How cyber threats in the financial sector can be contained
The cyber threats that you need to take into account
The increased internal networking of data communications is leading to an increasing number of new IT security risks. Security risks such as denial of service attacks, the manipulation of data and systems or phishing can cause considerable damage in the governmental sector. But that’s just the tip of the iceberg: the attacks are becoming increasingly targeted, and are using methods and tools which conventional IT security solutions are unable to detect or prevent.
Attacks on the financial sector from cyber space are becoming more targeted and better planned
- Attacks on hardware components with improved tools
The hardware components of the firmware in the financial sector remain vulnerable to attack. Experience of the course of the past year has shown how attacks are being made with increasingly sophisticated tools. More and more system firmware root kits are being used, with which it is possible to attack virtual machines.
- Ransom-ware attacks remain commonplace
Anonymous networks and payment methods are increasingly sought-after targets for attacks from cyberspace. Since they are relatively simple to configure, systems in this area are also attractive to inexperienced hackers.
- Insecure home networks enable hackers to access staff systems.
Hackers are able to access a company IT environment relatively easily through employees’ LAN, through staff working on a home office basis or in public places, for example, and to access and steal data from the company network.
- Integrity attacks are putting transactions in the area of finance at risk
The hacker secretly impacts the integrity of systems and data. Data are seized and modified and the associated transactions are put at risk. This might involve changing the payment details of a salary cheque, for example, which a customer wants paid into a different bank account. This cyber threat is resulting in thefts to the value of several million Euros.
honeyBox® provides security to offices where other solutions can have weaknesses
Since the area of office IT is becoming increasingly networked and E-government applications need to have a high degree of availability, it is necessary for an appropriate IT solution to neither impair the availability nor further increase the complexity. A passive solution which is easy to install and can be used without in-depth knowledge of IT security is therefore required. It should also be a no-false-positive solution which is low cost.
The monitoring of your LAN with IDS/IPS is insufficient
Companies require reliable data about the security status of their network. With IDS/IPS, this cannot, on the whole, be achieved. In contrast to this, with honeypots it is, on the whole, possible to detect cases of unauthorised access.
Situation: You do not use comprehensive monitoring in your LAN. Attacks to your internal systems can, however, cause considerable damage.
Implementation: With the use of the honeypot appliances, you rapidly gain a solution which can be used in order to detect internal attacks to your LAN. This makes changes to the network structure unnecessary.
The result: through the detection and possible logging of attacks, you receive up-to-date notification on whether hackers are active in your network. If required, you can introduce steps so as to contain and analyse the attack.