In the Age of Mega Cyber Breach; Is your Bank Resilient?

Financial institutions are turning out to be the epicentre of cyber attacks probably because hackers are directly hitting the place where they can get money. It has been estimated that every year these financial institutions incur loss of few hundred billion dollars! These numbers clearly establish that profits of these institutions are eroded and in the long run, this is threat to financial stability.

A successful cyber-attack on one institution could spread rapidly through the highly interconnected financial system.Before diving into any more details, let’s go over some noticeable attacks:

• Tokyo based crypto exchange Coincheck lost about $500 million recently. This kind of fraud not only steals money but also confidential data of the customers.
• The theft of data from 83 million customers of Wall Street giant J.P. Morgan, allegedly by an Israel-based team trying to manipulate the stock market, revealed chilling possibilities for how cyberattacks could undermine the financial sector.
• Hackers stole $81 million from the Federal Reserve Bank of New York earlier this year using payment transfer messaging service Swift
• Swift said that an undisclosed number of banks lost money earlier this year to hackers using similar methods to the Federal Reserve Bank breach

When National Security Agency contractor Edward Snowden revealed that intelligence agencies were freely availing themselves of data stored by the major Internet companies, many of those companies promised to do more to encrypt data. They started using encryption on their own corporate servers, but most users remain exposed unless they know to install and use third-party apps that encrypt their data.

Cybersecurity rising?

The financial services industry is investing big in cybersecurity, spending $8.6 billion this year. JPMorgan doubled its cybersecurity to $500 million, and Bank of America said it has an unlimited budget for combating cyber crime. With banks increasing their security investments, information assurance professionals are at a premium in the industry. There has been a 131 percent increase in job postings for security experts in recent years. Professionals can improve their chances of landing a position in the industry by furthering their education.

The institutions have to protect themselves from a myriad of attacks but the hacker only needs one successful attempt to get into the system. It’s a really tough and unfair fight where just being preventive is not enough. One has to detect and respond to attacks as quickly as possible. The history has it that multiple attacks remained unnoticed until a long while.

The focus now is on resilience, with smarter ways to detect attacks and faster ways to respond to them.

Currently, the costliest types of attacks for banks and insurers are:

• Denial of service
• Phishing
• Social engineering
• Malicious insiders

One well-known example was of DoS attack is Mirai botnet, a self-propagating botnet virus. It used the Internet of Things (IoT) to attack several types of companies, including banks.

Machine Learning, Big Data to the rescue?

Big Data Analytics could provide a solution for finance companies. With the rate, pace and sophistication of cyber-attacks continuing to grow exponentially, security has become a big data problem. Real-time analytics are required as the foundation of today’s security strategy.

The International Institute of Analytics (IIA) has predicted that Big Data analytics tools are set to become the first line of defence — bringing together machine learning, text mining and ontology modelling that can provide holistic and integrated security threat prediction, detection, and deterrence and prevention programs.

Applying machine learning frameworks that can engage data from various sources enable businesses to flag irregular activities in real-time, preventing any potential security attacks or fraud from taking place. Acting on data “as it occurs” is a critical advantage that can help financial institutions stay ahead of criminals. With a converged data platform, analysis on both operational and analytical data can be used to anticipate attacks and proactively prevent them.

It’s data that’s getting stolen, but it’s also data that can come to the rescue. You just have to know how to use it in the right way. For example, employee devices could be used as Trojan horses to access and steal data — but you can stop it with big data analytics.

At the end of the day, the choice is yours; innovate or be disrupted!

In the Age of Mega Cyber Breach; Is your Bank Resilient? was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.