Money matters – IBM talks data breaches in the financial sector

Money matters – IBM talks data breaches in the financial sector

Tim Compston sits down with Limor Kessem, Executive Security Advisor at IBM Security and Alan Jenkins, who is IBM Security’s Associate Partner for FSS (Financial Services Sector), UK and Ireland, for a round table discussion on the cyber threat to the financial world.

There is little doubt that large-scale data breaches can cause considerable operational and reputational damage where financial institutions are concerned. When I speak to Limor Kessem and Alan Jenkins it is fresh from leafing through the latest research contained in IBM X-Force’s thought provoking ‘Managed Security Services Report 2016’. One of the figures which stands out amongst the IBM X-Force data spotlighted in the document is the fact that, worryingly, nearly 20 million financial records were breached in 2015.

In terms of records compromised by the industry sector, according to IBM’s X-Force research, finance ranked fifth overall, this represents a two-place drop from its third place ranking in 2014. A major contributor to the finance industry’s changed position year-on-year – and a decrease in records compromised for 2015 – was that the 2014 numbers accounted for the largest recorded financial breach in the last five years so it will be interesting to see how things play out as 2016 figures are analysed. Geographically, the United States is the leading country when it comes to where both the victims and originators of financial institution attacks are located.

Enterprising criminals

Money matters: IBM talks data breaches in the financial sector
Limor Kessem, Executive Security Advisor, IBM Security

Drilling down into the specifics of the attacks that financial institutions like banks are having to endure, IBM Security’s Executive Security Advisor, Limor Kessem, tells me that what has been a visible trend lately is cyber criminals seeking to target banks at the enterprise level: “So that is breaching employee endpoints, internal systems, and service channels in order to coordinate larger digital heists.” Kessem goes on to say that in recent research it was revealed that the Carbanak [hacker] group is targeting bank employees, and bank executives, in order to ‘spear phish’ them and abuse their user privileges to facilitate more complex attacks on banks.

Alan Jenkins agrees that the sophistication of cyber attackers is on an upward trajectory: “Their capability has moved on so they are much more focused on going after where the money is and that definitely draws them towards the banks but, as the US health insurance market saw last year, they are also starting to see value in, let’s call it, the ‘big data’ to use that buzz word.” Jenkins goes on to say that cyber attackers are starting to see value in more than just someone’s personal identity and, to some extent, more than just their personal bank statement: “This is an interesting factor that particularly in the insurance market they are just starting to wake up to,” concludes Jenkins.

Pressed on whether the main threat the financial services sector faces today in terms of data breaches is from external hacking attacks, or closer to home from dishonest or careless employees stealing and mishandling data from within, Kessem responds that it is not as simple as that. In fact, she contends, there are well publicised dangers posed by both, each in a different manner: “We cannot use an ‘either or’ approach here to determine which is more dangerous. Banks have controls in place to root out rogue employees and they must have proper knowledge and security in place to stop the evolving nature of external adversaries,” says Kessem.

With regards to whether banks have a strong appreciation of the external dangers that are out there, and if they are taking steps to enhance their cybersecurity, Kessem replies in the affirmative, believing that they are definitely switched on to most of the risks: “Depending on their security policies and security culture, banks that operate in what’s considered to be an advanced threat landscape do invest in: new technology, in keeping up-to-date about threats and modus operandi, and in human intelligence about the crimes that target them.”

Money matters - IBM talks data breaches in the financial sector
Alan Jenkins, Associate Partner for FSS, IBM Security – UK and Ireland
Early warning
On the value of picking-up on data breaches as soon as possible, Alan Jenkins, IBM Security’s Associate Partner for FSS (Financial Services Sector) (UK & Ireland), believes that time is of the essence here: “Earlier detection, which allows you to respond sooner, is absolutely an advantage. In an ideal world you are getting into the prevention piece so that it doesn’t happen in the first place but I think that there is an increasing recognition that perimeter-based defences are no longer good enough because they don’t go into the application and the data space enough. That is leading to a re-allocation of spending in a sense from firewalls and into web application firewalls so there has been a change of emphasis.”

