Modern financial institutions know that in this era of advanced cyber attacks, experiencing a breach is no longer a matter of “if” but “when.”
In this new reality, it’s no longer enough to secure the network perimeter to keep cyber criminals out. Today, banks need to put as much or more energy into keeping data safe from threats on the inside.
Hackers Put Time On Their Side
Cyber attacks on financial firms are increasing and becoming more difficult to detect. Recent research from Ponemon Institute supports this, with findings showing that 83% of financial institutions surveyed suffer over 50 attacks per month, but on average, take 98 days to detect a breach.
Trends show Advanced Persistent Threats (APTs) that repeatedly hammer organizations in search of vulnerabilities are becoming less of an issue, replaced by stealth attacks that mask signs of malicious behavior. Instead of going for the quick profit, today’s hackers take their time to learn their way around the network, and wait until conditions are favorable for making a big score.
No Bank Is Too Big To Hack
The highly publicized hack of JPMorgan Chase back in summer 2014 — impacting 83 million households — took almost two months to detect, with the true severity of the attack unfolding over an even longer period. The hackers advanced one step at a time, compiling a list of apps and programs running on JPMorgan’s computers to create a roadmap, which they cross-checked with known vulnerabilities to find an entry point back into the bank’s system.
Barely two years later, hackers are still using time to their advantage, and in the most astonishing cases, escaping without a trace.
The attack that experts like to cite now is the May hack on the central bank in Bangladesh, in which hackers tricked the Federal Reserve Bank of New York into using the Bangladesh bank’s SWIFT network to wire money to bogus accounts in the Philippines and Sri Lanka.
In this much-talked-about heist, the hackers moved slowly but deliberately, infiltrating the SWIFT network at least a month prior to launching the fraud scheme. This gave them time to learn the wire process and download malware to take the bank’s printers offline, and erase evidence of the fraudulent wire transfer requests until it was too late to cancel them, or recover the $81 million.
Network Segmentation Mitigates Risks
Now that hackers have the stealth to breach networks and patience to do their research first, what can financial firms do to protect funds and data? We recommend network segmentation — a strategy that involves putting sensitive data and systems behind firewalls inside the network, and limiting access to resources and applications to just those who need it.
Micro-segmentation takes things a bit further, segmenting the network down to the individual system level to stop attackers in their tracks, even if they gain entry to an endpoint on the network.
If a marketing employee inadvertently clicks on a phishing email link, for example, the resulting malware can’t cross from the infected endpoints to others, keeping even an infiltrated network safe until the breach is detected and eradicated.
New Network Segmentation Strategies Balance Performance and Protection
While most organizations realize the benefits of network segmentation, past implementations tended to be difficult to manage and scale, as firewall rules inevitably conflicted and slowed down the network. New strategies are emerging; however, that ease these management concerns while ensuring traffic is monitored, inspected and passed correctly from segment to segment at wire speed, eliminating both performance and security concerns.
What are you doing to keep your internal data safe? Join the conversation.