Connect with us

Technology

How to future proof the financial industry against cyberattacks

Published

on

Moshe Hayun, threat intelligence team leader at Deep Instinct 

 

The financial industry is the backbone of an economy- more specifically it is the building block of a digital economy. Offering a broad number of services to billions of users across the globe, including banking, loan, consultancy, and investment, the nature of modern finance provides consumers and businesses with endless opportunities.

However, the amount of data held in these organisations is why the financial industry has historically been one of the most popular domains for cybercriminals, as they typically have a larger attack surface to exploit. Consumers trust these organisations with some of their most private information, and the potential threat of leaking this data, and the subsequent consequences, can be a nightmare for financial institutions.

In 2021, banking institutions alone saw a 1318% increase in ransomware attacks with the average cost of a cyberattack in the financial sector reaching $5.7 million in 2021. Evidently, the finance industry is one that is going to continue to be seen as an attractive and lucrative target for cyber criminals, and it is therefore paramount that organisations within the sector do all that they can to prevent themselves from becoming the next victim.

 

Moshe Hayun

The biggest cybercriminal families targeting the financial industry

Certain malware families have been a prominent threat to financial institutions throughout 2021. Our recent research revealed that Dridex and TrickBot were the most frequent malware families targeting the industry, specifically the banking sector. Dridex accounted for most of the malware attacks (68%), while TrickBot was responsible for 11% of the attacks.

Both are highly sophisticated banking trojans. For example, Dridex is a trojan designed to sneak behind an organisation’s defences (or, more accurately, trick defenders into bringing it beyond the perimeter themselves). While TrickBot on the other hand, is used to target individuals, businesses, and large enterprises to steal financial data, personal information and bank account credentials. Once this information is obtained, it can be used to carry out financial fraud and identity theft.

IcedID is another modular banking trojan that has attacked banks, e-commerce and credit card companies. Much like a worm, it has been designed to replicate, spread and infect more systems as it travels. Once executed on one machine, it will then cultivate and use simple evasion techniques such as operating after the machine restarts, making it more difficult to identify and defeat.

Another of the top five financial malware families is Zloader, a banking trojan that is a variant of the i Zeus banking malware. It is distributed in phishing campaigns or spoofed emails designed to trick victims into downloading and executing the malware. QakBot is the fifth malware family which can cause chaos within the finance sector. It steals information and is adept at stealing online banking credentials or other financial information.

 

Tricky Techniques and Implications

The malware families targeting the finance industry have their own techniques to achieve their financial goals. The more data they steal, the bigger the monetary gain. As such, they use a series of devious and stealthy methods to avoid detection. One common tactic is the use of malicious macros. Threat actors hide malicious code insider Word documents or other files which executes once someone opens them. For example, a favored method by Dridex is a PDF laden with JavaScript, or a malicious email attachment containing Word documents comprising of dangerous macros.

Trickbot, on the other hand, harvests emails and offers a backdoor into their victims’ network. The malware family also possesses a screen-lock, ransomware-style option which is designed to steal system passwords.

With techniques by these malware groups designed to be devious and arguably, cunning, it is no surprise that they are successful. LOLBins and PowerShell are another common tactic being used by cyber criminals to launch their ransomware attacks. Both are pre-installed on a computer which makes them ideal for threat actors to hide behind and avoid detection. This type of deception is also used by IcedID. For example, they can manipulate a victim’s browser so that they think they are viewing a genuine banking website, when in actual fact, they have been redirected to a fake website designed to steal system passwords.

Zloader on the other hand, uses Excel macros and other techniques including keylogging to steal information from users, while Qakbot spreads through malspam (malicious spam) and exploit kits that are deployed through compromised websites. If a victim visits the site, QakBot delivers its payload and infects them.

So, in this growing field of cyber-threats, how can financial institutions future proof themselves against devastating cyberattacks?

 

Facilitating real-time threat detection and prevention using deep learning

Most financial institutions today are using Endpoint Detection and Response (EDR) solutions which implements are designed to improve security at entry points to networks and systems. However, they often lack accuracy and speed.

