FINANCIAL institutions worldwide
including those in the country have been implored to be extremely
cautious of the growing cyber-attacks that put them at great risk this
year than before.
The report further cautions that a
slight mistake could cause great cash loss to the financial institutions
like what happened to a Bangladesh Bank Central Bank. The Sophos report
indicates that financial infrastructure is at greater risk of attack.
“The use of targeted phishing and
‘whaling’ continues to grow. These attacks use detailed information
about company executives to trick employees into paying fraudsters or
compromising accounts.
“We also expect more attacks on critical
financial infrastructure, such as the attack involving SWIFTconnected
institutions which cost the Bangladesh Central Bank $81 million in
February,” reveals the report.
The caution comes in following a
Cybersecurity giant Sophos report published recently shows that the
attacks are expected to increase this year.
Expounding further, the report indicates
that the year 2016 saw a huge number and variety of cyber-attacks,
ranging from a high-profile DDoS using hijacked Internet-facing security
cameras to the alleged hacking of party officials during the US
election, according to a report by a Cybersecurity giant Sophos.
The Sophos report shows that they also
saw a rising tide of data breaches from big organisations and small and
significant losses of people’s personal information. “Since the year
2016 is over, we’re pondering how some of those trends might play out in
2017,” it notes.
The report indicates that the current
and emerging attack trends include the destructive DDoS IOT attack which
is expected to rise. “In 2016, Mirai showed the massive destructive
potential of DDoS attacks as a result of insecure consumer IoT (Internet
of Things) devices.
Mirai’s attacks exploited only a small
number of devices and vulnerabilities and used basic password guessing
techniques,” part of the report indicates.
However, the report claims that
cybercriminals will find it easy to extend their reach because there are
so many IoT devices containing outdated code based on poorly-maintained
operating systems and applications with well-known vulnerabilities.
“Expect IoT exploits, better password
guessing and more compromised IoT devices being used for DDoS or perhaps
to target other devices in your network,” it notes. It shows there is a
shift from exploitation to targeted social attacks.
“Cybercriminals are getting better at
exploiting the ultimate vulnerability - humans. Ever more sophisticated
and convincing targeted attacks seek to coax users into compromising
themselves.
For example, it’s common to see an email
that addresses the recipient by name and claims they have an
outstanding debt the sender has been authorised to collect,” explains
part of the report.
It further states that shock, awe or
borrowing authority by pretending to be law enforcement are common and
effective tactics, saying that the email directs them to a malicious
link that users are panicked into clicking on, opening them up to
attack.
“Such phishing attacks can no longer be
recognised by obvious mistakes,” it states. SWIFT recently admitted that
there have been other such attacks and it expects to see more, stating
in a leaked letter to client banks, stating that the threat is very
persistent, adaptive and sophisticated – and it is here to stay.
The Sophos report notes that there is
increasing exploitation of the Internet’s inherently insecure
infrastructure. All Internet users rely on ancient foundational
protocols and their ubiquity makes them nearly impossible to revamp or
replace.
These archaic protocols that have long been the backbone of the Internet and business networks are sometimes surprisingly flaky.
Financial institutions at risk of cyber-attacks - report
Reviewed by Erasto Paul
on
January 09, 2017
Rating:
No comments:
Thank you for commenting to Mwanauswahili