The financial industry is, and will continue to be, one of the most lucrative for cybercriminals to attack. With the wealth of market and account information capable of falling into their traps, data security will be imperative for this industry to weather the storm that hackers bring. Reuters reported that the FBI has taken a hand in helping with this, as the agency gave security clearances to many banking executives to let them know about an investigation into cyberattacks that have been disrupting many banking websites for nearly a year. The chosen financial service professionals were brought to field offices around the country to join a video conference on "who was behind the keyboards," FBI executive assistant director Richard McFeely explained to the Reuters Cybersecurity Summit.
These clearances, deemed as "extraordinary" by Reuters, show that the government is getting more serious about the need to collaborate between public and private bodies. These attacks are seen as becoming more serious against U.S. entities over the past few years and McFeely did not discuss any details of the investigation. The news organization said thus far, banks have had to spend millions of dollars to get operations securely back online. Banks which have been affected include JP Morgan Chase & Co, Bank of America, Wells Fargo and Citigroup, among others.
McFeely said the FBI has changed its stance 180 degrees from where it used to be on letting these companies behind the curtain, as executives are starting to work harder to secure international help against this kind of cybercrime, according to Reuters. The FBI has also warned 129 countries about 130,000 internet protocol addresses that have been used by these attacks, many of which were infected by viruses before being ordered to attack the bank websites.
One big issue with international talks has been a lack of willingness to share information and make arrests, but McFeely said that may be coming soon. Hackers who have been identified by name may travel outside of their country and be detained, something he said will be a "big deal" the first time it happens.
Recent ATM heist shows cause for alarm
To illustrate just how big of a target financial institutions have become, Bank Info Security said a recent cyberheist that took place was announced by federal authorities earlier this month which saw $45 million be chased out of ATMs from around the world in extremely well timed and short streaks. Avivah Litan, an analyst with Gartner, told the news source that this closely resembled the 2008 RBS WorldPay heist and ATM cashout which saw $9 million disappear in theft.
"These attacks keep repeating themselves," Litan says. "There are tens of thousands or more financial institutions to attack in this manner across the globe, and there is plenty of fodder for the criminals."
Litan said one of the most trouble aspects of this breach is that it is very difficult to discern the points of the network that were breached by these criminals. There are many parties in the payment chain and it is hard to assign blame for any of these types of threats. Simply pointing fingers, she said, is a lose-lose proposition for all parties involved.
There must be work done on all ends to share information about these attacks to gain information in an effort to eventually slow down these data security issues.
"Until then, we will continue to try to keep a leaky insecure payment system secure," Litan said. "It reminds me of the little Dutch boy who stuck his finger in the dyke and successfully stopped the seawater from flooding his home town. He was successful because he stopped the leak when it was very small. I think we are too late when it comes to our global card payment systems. We probably need at the least, a major cyber-army, in this instance."
Security News from SimplySecurity.com by Trend Micro.