Today’s Jesse James: 21st Century Bank Heists

Banking in the 21st century no longer revolves around visiting your local branch. Doing business with a bank is now mostly online, global and 24/7. It makes sense that financial crime has also evolved alongside its target. The modern-day Jesse James has traded in his pistol for expertise in coding. What’s more, there are more bandits than ever before. Cybersecurity has never been a more critical concern for banks, their clients and the broader financial sector, so it comes as no surprise that 76% of executives are losing sleep over it.

COVID-19 has created a whole new set of challenges for financial services, with many people struggling to uphold strong security practices when working remotely. According to the “State of Data Loss Prevention” report from Tessian, 56% of the 300 financial services professionals surveyed admitted they are less likely to follow safe data practices at home, while 61% felt they could get away with “risky” behavior. This is despite the known repercussions of a data breach, with 81% citing “damaged company reputation” as the biggest consequence of a data breach.

Big Targets Attract the Big Guys

With lots of lucrative customer data alongside a wealth of financial assets, banks are clearly a top target for online heists. Unfortunately, cybersecurity is having trouble keeping up with the sheer volume of hackers, who are focusing their efforts on banks.

Although it’s true that banks are somewhat more advanced compared to other industries in terms of online security, the problem remains that bigger targets attract the big guys in the cybercrime game. We’re no longer talking about a lone hacker operating from his bedroom. Banks are up against the world’s best hackers, organized crime syndicates and highly motivated rogue nation-states looking for new ways to take on their enemies.

In It for More Than Just the Money

The days of grab-the-money-and-run are long behind us. Now that we’re talking about actors such as rogue nation-states, there’s clearly much more at stake than just the cash or even the customer data. Global geopolitics are moving away from the battlefield and into cyberspace.

Bank heists have escalated to virtual hostage situations, where cybercrime syndicates and nation-states attempt to cripple banks by destroying infrastructure, disabling websites and networks or taking down entire business units, rather than just extorting for the cash. These attacks aim to interrupt banking services or erase financial data.

A few rogue states, notably North Korea, have managed to sidestep economic sanctions by launching attacks on the Society for Worldwide Financial Telecommunications (SWIFT) and other payment networks. The Hidden Cobra hacking group, from North Korea, is notorious in this regard.

While 70% of the surveyed financial institutions in the 2019 report said that financially motivated attackers are their biggest concern, another 30% of these institutions said that hostile nation-state activities are a big worry.

Playing the Long Game

The challenge of these attacks with political motives are that the criminals behind them are often in it for the long game, more akin to a siege than a Jesse James’ style hold-up. The preferred methods for such attacks include distributed denial-of-service (DDoS) attacks, land-and-expand attacks that set up multiple points of persistence and increased dwell time within a firm.

The impact of this kind of attack, if successful, goes far beyond the immediate losses of money or customer data. Clients and the markets lose faith and trust in a company that has fallen victim to such an attack. Mending fences and restoring trust are expensive and sometimes long, drawn-out processes.

Another Kind of Outbreak

It probably comes as no surprise that the COVID-19 outbreak has resulted in an outbreak of financial cybercrime. Back in April, The National Economic Crime Centre (NECC) issued a warning regarding a surge in cybercrime, as attackers remain poised to exploit the vulnerabilities created by a sectorwide move to remote working, opening up a wealth of new attack opportunities.

However, while criminals have been sharing resources and information to up their attack game, so, too, have cybersecurity experts. In March, cyber experts from 40 countries, including professionals in senior positions at major tech firms including Microsoft and Amazon, banded together to create the COVID-19 CTI (cyber threat intelligence) League. The group aims to pool resources to combat COVID-related cybercrime, kind of like the Neighborhood Watch of Jesse’s day.

It’s Not All Bad News

Perhaps the current situation will provide the impetus for financial institutions to get on top of their cybersecurity game. A 2019 report by the Financial Services Information Sharing and Analysis Center (FS-ISAC) found that 73% of CISOs of financial institutions planned to ask their organization’s CFO for an increase in cybersecurity investments in the next year. After all, taking down an international crime syndicate is going to cost somewhat more than disarming a lone bank robber.

Featured eBook
The State of Cloud Native Security 2020

The State of Cloud Native Security 2020

The first annual State of Cloud Native Security report examines the practices, tools and technologies innovative companies are using to manage cloud environments and drive cloud native development. Based on a survey of 3,000 cloud architecture, InfoSec and DevOps professionals across five countries, the report surfaces insights from a proprietary set of well-analyzed data. Sponsorships ... Read More
Palo Alto Networks
Avatar photo

Marc Wilczek

Marc Wilczek is COO of Link11.

marc-wilczek has 2 posts and counting.See all posts by marc-wilczek