Connect with us

Finance

CYBERTHREATS TO FINANCIAL INSTITUTIONS 2020: FORECAST

Yury Namestnikov, Head, Global Research and Analysis Team, Kaspersky

 

1. Attacks against Libra and TON/Gram

The successful launch of cryptocurrencies such as Libra and Gram might lead to the worldwide spread of this type of asset, which naturally will attract the attention of criminals. Given the serious surge in cybercriminal activity during the rapid growth of Bitcoin and altcoins in 2018, we predict that a similar situation will most likely unfold around Gram and Libra. Large players in this market should be especially careful, as there are a number of APT groups, such as WildNeutron and Lazarus, whose interests include crypto assets. They are very likely to exploit these developments.

 

2. Reselling bank access

During 2019, we witnessed cases where groups who specialise in targeted attacks on financial institutions appeared in the victims’ networks after intrusions by other groups that specialize in selling rdp/vnc access, such as FXMSP and TA505. These facts are also confirmed by underground forums and chat monitoring. In 2020, we expect an increase in the activity of groups specialising in the sale of network access in the African and Asian regions, as well as in Eastern Europe. Their prime targets are small banks, as well as financial organisations recently bought by big players who are rebuilding their cybersecurity system in accordance with the standards of their parent companies.

 

3. Ransomware attacks against banks

This forecast logically follows from the previous one. As mentioned above, small financial institutions often become the victims of opportunistic cybercriminals. If these criminals cannot resell access, or even if it becomes less likely that they will be able to withdraw money, then the most logical monetisation of such access is ransomware. Banks are among those organisations that are more likely to pay a ransom than accept the loss of data, so we expect the number of such targeted ransomware attacks to continue to rise in 2020. Another ransomware attack vector against small and medium financial institutions will be a ‘pay-per-install’ scheme. Traditional botnets will eventually turn into increasingly popular delivery mechanisms against financial institutions.

 

4. 2020: the return of custom tooling

Measures taken by antivirus products to effectively detect open source tools used for pen testing purposes, and the adoption of the latest cyberdefense technologies, will push cybercrime actors to return to custom tooling in 2020 and also invest in new Trojans and exploits.

 

5. Global expansion of mobile banking Trojans: result of leaked source

Our research and monitoring of underground forums suggests that the source code of some popular mobile banking Trojans was leaked into the public domain. Given the popularity of such Trojans, we expect a repeat of the situation when the source code of ZeuS and SpyEye Trojans were leaked: the number of attempts to attack users will increase at times, and the geography of attacks will expand to almost every country in the world.

 

6. Investment apps on the rise: new target for criminals

Mobile investment apps are becoming more popular among users around the globe. This trend won’t go unnoticed by cybercriminals in 2020. Given the popularity of some fintech companies and exchanges (for both real and virtual money), cybercriminals will realise that not all of them are prepared to deal with massive cyberattacks, as some apps still lack basic protection for customer accounts, and do not offer two-factor authentication or certificate pinning to protect app communication. Several governments are deregulating this area and new players are appearing every day, becoming popular very quickly. In fact, we have already seen attempts by cybercriminals to substitute the interfaces of these apps with their own malicious versions.

 

7. Magecarting 3.0: even more attacker groups and cloud apps to become prime targets

Over the past couple of years, JS skimming has gained immense popularity among attackers. Unfortunately, cybercriminals now have a huge attack surface that consists of vulnerable e-commerce websites and extremely cheap JS skimmer tools available for sale on various forums, starting at £150 ($200). At the moment we are able to distinguish at least 10 different actors involved in these types of attacks and we believe that their number will continue to grow during the next year. The most dangerous attacks will be on companies that provide services such as e-commerce as a service, which will lead to the compromise of thousands of companies.

 

8. Political instability leading to the spread of cybercrime in specific regions

Some countries are experiencing political and social upheaval, resulting in masses of people seeking refugee status in other countries. These waves of immigration include all sorts of people, including cybercriminals. This phenomenon will result in the spread of geographically localised attacks in countries that have not previously been affected by them.