Returning to some more of the threat specifics, identified by IBM’s X-Force research, the top two attack vectors targeting the financial sector during 2015 were, interestingly enough, malicious attachments/links delivering malware and the infamous Shellshock vulnerability, first discovered back in 2014. When combined these two tactics made up a massive 38 percent of attacks targeting the financial sector in 2015. Whereas, as we know, historically Denial of Service (DoS) attacks have tended to sit at the top of the financial services cyberattack pyramid, IBM managed service data reveals a changing picture with DoS attacks dropping down to third in the rankings for last year. IBM data also suggests that hackers are, increasingly, focused on stealing money directly from the finance industry rather than stealing data or becoming involved in sabotage. This, according to IBM’s X-Force team is underlined by the fact that extortion tactics or currency theft increased 55 percent year-on-year.

Securing the transaction
For his part, Alan Jenkins reckons that banks have now woken up to the risks that are out there from cyberattacks, potentially, targeting their third party supply chain and also, crucially, in their customer chain: “We have had a lot of success with IBM Security Trusteer Rapport, for example, to help banks and their customers ensure that their end point devices or, rather, the transaction they are doing, when they undertake their online banking, is secure.” He adds that the sheer variety of ‘endpoints’, like tablet devices and smartphones, makes the challenge very difficult when you look at the chain of events as a whole so, in his view, securing the transaction really becomes a pivotal element in the cybersecurity equation.

Rounding off our discussion, talk turns to the importance of striking the right balance between making accounts easy to access online for bank customers and ensuring they are as secure as possible, IBM’s Limor Kessem has an interesting take on the utility – or otherwise – of biometrics, which is much in vogue at the moment: “Personally I think that as long as biometrics is stored in a database it only has the same value as a password – it can be stolen and used by a criminal. Additional security can help, although many times banks are hesitant to impact user experience and convenience too much.” For Kessem what has proven to be very effective is ‘invisible’ security on the banks’ servers: “This protects customers but doesn’t affect the way they access their accounts.”

[su_button url=”https://www.securitynewsdesk.com/newspaper/” target=”blank” background=”#df2027″ color=”#ffffff” size=”10″ radius=”0″ icon=”icon: arrow-circle-right”]For more stories like this read the SecurityNewsDesk Newspaper[/su_button]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Private CCTV risks privacy breaches, warns experts

With an increase of homeowners investing in CCTV cameras every year, a solicitor is warning of the dangers of breaching data protection laws

Private CCTV risks privacy breaches, warns experts

With an increase of homeowners investing in CCTV cameras every year, a solicitor is warning of the dangers of breaching data protection laws
IBM

IBM and Amazon Web Services join forces

IBM and Amazon Web Services (AWS), an Amazon.com, company announced the two companies will combine the benefits of IBM Open Data for Industries
NAKIVO

NAKIVO releases v10.4 with new features to enhance ransomware resilience

NAKIVO has released v10.4 of NAKIVO Backup & Replication with a focus on the security of backup data and ransomware protection.

UK threat report from Carbon Black finds 88% of UK businesses have been breached during the last year

Carbon Black has released the results of its second UK Threat Report – the research indicates that the UK’s cyber threat environment is intensifying.
re-data-ships

Nearly half of young people risking in UK their future online safety thanks to rising trend of ‘re-data-ships’

Nearly half of young people are risking their online safety because of ‘re-data-ships’ according to a survey by a cyber security programme.

Nearly half of young people in UK risking their future online safety thanks to rising trend of ‘re-data-ships’

Nearly half of young people are risking their online safety because of ‘re-data-ships’ according to a survey by a cyber security programme.

Regulation is the only way to control the IoT cyber-security threat, says Databarracks

IoT will be the source of more data breaches as we see mass adoption and rapid growth in the number of connected devices, according to Databarracks.
Databarracks

Regulation is the only way to control the IoT cyber-security threat, says Databarracks

IoT will be the source of more data breaches as we see mass adoption and rapid growth in the number of connected devices, according to Databarracks.
CISOs

All I want for Christmas: A CISO’s wishlist

As Christmas fast approaches, CISOs and cyber security experts are putting plans in place for 2019 and what could have been done differently this year.
Scroll to Top