“Hello darkness, my old friend”—Simon & Garfunkel couldn’t have said it better when it comes to describing ideal conditions for APTs. New targeted attacks against banks in Russia, Armenia, and Malaysia have been detected and attributed to the Silence group. Silence represents an ongoing cybercrime shift from targeting end users (bank account fraud) to carrying out advanced direct attacks against the banks themselves. According to Web India, Silence joins the ranks of the most devastating and complex cyber-robbery operations like Metel, GCMAN, and Carbanak, which succeeded in stealing millions of dollars from financial organizations.
As Illusive’s R&D leader, it’s part of my job to be out front understanding the needs of our customers and the broader market. We’re always polling the market to understand what additional pain points deception technology can address. Conversations with our financial services customers this past year turned over a need we hadn’t expected: Can you protect my mainframes?
For multinational banks and other financial services companies, one of the biggest barriers to better security is pure scale. In large environments, where endpoints number in the tens or hundreds of thousands, how can you keep attackers out 7x24x365?
Deception can play a powerful, multifaceted role in helping financial services organizations protect their crown jewels. Our recent post, By Detecting Lateral Movements, Banks Can Get Ahead of Fraud and APTs (Aug. 21, 2017) described how deception is used to combat fraud. In this post, we’ll look at how deception can play a strategic role in defeating insider threats.
In 2016, the wire transfer fraud attack on Bangladesh Bank commanded huge headlines and resulted in cyber criminals stealing a whopping $81 million. It could have been worse; the massive “take” was interrupted not by IT security technologies, but by human vigilance. A watchful employee saw a spelling error in a transfer message and alerted an investigation team.