 

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Finance

HOW ENTERPRISE INFORMATION MANAGEMENT, CLOUD AND ANALYTICS WILL IMPACT FINANCIAL SERVICES IN 2020

Richard Mill, director at Business Systems (UK) Ltd

 

Business Systems’ Will Davenport on which drivers of change will most affect the financial services sector in 2020

 

Recent multi-million pound fines levied on financial services firms such as Tullet Prebon have acted as a wake-up call to City CIOs. That’s because the FCA now includes Voice as a record medium, and is no longer prepared to tolerate delays in locating conversations it is examining.

 

As a direct result, we will witness the formal incorporation of Voice as a peer form of information storage to email, text or internal documentation. That’s not happened to date as it’s historically been an unstructured and fairly unwieldy medium, but modern technology is completely changing that picture.

 

Richard Mill

City firms are starting to manage all their various data assets by using an EIM (Enterprise Information Management) approach. This is a discipline centred on being able to integrate all your data into one structure and applying the right archiving and retrieval workflows across everything you do: we therefore anticipate a great deal of interest in audio-enabled EIM project work in 2020.

 

Cloud sweeps all before it

 

In 2020, the cloud tide will be unstoppable. That’s partly because people are used to accessing applications in the cloud or storing data there, but there’s now going to be a push to use cloud as a way to centralise the bank’s IT systems. The argument as to whether the cloud is insecure has long been settled with City CIOs judging cloud as often safer than their existing on-premise solution.

 

As a result, there’s no reason to continue paying for expensive hardware that requires tending, patching and upgrading. In 2020, look for cloud trading turrets with the back-end being remote and offering porting of voice records into the cloud. That latter step may be a challenge for financial services firms with multiple and legacy voice recording platforms in place, so the cloud move may lead to overdue rationalisation and integration projects.

 

Ultimately, the cloud represents a whole new approach to consuming IT and building apps in the Square Mile. Financial services firms are frustrated with devoting too much resource to old mainframe systems when they would like the modern technology infrastructure in place to support them to be more agile. Cloud will be very liberating for the sector.

 

Strong analytics user cases emerge

 

Analytics technology has evolved and what used to be referred to as dumb data is now a source of business intelligence. Useful data hidden in audio files that used to be discoverable through hours of transcription can now be processed in modern speech analytics systems — making what was originally inert, unstructured data become structured data, which can be easily queried in order to spot patterns and find interesting anomalies.

 

I predict that in the new decade using speech analytics financial services firms will finally gain a richer understanding of what their customers ask for and find problematic, as data mining probes can be run over a vast set of customer interactions.

 

It will mean trading floor managers will have even better detection and forensic tools at their disposal to understand what’s happening, which will be a win-win for customer and regulator alike.

 

In 2020, Voice will be seen an important strategic asset for the financial services firm CIO.

 

Continue Reading

Finance

WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?

By Ken Timsit, ConsenSys

 

Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting experiments aimed at determining whether networks based on blockchain technology can ultimately – in whole or in part – replace the infrastructure on which financial institutions and capital markets are built.

 

In today’s electronic databases, any information can theoretically be replicated at will. This is why most governments allow only regulated actors to keep records of digitized assets (banks, depositories), to avoid pitfalls such as the execution of misleading transactions or the creation of artificial assets. With blockchain, these pitfalls can be avoided at the source code of the technology, which is available to all members of the network. The creation of Ethereum enabled a more robust blockchain network capable of “smart contracts”, which once programmed, can run automatically without the results being modified or manipulated.

 

Contrary to what some critics argue, the potential of the blockchain is not the creation of a free and unregulated space in which everyone can invent new financial instruments. Rather, the potential lies in creating a much more efficient and globalized commercial and financial infrastructure, in which many layers of control and intermediation are no longer needed as they are replaced by transparent and immutable IT rules that ensure the same risk management functions.

