Financial Services Cybersecurity Weekly Briefing 06-08-2018

Weekly FS Cybersecurity Blast

Weekly FS Cybersecurity Blast

Banking Trojans, Not Ransomware, are the Biggest Threat to the Enterprise Now
Massive ransomware attacks may be on the decline, but the cyberthreat landscape grew even more diverse in the first months of 2018, the report found. Banking Trojans accounted for nearly 59% of all malicious email payloads in Q1, followed by credential stealers (19%) and downloaders (18%). Emotet was the most widely distributed banking Trojan, accounting for 57% of all bankers and 33% of all malicious payloads, according to the report.

Australian Bank Sends 10,000 Customers’ Data to Wrong Email Address for Dumbest Possible Reason
[The] most egregiously idiotic way to release confidential information is to send emails to the wrong domain name. That’s exactly what the largest bank in Australia did—more than 600 times. Commonwealth Bank of Australia has admitted that staff mistakenly sent 651 emails containing the data of 10,000 customers to “cba.com,” a domain name that belonged to a US-based cybersecurity company, rather than the bank’s “cba.com.au” domain name.

How Security Leaders Can Be Empowered to Drive Results
“A few key practices will greatly help you overcome this obstacle,” said Katell Thielmann, research vice president at Gartner. “First, create and support a culture of accountability with well-established risk ownership and responsibilities. “Next, build an enterprise-wide risk register that accounts for the top risks across all risk domains. Finally, map risk directly, clearly, and defensibly to business goals and objectives.”

Financial Professionals Targeted by Sophisticated ‘Keylogger’ Malware
In particular, financial institutions are being targeted by two keyloggers, Emotet and URSNIF, which were designed specifically to operate undetected in a firm’s technology, Mr. Norton said. These malwares, which infect a computer through a Microsoft Office document, can evade detection and hijack transfer payments. “They are aware of a financial system’s back end,” Mr. Norton added. “The malwares are built to survive in an enterprise security network.”

Financial Services Organizations Face More Sophisticated Threats Than Others
The exercise showed that the proportion of malware displaying advanced behavior was 20% higher in the financial sector than elsewhere. For the report, Lastline defined malware as displaying advanced behavior if it is packed to avoid detection by static signature-based tools,  evade dynamic analysis, steal credentials, and remain stealthy.

 

Stay up to date on the Financial Services Information Security news that you need to know by signing up for our Financial Cybersecurity Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.