Financial Services Cybersecurity Weekly Briefing 9-29-2017

Weekly FS Cybersecurity Blast

Weekly FS Cybersecurity Blast

Equifax Breach is a Reminder of Society’s Larger Cybersecurity Problems
Several major problems need to be addressed before people can live in a truly secure society: For example, companies must find and hire the right people to actually solve the overall problems and think innovatively rather than just fixing the day-to-day issues. Companies must be made to get serious about cybersecurity — at a time when many firms have financial incentives not to, also. Until then, major breaches will keep happening and may get even worse.

 

SEC is Getting Serious About Bitcoin Fraud and Fake News
To that end, it’s creating a Cyber Unit that will focus its enforcement team on digital offenses. These include hacks, such as attempts to obtain insider info or to compromise trading platforms and accounts, but that’s really just the tip of the iceberg. To start, the SEC will look at fake news when it’s used to manipulate the market, such as pumping up a stock price to sell at a higher price. It also wants to look at shady dealings involving initial coin offerings and distributed ledgers like blockchains.

 

Exclusive: N.Y. Regulator Subpoenas Equifax Over Massive Breach
New York’s Department of Financial Services (DFS) sent the subpoena to Equifax on Sept. 14, said the person, who declined to be named because the matter has not been made public. The subpoena seeks documents related to the hack that compromised the personal data of up to 143 million Americans, details on when Equifax learned of the breach and what actions it took after it was discovered, as well as other information, the person said.

 

Cyber Security Fintechs Can Help Restore Trust 
“The speed to make a decision, to onboard it, to paper it, is often slowed down by these compliance and risk processes. “Now, if we’re able to better provide that transformative layer that protects the fintech and allows them to have a different conversation of trust with their customers, then that’s going to allow them to move faster.”

 

ATM Hackers Switch to Network-based Attacks
“Once the criminals have established a solid foothold into the bank’s network, they then go on to perform lateral movement to identify and access other sub-networks, including the ATMs. Normally, banks have a clear separation between their corporate network and that of the ATMs, with separate routing and rewalls or other defenses. Some banks do have a at network, thus making the hackers’ lives much easier, but these tend to be a lot rarer.”

 

Stay up to date on the Financial Services Information Security news that you need to know by signing up for our Financial Cybersecurity Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.