EDR only works post-execution, meaning that malware is detected after it’s deployed into the target’s system. This means it is useful for finding known threats. However, threats evolve rapidly, with some of the fastest known malware infecting endpoints in less than 15 seconds. As a result, EDR solutions are not useful when it comes to preventing immediate and unknown threats and cannot process data at a speed which can ensure they are found in a timely manner that actually prevents attacks from infecting the endpoint.

To strengthen their proactive stance, finance companies need to move away from conventional EDR and implement deep learning – a more effective and next-gen solution for threat prevention. Deep learning is an advanced subset of AI that uses neural networks to imitate how humans think and learn in real-time- independently studying millions of attack patterns, file systems, and threat vectors.

However, deep learning solutions work without any human intervention. This broad knowledge base is then used to project existing and evolving threat patterns. This mechanism allows deep learning tools to detect threats in milliseconds, with unparalleled accuracy. Thus, even the fastest and most advanced malware is detected and stopped before they reach the target network.

Deep learning technology attains predictive analytics automatically through its own process of examining, analysing, and breaking down existing threat patterns, which helps to detect unknown and zero-day threats. It also produces a 99.9 percent accuracy rate which means security teams don’t have to chase after false-positive security alerts.

Deep learning solutions take the focus away from the conventional threat mitigation approach of the financial industry and emphasises threat prevention. The technology addresses the most critical security concern of the financial industry, which is accurately detecting and preventing threats. By detecting advanced threats in milliseconds, security teams can gain the upper hand on the attackers and close down their attack paths before they wreak havoc on the finance industry.

Business

Green growth: The unstoppable rise of climate technology investment

Published

on

By

With the investment community focusing more and more on renewable technologies, investor interest is at an all-time high. Ian Thomas, managing director, Turquoise, reviews the current investment landscape and highlights the opportunities for investors keen to capitalise on this growing trend.

Green, or climate, finance is a label for providers of finance who are supporting investments seeking positive environmental impact. The label covers investments in green infrastructure, venture capital investment in clean technologies and renewable energy. Green finance has grown by leaps and bounds in recent years, supporting public wellbeing and social equity while reducing environmental risks and improving ecological integrity.

Worldwide, energy investment is forecast to increase by 8% in 2022 to $2.4 trillion, according to a new report by the International Energy Agency, with the expected rise coming mostly from clean energy – $1.4 trillion in total. To put this rocketing figure into some perspective, clean energy investment only rose by 2% annually in the five years following the signing of the Paris Agreement in 2015. Energy transition investment has some way to go, however – between 2022 and 2025, to get on track for global net zero, it must rise by three times the current amount to average $2,063 billion. [1]

Turquoise has been active for almost 20 years as a venture capital investor and adviser to companies in the climate technology space that are raising capital and/or selling their business to a strategic acquirer. Reviewing current industry investment news, as well as drawing on examples from the portfolio of Low Carbon Innovation Fund 2 (LCIF2), managed by Turquoise, I have commented below the latest on the renewable energy trends most piquing investor interest.

 

Solar PV

Renewable power is leading the charge when it comes to investment, with wind energy and solar PV emerging as the cheapest option for new power generation across many countries, and now accounting for more than 80% of total power sector investment. Solar power is responsible for half of new investment in renewable power, with spending divided roughly equally between utility scale projects and distributed solar PV systems.

This huge increase in solar spending, which continues in spite of supply chain issues affecting raw material delivery, has been driven by Asia, largely China (BloombergNEF, 2022). Meanwhile, Europe is re-doubling its efforts to achieve an energy transition away from Russian gas and other fossil fuels, building on investment that was already rising steadily prior to the outbreak of war in Ukraine. Germany, the UK, France and Spain all exceeded $10 billion on low-carbon spending in 2021.[2]

 

Wind

Last year was a record year for offshore wind deployment with more than 20GW commissioned, accounting for approximately $40 billion in investment. The first half of 2022 saw $32 billion invested in offshore wind, 52% more than in the same period in 2021 (BloombergNEF, 2022). Taking into account also onshore wind, in 2021 investment was spearheaded by China, followed by the US and Brazil.[3]

In the UK, suggested targets include plans to host 50GW of offshore wind capacity, as well as 10GW of green and blue hydrogen production, by 2030. Investors will naturally be encouraged by proposals to simplify the planning process across the board for renewable projects.[4] France and Germany have also increased their offshore wind targets, signalling further support for investment.

