensuring they integrate into an organisation’s culture, connect data and guarantee compliance, without completely demolishing the custom processes that employees want to use.
Little Fires Everywhere
While business transformation offers long-term benefits throughout an organisation, individual departments are often loathe to abandon the bespoke processes that facilitate day-to-day operations. Many organisations feel under pressure to transform quickly, and subsequently focus on how to get their employees onboard with a new solution rather than integrating every minute component of the old.
As a result, digital transformation efforts tend to bypass these disparate components, leaving small, potentially non-compliant hazards smouldering like little fires across an organisation.
These “little fires” don’t immediately represent a threat to business operations, but the lack of quality control, integration, and visibility of these manual workflows, means they’re inherently high-risk.
When a pressure situation hits the organisation, like a surprise audit, legal proceedings or new reporting demands, these processes become a highly combustible cocktail for non-compliance, lost data and human error.
Tackling the flames
Organisations need to tackle these little fires early on, rather than sitting back and hoping they will burn themselves out. But how can they be dealt with?
If you think of these small, unregistered processes as little fires, then your team needs to think like a firefighter — being fast, agile, flexible, and well-prepared for potential risks.
So how can CFOs, CXOs and Chief Transformation Officers bring this strategy to life?
- Be fast — don’t wait around for largescale digital transformation
There’s a common misconception amongst financial service organisations that before facing the issue, you need to wait until an overhaul of department processes or an in-depth audit. This could leave you waiting years for a solution that needs to be implemented in weeks, putting your department at risk.
Organisations must act with speed and address the issue head-on as soon as it has been spotted. Businesses don’t need to wait for largescale transformation; temporary or even permanent solutions do exist and can be tailored and installed immediately — targeting the issue before it becomes a bigger problem.
In my own business, we recommend a three 3-step approach to tackle these issue quickly: First, listening to an organisation’s business challenges to locate the most pressing fire. Second, build a working example for business leaders and decision-makers to evaluate. Finally, follow up with real-time collaboration to ensure that wider company processes don’t cause similar problems in future.
- Be agile and flexible — look for customisable solution that evolve over time
Organisations are ever-evolving, and so are the problems they face. However, some financial services organisations see the answer to these problems as a one-time, short-term fix. Working to put out these fires at speed shouldn’t stop organisations from considering how to prevent and deal with future ones. That’s why businesses run fire drills!
Financial organisations need forward-thinking systems that will work now and in the future, whenever they face their next data collaboration crisis. The ability to act in an agile way is fundamental to this sort of futureproofing.
Agile, flexible solutions will enable organisations to fight multiple fires, with the same systems, as time goes on. A one-size-fits-all approach won’t work here. Putting one fire to rest won’t prevent more from happening, and not all fires are the same (just try throwing water on a chip pan fire!) Every organisation has distinct needs and that means customised solutions.
- Be prepared — implement solutions before disruption occurs
To understand their weakness and subsequently prevent fires, financial service organisations must encourage employees across departments to hold an ethos of self-improvement. Preparation is key to success.
That means establishing a comprehensive understanding of the day-to-day routines of employees at all levels. It’s in habit and routine (one-off processes, keeping data on email, spreadsheets as systems, etc) where financial fire hazards thrive.
If new, more compliant technologies are to be installed, they cannot dismantle these existing routines. Flexible data collaboration solutions are needed that perfectly match the existing way of working. Achieving the goals of transformation without any of the disruption.
HOW ARE SPEECH RECOGNITION AND AI FIGHTING FRAUD?
Nigel Cannings is the founder of Intelligent Voice Speech recognition and AI provide innovative methods for businesses to significantly...
HOW CAN BUSINESSES BREAK INTO MARKETS BEYOND THE EU?
Atul Bhakta, CEO of One World Express The build-up and aftermath of Brexit impeded the long-term plans of businesses...
BUSINESS DEVELOPMENT + MARKETING + COMMUNICATIONS
Volante Technologies Recognized as Market Leader in Omdia Universe: Selecting a Payment Hub, 2021-22 Report Cloud payments company scores highest...
