Cyberattacks on financial institutions are growing in sophistication and frequency.
These breaches, which use stolen legitimate credentials and malware to disguise criminal activity, can remain undetected for some time, making the financial impact irreparable.
In the financial services sector, the best defense is a good offense. Instituting technological barriers and developing a contingency plan for when an attack occurs will have beneficial results, but sometimes the best strategy to thwart a hacker is try to think like one.
Asking theoretical questions about a hacker's motives and methods can help institutions reflect on their own vulnerabilities. Here are three questions to ask to get more inside the mind of a cybercriminal.
What Industries Should I Attack?
Before an attack is launched, cybercriminals evaluate the landscape and identify areas where they can prosper the most.
The financial services industry is consistently at or near the top of cybercriminals' lists because, quite literally, it's where the money is.
However, aside from seeking out customer information to commit fraud, cybercriminals see value in stealing data like bank employee email addresses and passwords. By doing so, they are able to pose as employees and find their way into the networks to commit theft.
By understanding the industries that are commonly attacked and the ways attackers are trying to get in, cybersecurity teams will be better prepared to put a strategy in place and make the investments where necessary.
Remember, cybercriminals are just human beings looking for the fastest and most financially rewarding way to do their jobs.
Where Are My Target's Greatest Vulnerabilities?
With the proliferation of mobile devices in the workplace and employees working from remote locations, today's cybercriminals have more opportunities than ever before to find their way into networks.
Hackers may also see vulnerability when a financial institution is in the midst of a new consolidation or integration effort. When a financial institution acquires another company, it typically acquires disparate technology that creates complexity for the overall security posture. These components equate to challenges that need to be addressed.
No one is better qualified to look for holes and vulnerabilities in a network than those who put it together. IT security professionals in financial services should look for openings in their own defense by conducting their own penetration-testing and white-hat hacking. Then, they should focus on any cracks uncovered.
How Can I Exploit Human Weakness?
It's also important to remember that employees are a part of the system as well. An employee who is uneducated about security is just as dangerous to data as any other digital or physical entry point. Creating a culture of security via awareness and training is critical.
According to Verizon's 2015 data breach investigations report, more than two-thirds of cyberespionage incidents involve phishing. One way to test for employee vulnerabilities is to simply conduct test attacks. Many CIOs will conduct fake phishing attacks to see if their employees will provide login credentials or click on malicious links. If a high number of employees are failing the test, security teams will know it is an area that demands added focus.
Cybercriminals are always looking for new ways to penetrate networks; thus, IT security teams should be doing the same. By conducting threat intelligence research, cybersecurity teams will be able to monitor existing threats and identify new threats before they take hold within the industry.
Brian Forster is senior director at Fortinet.