An Online Banking System Makes a Tempting Target for Cybercriminals
Financial services organizations are in the crosshairs for more than 25 percent of all malicious security incidents. Although an online banking system is most commonly targeted by distributed denial-of-service (DDoS) attacks, more banks are experiencing rising losses from other attack vectors as well. Whether they’re attacked by terrorists, nation states or run-of-the-mill cybercriminals, banks have to be ready to recognize attacks in progress and quickly defend their perimeters before they lose money and customers.
Banks Face Numerous Security Challenges
Banks must be prepared to address modern security challenges, including the increasing number of transactions, wider attack surfaces for fraud and the complex task of pinpointing and stopping cyberattacks.
More Transactions Than Ever Before
Thanks to the Internet, cloud computing and mobile technology, people can perform banking transactions anytime, anywhere and from any device. Capgemini’s 2015 World Payments Report showed that financial institutions process more than 390 billion non-cash transactions each year, and that number will continue to skyrocket as banks deploy immediate payment solutions.
Faster Payment Systems Don’t Protect Against All Attacks
Some organizations say that faster payment systems (FPS) could reduce the potential for fraud. Although the Bank Administration Institute notes a decrease in FPS-related a malfeasance in the United Kingdom, both telephone fraud and online banking system fraud still plague world banks. The source blames attacks such as phishing, vishing, man-in-the-middle and social engineering for the ongoing losses. Further, if a criminal uses authorized login information to process a fraudulent transaction, a secure FPS won’t prevent fraud.
No Time to Spare in Detecting Breaches
Another challenge facing banks is the time it takes to detect and contain data breaches. In an interview with Arbor Networks, Larry Ponemon, president and founder of the Ponemon Institute, noted that it takes financial institutions an average of 96 days to identify an attack in progress and an additional 26 days to contain it.
Internal Threats Are Equally Damaging
Further, not all threats to bank assets and customer accounts come from outside attackers. According to Banking Exchange, the financial services industry reports the highest percentage of employee fraud of any industry reviewed by the Association of Certified Fraud Examiners. Banks lose an average of $200,000 per victim organization when their employees commit fraud.
Moving Toward Better Online Banking System Fraud Detection
Fast fraud detection requires banks to spot patterns among more than 1 billion daily transactions. Telltale signs of fraud in progress include geographic disparities between transactions on the same card or an attempt to process multiple small “testing” transactions before unleashing a large purchase that empties an account.
However, the large-scale data mining needed to spot these red flags requires significant network compute and storage resources, as well as increased connection bandwidth to process and analyze an ever-increasing number of transactions. Some banks are upgrading to single-mode fiber optic cabling, which can deliver 100-gigabit-per-second connection speeds. They’re also using tools such as burst buffers to handle surges in data traffic without hurting application latency.
In addition to protecting themselves against attacks that leverage stolen credentials, banks must protect their perimeters against DDoS attacks and phishing-delivered malware. They’re also vulnerable to man-in-the-middle attacks, in which cybercriminals hijack insecure Wi-Fi hotspots and direct customers to spoofed online banking system sites.
Security information and event management systems and threat intelligence tools can help against these attacks by logging and analyzing perimeter traffic. Ponemon said that threat intelligence, whether gathered internally or shared with trusted parties, can significantly shorten time to discovery.
Legally, responsibility for detecting and reporting suspicious activity lies with the customer. Even so, banks are also increasingly using tools to place holds on accounts following suspicious transactions and automatically alert customers. An alert could be an automatically generated SMS or voice message that asks the customer to call and confirm a transaction. The goal is to minimize losses for individual customers and prevent the bank from having to absorb the costs.
The financial services industry faces the same challenge as other businesses: a shortage of available employees trained in cybersecurity. As such, many banks are turning to outside firms with expertise in financial services cybersecurity. Ultimately, no amount of money poured into devices, connections or analytics can replace the value a qualified security expert brings to the table.