2022: A FUTURE FOR SIMPLE AND FRICTIONLESS CROSS-BORDER PAYMENTS
Dima Kats, CEO, Clear Junction Even after 18 months of stuttered lockdowns, businesses are still learning how to navigate...
CHRISTMAS IS COMING: WHAT MAKES A GREAT ECOMMERCE STRATEGY FOR THE FESTIVE SEASON?
By Laura Lough, Director of Ecommerce Operations at Digital River There is no doubt the year 2020 presented an...
IS THERE A CASE FOR APPOINTING A DIGITAL TRANSFORMATION OFFICER?
Stefano Maifreni, founder of Eggcelerate You can tell the business world’s direction by the new roles that start to...
WHAT FIREFIGHTERS CAN TEACH FINANCIAL INSTITUTIONS ABOUT DATA COLLABORATION
Gabriele Albarosa, CEO, LiveDataset Digital transformation can be difficult for any business, but in the financial services industry it...
HIDDEN COSTS WHEN INVESTING… AND HOW NOT TO GET HIT
By Annie Charalambous, Head of Communications at ETX Capital According to recent figures, Brits plan to increase their investments by almost...
INSURANCE TRENDS 2022
The Insurance market will continue to grow in maturity based on the richness of solutions by InsurTech In 2022, we’re...
ARTERIA AI SET TO ACQUIRE H4’S FINANCIAL SERVICES BUSINESS ASSETS
H4 Chairman and Co-founder Joe Seifert to join Arteria AI as senior advisor Arteria AI, an award-winning global leader...
PAYNET PARTNERS WITH CLEAR JUNCTION TO FACILITATE CROSS-BORDER PAYMENT SERVICES
Clear Junction announces new partnership with Paynet The partnership helps Paynet provide remittance services to typically underserved communities Clear...
GAME CHANGING: WORLD’S FIRST ON MOBILE DEVICE NEURAL TEXT-TO-SPEECH SYSTEM RELEASED BY CEREPROC
CereProc has today launched the world’s first on mobile device neural Text-to-Speech (TTS) system commercially available for Android and iOS operating...
VIRGIN MONEY ADDS ACCELERATED PAYMENTS TO ITS FINTECH PARTNERSHIPS
An Invoice Finance provider addressing cash flow issues in business Partnership forms part of Virgin Money’s working capital health proposition Virgin Money...
B4B PAYMENTS PARTNERS WITH SENTINELS TO SUPPORT ANTI-MONEY LAUNDERING COMPLIANCE ACROSS EUROPEAN MARKETS
Sentinels’ risk-based model boosts accurate detection rates and provides flexibility to monitor transactions across all B4B Payments’ solutions Sentinels, Europe’s leading...
EPI: HOW TO BUILD TRUST AND ADOPTION AMONG CONSUMERS AND MERCHANTS
By Arnaud Crouzet, VP Security & Consulting at Fime What is EPI? The European Payments Initiative (EPI) is aiming...
BATON SYSTEMS 2022 OUTLOOK
Responses provided by Jerome Kemp, President, Baton Systems Q. Organisations are forecast to spend nearly $6.6 billion on blockchain...
WHY THE EXPLOSION IN LOCAL RETAIL DEMANDS NEW PAYMENT METHODS
Kasper Enggaard Krog, CEO at mobile payment and business technology firm, Vibrant, explains why micro businesses are being badly let...
IS SCARCITY OF TALENT THREATENING THE UK’S FINTECH CROWN?
Opinion From Rafa Plantier, Head of UK and Ireland at Tink From the Square Mile to Canary Wharf, London...
SET YOUR BUSINESS UP FOR SALES SUCCESS IN A POST-PANDEMIC WORLD
Dean Fiveash, Head of FinTech Sales, IFX Without doubt the Coronavirus pandemic impacted every aspect of our lives and fundamentally...
THE EVOLVING TECHNOLOGY NEEDS OF THE FINANCE DEPARTMENT
Jennifer Sims, Senior Consultant at Xledger The world of finance software is evolving quickly, but with many new software...