Financial Services Cybersecurity Weekly Briefing 11-17-2017

Weekly FS Cybersecurity Blast

Weekly FS Cybersecurity Blast

Customers Punish Breached Companies
Equifax’s 25% reduction in share value and other industry-wide stats show that consumers aren’t so apathetic about cybersecurity after all. Many executives don’t take secondary breach costs very seriously: the numbers have long been tricky to pin down and many within the C-suite believe that consumer breach fatigue and apathy about cybersecurity buffer their brand in the wake of a breach. But growing evidence is showing that customers really do care, and they’ll put a wallop on the brand when the circumstances are egregious enough.

 

New IcedID Trojan Targets US Banks
“At this time, the malware targets banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites in the U.S.,” researchers wrote in a report released Monday explaining the discovery. Two U.K.-based banks are also targeted by the malware. Similar to the TrickBot and Dridex Trojans, IcedID both webinjection and redirection attack techniques, researchers said.

 

Poor Coding is Leaving Banks at Risk of Cyber Attacks
The report also had harsh words about Microsoft’s .NET programming language, warning that .NET applications had more vulnerabilities on average than Java apps, though it didn’t provide numbers. Microsoft’s .NET apps developed with the waterfall software evelopment method had the worst scores overall.

 

Financial Services Firms Buckle Down on Data Security
“More than 15 million Americans were victims of cyber-fraud or identify theft last year,” said Subcommittee Chairman Blaine Luetkemeyer (R-Mo.).  “While data security has been a hot topic since the latest breach, Equifax isn’t where the problem started and, if we don’t act, it isn’t where the problem will end. With each attack more dangerous and more advanced than the last, it is crucial that every aspect of data security is examined.”

 

Equifax Data Breach Costs Financial Giant $87.5 Million Dollars
As a result of the data breach Equifax has entered into various agreements with many firms including IBM and Tata Consultancy Services. These agreements are outsourcing agreements for data processing operations, app development, continuity services and recover services. Equifax expects that they will have to meet new compliance measures as a result of this data breach, which they expect will carry a heavy cost as well.

 

 

Stay up to date on the Financial Services Information Security news that you need to know by signing up for our Financial Cybersecurity Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.