In the new normal, the proliferation of online banking and e-wallets isn’t so much because they’re convenient but they’re increasingly becoming a necessity to conduct day to day business. In an online briefing, Kaspersky shares some hard lessons learned from the US$81 million cyberheist that took place in 2016.
In the briefing, Kaspersky shared how the financial sector can take advantage of threat data to enhance their defences against cybercrime groups such as Lazarus who forensic evidence strongly intimates is behind the Bangladesh heist that resulted in US$81 million in losses, multiple lawsuits, a loss of reputation, multiple resignations and more.
When sharing details on how the heist took place, Kaspersky shared that the costly lesson learned from this fiasco is the importance of the human element in securing financial systems as the heist began with a series of spear phishing emails to targeted bank employees.
Rather than simply carpet bombing prospective targets, spear phishing attacks are vastly more sophisticated and pinpoint attacks targeting specific individuals or targets. By spoofing legitimate emails, often with names and other data that the individual is familiar with, spear phishing attacks aim to steal critical data or implant malware to compromise networks and act as a stepping stone to further attacks.
“The past offers us warnings which we must heed to be able to build a safer today. This applies to the financial sector and all other organisations especially when it comes to cybersecurity. More than four years after the world has witnessed one of the most successful cyber heist to date, it is essential for banks and related institutions in Southeast Asia to understand how they can leverage on threat intelligence to foil any sophisticated attempts against their systems,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
“For instance, our cybersecurity researchers have been monitoring the Lazarus group closely for years. Through this intelligence, our solutions can detect the possible malware they may use suppose they try to get into a banking system. We can block them, analyse the malicious file, and alert the organisation’s IT team on which tactics and techniques to look out for based on the group’s previous attack behaviour, saving possible multi-million losses financially and professionally,” he adds.
According to Kaspersky, there have been 40,511,257 spear phishing attacks detected in the first 5 months of 2020 across the world, which is a daunting number any which way you slice it. The brand suggests the following solutions to harden and protect financial institutions from cyberattacks:
- Integrate Threat Intelligence into your SIEM and security controls in order to access the most relevant and up-to-date threat data
- Conduct regular security training sessions for staff, ideally a personalised one like Kaspersky Adaptive Online Training (KAOT) which uses a cognitive-driven approach, taking into account the abilities and needs of each and every learner
- Use traffic monitoring software – like Kaspersky Anti Targeted Attack Platform (KATA)
- Install the latest updates and patches for all of the software you use
- Forbid the installation of programs from unknown sources
- Perform regular security audit of an organization’s IT infrastructure
- For endpoint level detection, investigation and timely remediation of incidents, implement EDR solutions such as Kaspersky Endpoint Detection and Response which can catch even unknown banking malware