Some Basic Steps Financial Firms can Implement to Minimize the Risk of Cyberattack

Criminals have always sought ways to infiltrate financial technology systems. Now, the financial system faces the added risk of becoming collateral damage in a wider attack on critical national infrastructure.

Such an attack could shake confidence in the global financial services system, causing banks, businesses, and consumers to be stymied, confused, or panicked, which in turn could have a major negative impact on economic activity.

Cybercrime alone costs nations more than $1 trillion globally, far more than the record $300 billion of damage due to natural disasters in 2017, according to a recent analysis our firm performed.

We ranked cyberattacks as the biggest threat facing the business world today – ahead of terrorism, asset bubbles, and other risks. An attack on a computer processing or communications network could cause $50 billion to $120 billion of economic damage, a loss ranking somewhere between those of hurricanes Sandy and Katrina, according to recent estimates.

Yet a much broader and more debilitating attack isn’t farfetched. Just last month, the Federal Bureau of Investigation issued a warning to banks about a pending large-scale attack known as an ATM “cash-out” strike, in which waves of synchronized fraudulent withdrawals drain bank accounts.

In July, meanwhile, it was revealed that hackers working for Russia had easily penetrated the control rooms of US electric utilities and could have caused blackouts.

CYBERATTACK SCENARIOS  How might a financial crisis triggered by a cyberattack unfold? A likely scenario would be an attack by a rogue nation or terrorist group on financial institutions or major infrastructure.

Inside North Korea, for example, the Lazarus Group, also known as Hidden Cobra, routinely looks for ways to compromise banks and exploit cryptocurrencies. An attack on a bank, investment fund, custodian firm, ATM network, the interbank messaging network known as SWIFT, or the Federal Reserve itself would represent a direct hit on the financial services system.

Another possibility would be if a so-called hacktivist or “script kiddy” amateur were to use malicious programs to launch a cyberattack without due consideration of the consequences. Such an attack could have a chain reaction, causing damage way beyond the original intent, because rules, battle norms, and principles that are conventional wisdom in most warfare situations but don’t exist in a meaningful way in the digital arena.

For example, in 2016 a script kiddie sparked a broad denial-of-service attack impacting Twitter, Spotify, and other well-known internet services as amateurs joined in for mischief purposes.

Some Basic Steps to Follow

Identify Threat:

A threat refers to a new or newly discovered incident that has the potential to harm a system or your company overall. There are three main types of threats:

Natural threats, such as floods, hurricanes, or tornadoes Unintentional threats, like an employee mistakenly accessing the wrong information. Intentional threats, such as spyware, malware, adware companies, or the actions of a disgruntled employee.

Identify Vulnerability:

A vulnerability refers to a known weakness of an asset (resource) that can be exploited by one or more attackers. In other words, it is a known issue that allows an attack to succeed. Here are some questions to ask when determining your security vulnerabilities:

Is your data backed up and stored in a secure off-site location?

Is your data stored in the cloud? If yes, how exactly is it being protected from cloud vulnerabilities?

What kind of network security do you have to determine who can access, modify, or delete information from within your organization?

What kind of antivirus protection is in use? Are the licenses current? Is it running as often as needed?

Do you have a data recovery plan in the event of a vulnerability being exploited?

Threat and vulnerability can be subjected to a person, an organization, weaknesses in the system or the network. So it is not a necessity but mandatory for the organization to identify these threats and vulnerabilities through penetration testing in order to patch the weaknesses that can be exploited to gain access and affect the system.

Educate employees:-

All employees should be aware of the threats and consequences of ignoring it. For instance, they should be aware of the hazard by clicking a malicious link or opening an attachment from an unknown person. So, it is crucial to provide cybersecurity awareness training for the employees with tools like  threatcop that helps in raising awareness to prevent cyberattacks. It is particularly important because most of the cyber incidents are the result of  human error.

Risk assessment:-

It is advisable for every bank to prepare a  cybersecurity risk assessment, and implement a cybersecurity protection plan to address those threats identified in the risk assessment procedure. This helps the organization to mitigate the factors that cause disruption in running a smooth business operation.

Identify and classify the assets:-

It is important to identify and categorize the information assets, based on its level of sensitivity, value, and criticality to the bank. Information assets including various categories of data that are highly-restricted, confidential, internal use, and the public.