Blog

No items found.

Cyber-threats mean banks are no longer ‘too big to fail’

Cyber-threats mean banks are no longer ‘too big to fail’Default blog imageDefault blog image
30
Jan 2017
30
Jan 2017

Last year, hackers made off with $951 million from the Bank of Bangladesh. The record-breaking cyber-heist was no anomaly. It was just one in a series of sophisticated cyber-attacks targeting the financial sector. In 2014, criminals stole account information from 83 million JP Morgan customers. And again last year, a single Russian bank suffered 69 separate DDoS attacks. Cyber-attacks against the financial sector are relentless.

And finance isn’t just hit more often than other industries. It’s hit harder. For banks, the average cost per record stolen is $221, well over the average of $158. Driven by the prospect of a huge payday, hackers reserve some of their most sophisticated attacks for banks and other high-profile financial organizations.

To detect advanced attacks like these, we use unsupervised machine learning to identify deviations from normal network activity. Crucially, this approach lets companies detect threats from the inside. At Darktrace, some of the biggest vulnerabilities we’ve found started with a careless employee. Nowhere is this activity more troubling than in the financial services sector.

For example, at a top US investment firm, we detected strange communications between a company desktop and a Chinese cloud service. These communications were deemed highly anomalous and a major deviation from that user’s normal behavior. The employee in question was using the cloud service for legitimate work reasons, but this service came with a host of hidden risks — namely, it was secretly transmitting login details to an unknown third party. The leaked information could have led to a debilitating attack.

These attacks are alarming, but in the future, attackers won’t just try to steal data; they’ll try to change it. Since financial services rely on public confidence, they’ll be disproportionately affected by data manipulation. For instance, by subtly tweaking bank account information, an attacker could destroy the very integrity of the bank’s data. The bank would lose all credibility if the attack went public. Similarly, an attack could alter the mathematical models that inform boardroom decisions at a Wall Street company, thus forcing them to make bad investments.

Between insider threats and sophisticated data manipulation, banks and other financial organizations are feeling the brunt of the ongoing cyber-war. To fight back, they have to arm themselves with similarly advanced security tools. Because when it comes to cyber security, banks are no longer ‘too big to fail’.

Like this and want more?

Receive the latest blog in your inbox
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
INSIDE THE SOC
Darktrace cyber analysts are world-class experts in threat intelligence, threat hunting and incident response, and provide 24/7 SOC support to thousands of Darktrace customers around the globe. Inside the SOC is exclusively authored by these experts, providing analysis of cyber incidents and threat trends, based on real-world experience in the field.
AUTHOR
ABOUT ThE AUTHOR
Justin Fier
VP, Tactical Risk and Response

Justin is one of the US’s leading cyber intelligence experts, and holds the position of VP, Tactical Risk and Response at Darktrace. His insights on cyber security and artificial intelligence have been widely reported in leading media outlets, including the Wall Street Journal, CNN, The Washington Post, and VICELAND. With over 10 years’ experience in cyber defense, Justin has supported various elements in the US intelligence community, holding mission-critical security roles with Lockheed Martin, Northrop Grumman Mission Systems and Abraxas. Justin is also a highly-skilled technical specialist, and works with Darktrace’s strategic global customers on threat analysis, defensive cyber operations, protecting IoT, and machine learning.

USE CASES
No items found.
PRODUCT SPOTLIGHT
No items found.
COre coverage
No items found.

Related Articles

No items found.

Good news for your business.
Bad news for the bad guys.

Start your free trial

Start your free trial

Flexible delivery
You can either install it virtually or with hardware.
Fast install
Just 1 hour to set up – and even less for an email security trial.
Choose your journey
Try out Self-Learning AI wherever you most need it — including cloud, network or email.
No commitment
Full access to the Darktrace Threat Visualizer and three bespoke Threat Reports, with no obligation to purchase.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get a demo

Flexible delivery
You can either install it virtually or with hardware.
Fast install
Just 1 hour to set up – and even less for an email security trial.
Choose your journey
Try out Self-Learning AI wherever you most need it — including cloud, network or email.
No commitment
Full access to the Darktrace Threat Visualizer and three bespoke Threat Reports, with no obligation to purchase.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.