THREE TYPES OF WEB ATTACKS FOCUS ON BANKING INDUSTRY BY BILL HOGAN Image © nobeastsso ﬁ erce/iStock B anking customers in today’s digital age can log into their accounts on a computer with the click of a button or onto their phones using only their fi ngerprint. Bringing bank-ing online and into the palms of our hands has certainly made it more convenient than ever to move money and perform transactions, but it ’s also made the industry more vulnerable to malicious web attacks due to a widened threat surface. Cybercriminals are aware of the vulnerabilities and challenges facing banking IT teams, and they’re capitalizing on them. Let ’s take a closer look at some of the recent web attacks that have plagued the banking industry. 1. Ransomware Hits Banking Network Th is summer’s WannaCry ransomware attack was one of the largest and most publicized in recent memory, impacting computer systems in dozens of countries around the world. Th e attack exposed global security fl aws in several industries, including large banking organizations. It was reported that the attack largely infi ltrated the com-puters of employees that were connected to large banking net-works, compromising both their systems and their data. Many banking systems run on dated operating systems, making them very attractive targets for malware attacks like WannaCry that exploited vulnerabilities for which patches were available. Potential impact on banking: Banking institutions that run on outdated operating systems or those that are protected by sub-par security solutions are prime targets for web attacks. Sophisticated attacks and the cybercriminals behind them are always looking to exploit weaknesses, especially in the fi nancial realm. they continue to evolve as an attack vector. Banks will be chal-lenged with educating their customers about such attacks and developing more secure login tactics that are diffi cult to mirror. 3. DDoS Attacks Against Personal Banking Websites Distributed Denial-of-Service attacks in the banking industry are alive and well. A large banking group’s servers were bom-barded at the start of the year with massive volumes of traffi c that led to system outages. As a result, the bank’s customers were left in the dark and unable to complete everyday tasks like checking their balance, making deposits, paying bills or transferring funds. Th ese attacks are all too common in the banking industry, as cybercriminals use them as a means to not only shut down services, but also to distract security teams from other simulta-neous attacks or to hold the aff ected service for ransom. Potential impact on banking: As the banking industry con-tinues to move online, attackers will likely continue to make it a high-priority target for DDoS attacks, to harm business reputations or gain fi nancial rewards. 2. Redirection Attacks on Banking Websites For years, banking malware has relied on web injection attacks to prey on victims. Th is tactic projects false information onto the page being visited in an attempt to lure victims into disclosing personal banking information. However, since these attacks are deployed on the banking websites themselves, the sites’ security measures are often able to identify and remove the threats. As a result, cyber-criminals have moved on to more advanced redirection attacks. When launching these attacks, cybercriminals monitor the bank(s) being used by the victim, then redirect the browser to an extremely similar (in both look and feel) malicious website. When the victim lands on the fake site, they’re often unaware and con-tinue logging in as usual. From there, cybercriminals gain access to credentials, and the banks themselves are none the wiser. Redirection attacks on banks have commonly originated in the UK, as the region is known to have advanced security solutions that prevent such things as web injection attacks. Subsequently, attackers have concluded that if the attacks work there, they will likely work in other regions. Potential impact on banking: Lookalike banking domains are a challenge more security teams will face in the near future as Defending Against Today’s Web Attacks Due to the value of its data, the fi nancial services sector will continue to be a high-value target for cybercriminals. New and modern attacks will continue to emerge and fi nancial organi-zations, like banks, will need to enhance security for business being conducted in real time on the web. Financial cybersecurity solutions need the ability to adapt to changing network environments and user requirements while de-fending against dynamic security threats, whether they’re inside the network’s perimeter, outside in the cloud, at branch locations or on mobile devices. Financial services must also be able to conduct busi-ness in real time — with no network slowdowns due to obtrusive security solutions. Today’s fi nancial institutions need an integrated security fabric architecture that enables protection from endpoints all the way to the cloud. Ideally, this would include a threat intelligence sharing framework and internal segmentation fi rewalls. Th is kind of comprehensive security strategy keeps customer data secure while enabling fi nancial institutions to operate at the speed of business. Bill Hogan is vice president, strategic accounts and global fi nancial services at Fortinet, where he is responsible for sales, systems engineering and busi-ness development. For more information, visit www.fortinet.com.