Financial Services Cybersecurity Weekly Briefing 07-13-2018

Weekly FS Cybersecurity Blast

Weekly FS Cybersecurity Blast

Critical Informatics Recognized by Gartner in the 2018 Market Guide for MDR Services
“Our platform is purpose-built for highly regulated sectors such as healthcare, finance, and government. We don’t require any agents to be deployed, nor additional technology purchases. Using packet capture, we can protect regulated records while retaining the ability to conduct investigations and confirm incidents with 100% accuracy. We keep those packets on the customer’s premise inside their protected perimeter. All of this means a seamless implementation and elimination of more false positives.


UPDATE 1-Mexican Banks Warned to be on Alert for Cyber Attacks
Mexico’s financial authorities on Friday warned local banks to be on alert for potential cyber attacks and to strengthen security systems, activating protocols established in the wake of recent bank hacks. Mexico’s central bank, Finance Ministry and banking regulator said in a statement that the measure is preventative, and that the country’s financial system is functioning normally. The statement did not detail the reason behind the alert.


The Changing Face of Cryptography in the Financial Industry
Maybe many banks will take the “hear no evil, see no evil” approach to advanced cryptography in the forms of quantum computing until it provides a genuine cause for concern maybe banks will just stay clear of investment in such areas. The applications of quantum computing are enormous in the fields of chemistry and nanotechnology but do not underestimate the importance of data and transaction security in the financial sector.


Threats Financial Organizations Will Face in 2019
According to IntSights Cyber Intelligence, they should be prepared for breaches effected through compromise of established vendor software or SaaS products, and vulnerable third-party, open source software implemented in the applications they use. Also: extortion attempts. “Regulation fines and brand reputation damage can be way more costly than downtime or lost data. Given the large fines for GDPR laws and massive data breach incidents in the US that drew attention from the Senate, we believe attackers will try to leverage a company’s fear of similar incidents,” the company explained in a recently released report.


Ticketmaster Breach Was Part of a Larger Credit Card Skimming Effort, Analysis Shows
At least 800 e-commerce sites are said to be affected, after they included code developed by third-party companies and later altered by hackers, according to security firm RiskIQ. The credit card skimming effort of a massive campaign by a threat group — dubbed Magecart, operational since at least 2015 — targets software companies that build and provide code that developers include on their websites to improve the site or customer experience. After the hackers break in and alter the code, it affects every website that it runs on, potentially affecting millions of users every day.


Stay up to date on the Financial Services Information Security news that you need to know by signing up for our Financial Cybersecurity Briefing Here.


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.