 

Decarbonising housing: the business opportunity

The need to decarbonise residential housing, made all the more urgent by current energy prices, also offers substantial scope for investment. The gas price spike is naturally increasing interest in technology such as electric heat pumps, which had already enjoyed 15% growth in 2021 albeit from a very low base.

Recently, Turquoise announced an investment by Low Carbon Innovation Fund 2 (LCIF2) in Switchd, which operates MakeMyHouseGreen, a data-driven platform that allows homeowners to source and install domestic renewable energy generation, including solar panels and battery storage with other energy saving products in the pipeline. The investment will enable Switchd to roll out the MakeMyHouseGreen platform to a much larger number of customers. The latest episode of the Talks with Turquoise podcast series saw us interview Switchd co-founder Llewellyn Kinch about the UK energy market and national transition to decarbonisation, covering the rise of residential renewable energy and energy efficiency.

 

Adapting to the low-carbon economy

Meanwhile, investors should not forget opportunities on the other side of the energy market. Renewables are undoubtedly exciting investors, but there are also opportunities for fossil fuel companies to adapt their business models to the low-carbon economy. Turquoise advised GT Energy, a portfolio company from our first fund that develops deep geothermal heat projects, on its sale to IGas Energy, a leading UK onshore oil & gas producer. Under IGas ownership, GT Energy will progress its flagship 14MW project to supply zero-carbon heat to the city of Stoke-on-Trent through a council-owned district heating network.

 

A broad investment landscape

Forecasts show that renewables will increase to 60% of power generation in Europe by 2030, and 40% in the US and China by the same date.[5] As demand rises for climate technology, the investment opportunities in green finance are far broader than they ever have been. Undoubtedly, as the energy crisis continues, investor interest will continue to soar to even greater heights.

[1] https://www.iea.org/news/record-clean-energy-spending-is-set-to-help-global-energy-investment-grow-by-8-in-2022
[2] https://ihsmarkit.com/research-analysis/global-power-and-renewables-research-highlights-july-2022.html
[3] https://dialogochino.net/en/uncategorised/56938-global-wind-energy-council-vice-chair-brazil-offshore-wind-accelerating-2/
[4] https://www.edie.net/uks-clean-energy-investment-ranking-rises-after-government-sets-95-low-carbon-electricity-target-for-2030/
[5] https://www.spglobal.com/en/research-insights/featured/energy-transition-renewables-remain-the-cornerstone-of-future-power-generation

Continue Reading

Business

A Culture of Cyber Security Throughout Financial Services Organisations

Published

on

By

Michael Cantor, CIO, Park Place Technologies

Financial Services organisations have long been a top target for cyber-attacks given both the nature of their financial transactions and the sensitivity of the data being held and processed. It is not just the digital transactions themselves that entice cyber criminals to regularly try and breach existing security protocols. Financial Services’ organisations hold full Personally Identifiable Information (PII) data sets of customers, including home addresses, social security numbers, banking details, transaction history, phone numbers, email addresses, and income information.

When breaches occur with this level of dependency information, cyber criminals can go on to easily access accounts, copy payment cards and make fraudulent purchases. Unsurprisingly, breaches are incredibly bad news and high impact in this sector as they undermine customer confidence, create large compensation cases, and regularly cause large fines for non-compliancy of data protection regulations (GDPR).

CISOs and Risk Managers

Creation of a complete culture of cyber security that spans right across financial establishments has therefore been a high priority for CISOs and Risk Managers in the finance arena, who find themselves at the forefront of the fight to engineer, foster and encourage a culture of pervasive cyber security awareness. These financial CISOs are the risk management

Michael Cantor

professionals who live and breathe with the knowledge that any lapse by any employee can leave the entire organization exposed and vulnerable, and who understand the importance and safety that adherence to a detailed cyber security plan, unique to their organization, brings. Financial establishments and financial services have, more than any other sector, seen heightened advances in digital innovations through internet banking, mobile apps, and instant payments – and all occurring within a relatively short timescale.  Such fast adoption of new technology platforms can cause a perfect storm of vulnerabilities largely through lack of familiarity, potentially increasing the finance industry’s attack vector.