 

For example, bonds are essential financial instruments on which a large part of our economy and savings are based. The issue and exchange of a bond requires the intervention of several dozen financial institutions (issuers, intermediaries and investors). Some regulated players in this intermediary chain exist mainly to ensure that it is possible to know, at any time, who holds each bond, in order to guarantee their rights to its bearers.

 

It is theoretically possible to simplify these stacks of operators by linking them to a global blockchain network, open to all stakeholders in the industry. The blockchain network can thus ensure at any time that the number of outstanding bonds corresponds exactly to the number of bonds issued, and that each exchange transaction is carried out without the risk of default.

 

The blockchain revolution is first and foremost the reduction of costs and delays caused by the current financial infrastructure. The blockchain revolution also creates innovation opportunities for consumers, savers, and investors.

 

 

The Web3 revolution, often used to refer to the blockchain revolution, will be driven by the reduction in transaction costs, allowing the emergence of new peer-to-peer business models that we are not yet able to accurately predict, but which will probably participate in a rebalancing of the relationships between financial institutions and their clients. Some international peer-to-peer payment and loan-to-peer savings investment models are already attracting increasing interest from the most sophisticated consumers.

 

Where are we in 2020?

Today, the blockchain revolution is still in its infancy. Transaction volumes through blockchain networks, public and private, are low compared to those of existing systems. The fixed costs of the technology are still relatively high, and the user experience leaves something to be desired.

 

However, innovations abound. It is already possible for me, from my smartphone, to buy digital assets whose value is equal to about one US dollar, and to lend them in three clicks to other users who will pay me between 1% and 10% per year for this service, depending on the type of platform.

 

The number of large operational business projects is still small, but very promising. Numerous international commodity trading players have joined forces to create Vakt and komgo, two platforms that contribute to a significant simplification of trade and oil financing. Similar and competing projects, Voltron and Marco Polo, are being launched. On the corporate side, the Capbridge 1x platform (Singapore) already allows shares to be traded on an Ethereum blockchain network. Other important projects such as LiquidShare (France), SIX Digital Exchange (Switzerland), Daura (with Deutsche Borse and Swisscom in Switzerland), Synapse (Hong Kong Stock Exchange) are in preparation. The World Bank, Société Générale and Santander have issued bonds on an Ethereum blockchain network. These initiatives are still experimental but have attracted significant interest from financial institutions around the world.

 

And of course, many projects aim to revolutionize global payments by creating digital assets on blockchain networks that are fixed in Euros, U.S. Dollars or other currencies, such as those of the Monetary Authority of Singapore, the South African Reserve Bank, and Union Bank of the Philippines. Since the announcement of the Facebook-initiated Libra project, many governments have expressed concern about the possibility of private companies controlling global payment flows, and have asked their domestic financial institutions to redouble their efforts to explore competing initiatives.

 

All of this is to say that adoption is happening, albeit gradually. The middlemen and intermediaries of the financial world will not be replaced overnight. Moreover, the exact formation or architecture of the new financial system is impossible to predict with accuracy. However, it’s safe to say that blockchain will enable a financial system that is more efficient and yields more value-add to consumers, users, and investors.

 

Continue Reading

Magazine

Partner Events

Trending

Finance23 hours ago

HOW ENTERPRISE INFORMATION MANAGEMENT, CLOUD AND ANALYTICS WILL IMPACT FINANCIAL SERVICES IN 2020

Richard Mill, director at Business Systems (UK) Ltd   Business Systems’ Will Davenport on which drivers of change will most...

News23 hours ago

CAPITAL MARKETS PARTICIPANTS HAVE HIT A WALL WITH COMPLIANCE, NEW INTERNATIONAL STUDY FINDS

The research suggests that many broker-dealers and other trading entities have come to a fork in the road, where they...

Banking4 days ago

BANKS UNDER ATTACK: HOW FINANCIAL INSTITUTIONS CAN PROTECT DIGITAL GROWTH

By Victor Acin, Threat Intelligence Analyst, Blueliv   Financial services firms are increasingly being told to embrace disruption in order...

