(727) 692-7055
Pentasys Corporation
  • Home
  • About Us
    • Our Clients
    • Our Methodology
    • Our Partners
    • Our Projects
    • Our Team
  • Services & Solutions
    • Network Support
    • Managed Services
    • Business Continuity & Disaster Recovery
    • Security
    • Development Services
    • Cloud Solutions
    • Business Consulting
  • Blog
  • Client Portal
  • Contact Us
  • Menu Menu

Risks financial firms face

Security

2015Feb29_Security_CTTP’s stands for threats and tactics, techniques and procedures, the number of which has been gradually increasing since 2015. The financial services sector has long been the target for cyber criminals, where they apply a myriad of techniques ranging from social-engineering to credential-stealing malware. This means the time for security professionals to boost cyber situational awareness has never been more fitting. These are the seven latest threats that have recently surfaced:

Extortion

The cyber criminal Armada Collective gained notoriety for being the first to utilize distributed denial-of-service (DDoS) attacks. This occurs when multiple systems flood a targeted system to temporarily or completely disrupt service. They evolved the idea further and started to extort Bitcoins from victims who were initially notified of their vulnerability. If they didn’t comply with the ransom demands of the criminals, they would flood their systems until the victim’s network would shut down completely.

Social media attacks

This involved criminals using fake profiles to gather information for social engineering purposes. Fortunately, both Facebook and Twitter began to proactively monitoring for suspicious activity and started notifying users if they had been targeted by the end of 2015. However, you should still have your guard up when someone you don’t know, or even a friend or colleague, starts asking you suspicious questions.

Spear phishing

Phishers thrive off familiarity. They send out emails that seem to come from a business or someone that you know asking for credit card/bank account numbers. In 2015, phishers went to the next level and began whaling. This normally involved spoofing executives’ emails (often CEO’s) to dupe the finance departments to transfer large sums of money to fraudulent accounts.

Point-of-sale malware

POS malware is written to steal customer payment (especially credit card) data from retail checkout systems. They are a type of memory scraper that operates by instantly detecting unencrypted type 2 credit card data and is then sent to the attacker’s computer to be sold on underground sites.

ATM malware

GreenDispenser is an ATM-specific malware that infects ATM’s and allows criminals to extract large sums of money while avoiding detection. Recently reverse ATM attacks have also emerged, this is when compromised POS terminals and money mules to reverse transactions after money being withdrawn or sent to another bank account.

Credential theft

Dridex, a well known credential-stealing software, is a multifunctional malware package that leverages obfuscated macros in Microsoft Office and extensible markup language files to infect systems. The goal is to infect computers, steal credentials, and obtain money from victims’ bank accounts. It operates primarily as a banking Trojan where it is generally distributed through phishing email messages.

Other sophisticated threats

Various TTP’s can be combined to extracted data on a bigger scale. Targeting multiple geographies and sectors at once, this method normally involves an organized crime syndicate or someone with a highly sophisticated setup. For example, the group Carbanak primarily targeted financial institutions by infiltrating internal networks and installing software that would drain ATM’s of cash.

The creation of defensive measures requires extensive knowledge of the lurking threats and our team of experts is up-to-date on the latest security information. If you have any questions, feel free to contact us to find out more about TTP’s and other weapons in the hacker’s toolbox.

Published with permission from TechAdvisory.org. Source.

February 29, 2016/by Pentasys Corporation
Tags: 2015feb29_security_c, account, attack, bank, crime, customer, cyber, financial, industry, money, safety, sector, security, target, threat
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Vk
  • Share on Reddit
  • Share by Mail
https://www.pentasys.net/wp-content/uploads/2016/03/2015Feb29_Security_C_PH.jpg 300 900 Pentasys Corporation https://www.pentasys.net/wp-content/uploads/2015/12/logo.jpg Pentasys Corporation2016-02-29 21:00:352016-02-29 21:00:35Risks financial firms face
You might also like
Enlist IT help when installing CPU updates
What are watering hole attacks?
9 cybersecurity terms everyone must know
Best Options for CRM Software in 2016
Quick recoveries with external IT support
Enhance content through social media

Recent Posts

  • Assess risks before buying new softwareJuly 5, 2018 - 8:00 PM
  • What to do in case of a website breachJune 28, 2018 - 8:00 PM
  • SMB routers targeted by VPNFilter malwareJune 20, 2018 - 8:00 PM
  • Apple WWDC 2018: News and updatesJune 19, 2018 - 8:00 PM
  • Hide & Seek malware: What you need to knowJune 15, 2018 - 8:00 PM
  • Chrome: From HTTP to HTTPSJune 14, 2018 - 8:00 PM

Post Categories

Archives

Say goodbye to complex IT holding your business back

We make IT simple

Get IT Support that works

Interesting links

Here are some interesting links for you! Enjoy your stay :)

Pages

  • Home
  • About Us
  • Services & Solutions
  • Blog
  • Citrix Demo
  • Contact Us
  • FREE Security Assessment
  • Privacy Policy
  • Support Center
  • Thank You!
  • Network Support
  • Our Clients
  • Managed Services
  • Our Methodology
  • Business Continuity & Disaster Recovery
  • Our Partners
  • Our Projects
  • Security
  • Development Services
  • Our Team
  • Cloud Solutions
  • Business Consulting

Categories

  • Apple
  • Business
  • Business Continuity
  • Business Intelligence
  • Business Value
  • Google
  • Healthcare
  • Internet Social Networking and Reputation Management
  • Office
  • Security
  • Social Media
  • Web & Cloud

Archive

  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
© 2023 Pentasys Corporation All Rights Reserved. | Website Hosting by K.Tek Systems Inc.
  • Privacy Policy
4 steps to enhance your online imageBI is not just for the big boys
Scroll to top