Given the scope of the threat, no one CISO or group of cyber security specialists can be completely responsible for stemming attacks or changing employee behaviours. The requirement to create a pervasive culture of accountability for cyber security in finance has never been more critical with such a surge in digital innovation. Some CISOs struggle to gain immediate internal acceptance of cyber initiatives as they invariably increase extra security processes or in more extreme scenarios, can initially decrease productivity levels as users grapple with additional layers and verifications. Instead, CISOs should embark on a graduated path of security sensitivities. There are three routes in this journey that CISOs need to develop.

Understanding Roles

First, if they are to successfully increase defences, CISOs need to fully understand roles and processes in the existing regime to understand why and when job functions rely on systems that could pose and increase vulnerabilities. Secondly, as with all successful change, CISOs should spend the first months of cyber change initiatives on the ground, familiarising themselves with workflows and identifying suitable departmental ‘champions’ who can act as envoys or ambassadors. They will become practical flag bearers for ongoing change who will be on-point for communications for threat handling and remediation. These departmental cyber champions will also field questions and interactions about cyber concerns, as you would with a local Health and Safety Officer. Creating any true culture change needs to facilitate two-way communications from day one and needs to embrace everyone, so selecting the right team is essential. Recognised accredited cyber training relevant to the expected outcomes of a cyber ambassador is critical here as responsibilities move outside of IT. Not only does individualised cyber training bring empowerment and extra capabilities internally, but it leads to personal recognition that reflects positively on future career opportunities.

Once a thorough understanding and a development of a network of cyber ambassadors has occurred, CISOs need to quickly move to developing extra employee security practices and providing direction on ongoing cadences. But these new or enhanced security prevention measures invariably add to the time that it takes for employees to finish jobs. Collective attitudes towards prioritising cyber – and by extension, creating a cyber culture – can only be changed by first educating employees on the importance and rationale in changing behaviours or methods of completing a task. This education process can take many forms, starting with various impacts via a series of simple simulated attacks that provide anonymised responses back to risk professionals to highlight gaps in knowledge and provide early indicators on how easily breaches can occur and how fast new cyber processes can be adopted. Additionally, real world documented examples are often used to show how breaches have been catastrophic in similar sized organisations. Ongoing interactive education is key to building a continued culture of security. Education and learnings on the impact of the breach ramifications – from board level to new recruits – is essential, at all times building cyber security as an enabler rather than another workflow process to achieve. Successful financial companies who avoid security breaches on an ongoing basis additionally bring the importance of cyber security into annual employee reviews, keeping it top of mind and primary to employees’ performance (and renumeration). HR therefore also play a key part determining a blame-free, but responsible and empowering security culture.

Empowering Employees

Establishing a culture means by its very nature, that all are driving towards the same goal. That means gentle, but constant re-enforcement. And here’s where the third part of cyber empowerment needs a careful balance to avoid falling into negative scare tactics or blame. Financial CISOs, for their part, need to at all times, empower employees with the right tools and resources to intelligently identify, question and report suspected attacks. They also need to deploy easy to use, reliable preventative tools such as password managers and dependable email security software, while not neglecting their own role in the ongoing monitoring of asset discovery to see which assets and software are lurking in the infrastructure (or may have been recently added to the infrastructure). Endpoint security, especially in hybrid environments, is more important than ever in these environments.

Once a culture exists internally, next, CISO attention must turn towards suppliers and partners who themselves can create an entry point for breach. This can be achieved by clearly setting the organisations cyber security expectations up front and asking suppliers to prove compliance and adherence towards these standards, but within a reasonable, pre-agreed timeframe.

Creating this inherent cyber culture can only occur through ongoing education and training of employees on the ever-changing threat landscape and linking the importance and rationale to adopt best practices. To achieve an ongoing culture of acceptance, cyber security must clearly help employees get their jobs done so that being security conscious is a positive, ongoing experience for any financial services business.