Banking4 days ago

THE ROLE OF NEW TECHNOLOGY IN DEVELOPMENT OF MYANMAR’S BANKING INDUSTRY

U Htoo Htet Tay Za, Managing Director, AGD Bank   Myanmar’s economy is one of the fastest growing in Asia...

Business4 days ago

WHY 2020 IS THE RIGHT TIME FOR FS MODERNISATION

Chris McLaughlin is chief product and marketing officer at Nuxeo   Few would argue against the notion that the UK...

Top Stories4 days ago

WHAT DOES 2020 LOOK LIKE FOR P2P LENDING?

By Roberts Lasovskis, Investment Platform Lead, TWINO   It’s a new year; time for resolutions and forward planning, positivity and...

Business5 days ago

WHY MAKING MONEY ON YOUR MOBILE IS EASIER THAN YOU MIGHT THINK

Aaron Brooks, Co-Founder of  Vamp   For Millennials and Generation Z, becoming a social media influencer is an increasingly desired...

Interviews5 days ago

DIFFERENTIATION – THE KEY TO THRIVING IN A SATURATED MARKET

Graham Glass, CEO of Cypher Learning   What has enabled Cypher to continue to grow in an increasingly saturated market?...

Finance5 days ago

WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?

By Ken Timsit, ConsenSys   Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting...

Banking5 days ago

FIVE FINANCIAL SERVICES TRENDS FOR 2020: BIGTECHS SWOOP IN, BANKS GO ON THE OFFENSIVE AND CRYPTOCURRENCY STALLS

Rahul Singh, president of financial services at HCL Technologies   We’ve just finished a very exciting decade in financial services, with new...

Wealth Management5 days ago

COMBATING INSURANCE FRAUD WITH MACHINE LEARNING

By Georgios Kapetanvasileiou, Analytical Consultant at SAS   Most insurance companies depend on human expertise and business rules-based software to...

Business5 days ago

DELIVERING SUCCESSFUL IT SYSTEMS THROUGH THE POWER OF PARTNERSHIPS

By Mike Smith, Executive Director, Virgin Media Business (Direct)   Is there anything more frustrating than finding out your bank account...

News5 days ago

BATTLEFACE RECEIVES INVESTMENT FROM FINTECH VENTURES FUND

battleface Inc., a rapidly growing tech-enabled insurance startup focused on providing travel insurance products for unconventional travellers worldwide, announced today...

News5 days ago

VANQUIS BANK PARTNERS WITH HOOYUTO DIGITALISE KYC PROCESSES

HooYu KYC digital journey deployed during the customer lifecycle on a risk-based approach   Leading customer onboarding and KYC technology...

Banking5 days ago

WHY NEOBANKS ARE ON THE RISE IN THE UK

New research by SmallBusinessPrices.co.uk analyses how neobanks are on the rise and why they’re so popular amongst consumers compared to...

Finance7 days ago

RECOLLECTING 2019 CRYPTOCURRENCY TRENDS & LOOKING FORWARD TO 2020

Marie Tatibouet is the CMO at Gate.io   It has been a bold and progressive year for the digital asset...

Banking1 week ago

WILL HONG KONG REMAIN THE JURISDICTION OF CHOICE FOR OFFSHORE BANKING?

Hong Kong has traditionally been seen as a tax haven and the financial hub of Asia, if not the world....

Technology1 week ago

HOW CHARITIES CAN MEET TOMORROW’S DIGITAL CHALLENGES?

By Steve Georgiou, Business Consultant at Xpedition    Charities are under constant scrutiny for how they handle their finances. Budgets...

Business1 week ago

RECALL YOUR REPUTATION: HOW TO HANDLE PRODUCT RECALLS

By Alex Balcombe, Partner at Harris Balcombe   John Lewis, Tesco, and Hotpoint have all been in the news in...

Business1 week ago

THE WORLD’S MOST ENTREPRENEURIAL COUNTRIES PERFECT TO START A BUSINESS IN

Latona’s has analysed The Global Entrepreneur Monitor data to reveal the world’s most entrepreneurial nation. Analysing each country by a...

Trending