FINANCIAL institutions of countries which are badly-hit by the Covid-19 pandemic are vulnerable to cyber attacks as more consumers turn to digital platforms for their daily needs.
Global cybersecurity company Kaspersky has reminded banks and financial services in Southeast Asia to learn from the lessons of previous cyber attacks like the US$81 million cyberheist incident in 2016.
Kaspersky, in an online conference with select media from the region, highlighted how the financial sector can utilize comprehensive threat data to beef up its defenses against sophisticated cybercrime groups such as Lazarus, the infamous cybergang allegedly behind the multi-million Bangladesh Bank heist.
“The past offers us warnings which we must heed to be able to build a safer today. This applies to the financial sector and all other organizations, especially when it comes to cybersecurity. More than four years after the world has witnessed one of the most successful cyber heists to date, it is essential for banks and related institutions in Southeast Asia to understand how they can leverage on threat intelligence to foil any sophisticated attempts against their systems,” Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky, said.
“For instance, our cybersecurity researchers have been monitoring the Lazarus group closely for years. Through this intelligence, our solutions can detect the possible malware they may use suppose they try to get into a banking system. We can block them, analyze the malicious file and alert the organization’s IT team on which tactics and techniques to look out for based on the group’s previous attack behaviour, saving possible multi-million losses financially and professionally,” he added.
Aside from threat intelligence, Kaspersky also noted the importance of human factor when it comes to securing financial systems. It cited a report which proved that the cyberheist started with a series of spear phishing emails. One was unfortunately clicked by an unsuspecting bank employee. Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business.
The threat of phishing and spear-phishing remains present as Kaspersky’s network has detected 40,511,257 during the first five months of 2020, globally.
To improve banks’ and financial organizations’ cyber defenses, experts in Kaspersky suggested the integration of the Threat Intelligence into the security information and event management and security controls in order to access the most relevant and up-to-date threat data. (JOB with PR)