Continue Reading

Magazine

Trending

Business3 days ago

How can businesses boost employee experience for finance professionals?

By Martin Schirmer, President, Enterprise Service Management, IFS Over the course of the last year, The Great Resignation has seriously...

Business4 days ago

CBDCs: the key to transform cross-border payments

Dr. Ruth Wandhöfer, Board Director at RTGS.global   If you work in finance, you’ll have been hearing a lot about...

Business4 days ago

Green growth: The unstoppable rise of climate technology investment

With the investment community focusing more and more on renewable technologies, investor interest is at an all-time high. Ian Thomas,...

Business4 days ago

Bolstering know your customer processes as regulation tightens

Nick Payne, banking services, customer advisory, SAS UK & Ireland, discusses how new technologies allow financial services companies to develop rigorous KYC...

Finance4 days ago

The penny has dropped – the finance sector needs Data Governance-as-a-Service

By Michael Queenan, Co-Founder and CEO at Nephos Technologies   In our data-driven world, the amount of data is growing...

Business4 days ago

Seven tips for financial services brands using mail

By Cameron Russell, Head of Marketing at Marketreach   Customer experience (CX) is a powerful differentiator for modern brands. If...

Top 104 days ago

Turn the data landfill into an insight goldmine

Andrew Watson, CTO, MHR Today, businesses have access to a wealth of data, with vast amounts of information created daily....

Business4 days ago

A Culture of Cyber Security Throughout Financial Services Organisations

Michael Cantor, CIO, Park Place Technologies Financial Services organisations have long been a top target for cyber-attacks given both the...

Business6 days ago

Financial Stability Board Gives Full Support to Wide LEI Use in Global Payments

Clare Rowley, Head of Business Operations at the Global Legal Entity Identifier Foundation The strongest recommendation yet by the Financial...

Business6 days ago

On-demand pay: why payroll needs a modern approach

Byline:  Paul Bartlett, CEO, CloudPay   While the world of work has evolved drastically over the last decade, payroll has...

Business6 days ago

 ‘What should real estate investors be doing now – has the market hit rock bottom or is now the time to buy?’

Following many years of housing prices soaring and competition steadily increasing, real estate growth has finally started to slow, likely...

Business7 days ago

Expert Guide for Email Marketing to Improving Your Conversion Rates

If you talk about email marketing campaigns, it would seem like an old-fashioned advertising style. But it is still an...

Banking1 week ago

Augmented automated underwriting and the evolution of the life insurance market

By Alby van Wyk, Chief Commercial Officer at Munich Re Automation Solutions   It’s almost inevitable. Spend your working life...

Banking1 week ago

ESG in the finance and banking industry – are you ready?

By Julian Moffett, CTO BFSI, EDB   Environmental, Social and Governance (ESG) has soared towards the top of banking, financial...

Top 102 weeks ago

An Entrepreneur’s Guide to Investing in Bitcoin

Marcus de Maria, Founder and Chairman of Investment Mastery.   Over recent years, Bitcoin has been steadily growing in popularity...

Business2 weeks ago

Overcoming macroeconomic challenges

By Mike Chambers, formerly CEO of Bacs and a consultant at Access PaySuite.   For businesses offering a subscription-based service, the...

Banking2 weeks ago

How unlocking the potential of tokenised markets can help banks keep pace with the digital economy

Giulia Secco is the Strategic Partnership & Ecosystem Manager at Fnality International.   In the aftermath of the 2008 financial...

Banking2 weeks ago

The role of Artificial intelligence in compliance at banks

Sujata Dasgupta, Global Head – Financial Crime Compliance Advisory, Tata Consultancy Services   There’s not a financial institution across the...

Technology2 weeks ago

Scaling securely in the automation-first era

By Brandon Traffanstedt, Sr. Director, Field Technology Office at CyberArk   Robotic process automation (RPA) has been one of the...

Business2 weeks ago

Putting technology to work on entrepreneur fund-raising

By Simon Glass, CEO, Qodeo   Human relationships are behind the most successful venture capital deals. The chemistry between an...

Trending