First Moscow-based security firm Kaspersky Lab revealed a cybercriminal gang raided up to 100 financial institutions internationally for an estimated $1 billion. Then, the San Diego based Identity Theft Resource Center said that as of March 4, there had been 14 breaches, including one credit union, affecting almost 400,000 records in the financial sector this year.
Credit unions increasingly focused on bolstering network infrastructures and internal systems because of this heightened awareness of cybersecurity.
Lonny Brooks, manager of Security Services at Xamin, Inc., said, “The most glaring thing that stood out for me [in the Kaspersky report] is that they had patches available for well over a year yet those systems weren’t patched.”
The Kaspersky account gang started by sending emails to individuals in the organization. Someone unwittingly opened the attachment and activated the malware.
Brooks, who oversees the activities and responsibilities of the Xamin security team and its projects, explained that IT people can talk all day long about how the end users should pay more attention and have more training, but that is not their job.
“End user’s jobs are something else, to create reports, to help customers, to do other things. When an end user gets an email Word document or a PDF that looks normal they are going to open it, especially if it is from somebody they know,” he said.
When recommended patches for commonly used applications such as Word or Acrobat are ignored, it opens the door for cybercriminals.
As a result, IT executives are starting to crack down on vulnerability management to patch those holes.
“Patch management systems work, they work well, but you need a way to check to make sure that it did get patched. Or even to be aware of vulnerabilities that there aren’t any patches for yet,” Brooks pointed out.
How do credit unions stay on top of the patches?
“By installing a good patch-management system and a good vulnerability-management system,” Brooks explained. This ensures patches are installed when available as part of layered security that also includes anti-virus programs, anti-malware programs and perimeter scans.
Matthew Gardner, a business relationship manager at Xamin, suggested credit unions start by taking a vulnerability snapshot to assess the organization.
“What that does is create a baseline for things that we view as reactive such as patches, your antivirus and antimalware,” he said.
Xamin approaches the process as network hardening. The intention of system hardening is to remove as many security risks as possible.
“A lot of organizations really don’t know what that means. Network hardening is about doing something every day to keep the bad guys out,” he said.
Hackers leverage a variety of common ancillary devices that reside on financial institutions’ networks, such as printers, scanners and others, to easily access internal systems and execute harmful attacks. In the attacks reported by Kaspersky, hackers used malware to access administrators’ computers and video surveillance systems.
“Once they got into the network, they learned how to hide their malicious plot behind legitimate actions,” Sergey Golovanov, principal security researcher at Kaspersky Lab’s Global Research and Analysis Team said.
Sanjay Virmani, director of the INTERPOL Digital Crime Centre, added that no sector is immune to attack and must constantly address their security procedures.