Reader Advisory

Some articles posted in The SlickMaster's Files may contain themes, languages, and content which may neither appropriate nor appealing to certain readers. READER DISCRETION is advised.

02 August 2020

Kaspersky: Threat data is the key to fend off cyber heists

07/26/2020 04:18:03 PM



Threat data is the key to spare the banks from any cyberattacks in the future. That's one thing that Kaspersky has found out from the massive heist that took place four years ago.


The global cybersecurity company, in an online conference with select media from the region, highlighted how the financial sector can utilize comprehensive threat data to beef up their defenses against sophisticated cybercrime groups such as Lazarus – the infamous cybergang allegedly behind the multi-million Bangladesh Bank Heist that stole a whopping $81 million.

In a previous report, Kaspersky has since revealed that malware samples relating to Lazarus group activity appeared in financial institutions, casinos software developers for investment companies, and crypto-currency businesses in several countries globally, including Indonesia, Malaysia, Thailand, and Vietnam, among others.

“The past offers us warnings which we must heed to be able to build a safer today. This applies to the financial sector and all other organizations especially when it comes to cybersecurity. More than four years after the world has witnessed one of the most successful cyber heists to date, it is essential for banks and related institutions in Southeast Asia to understand how they can leverage on threat intelligence to foil any sophisticated attempts against their systems,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

“For instance, our cybersecurity researchers have been monitoring the Lazarus group closely for years. Through this intelligence, our solutions can detect the possible malware they may use suppose they try to get into a banking system. We can block them, analyze the malicious file, and alert the organization’s IT team on which tactics and techniques to look out for based on the group’s previous attack behavior, saving possible multi-million losses financially and professionally,” he adds.

The aftermath of this cybercriminal incident wasn't only a costly monetary act, but a triggered a number of even more unfortunate turn of events after a series of lawsuits, reputation losses, billions of fine, one indictment and arrest, and several top bank officials’ resignations and even terminations took place.

Aside from threat intelligence, Kaspersky also noted the importance of human-factor when it comes to securing financial systems. The global cybersecurity company cited a report which proved that the cyberheist started with a series of spear-phishing emails, one was unfortunately clicked by an unsuspecting bank employee.

Spear phishing is known as an email or electronic communications scam which targets a specific individual, organization, or business. Although oftentimes, the objective is to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer. The threat of phishing and spear-phishing remains present as Kaspersky’s network has detected 40,511,257 during the first five months of 2020, globally.

To improve banks’ and financial organizations’ cyber defenses, Kaspersky's security experts suggest the following tips:
  • Integrate Threat Intelligence into your SIEM and security controls in order to access the most relevant and up-to-date threat data
  • Conduct regular security training sessions for staff, ideally, a personalized one like Kaspersky Adaptive Online Training (KAOT) which uses a cognitive-driven approach, taking into account the abilities and needs of each and every learner
  • Use traffic monitoring software – like Kaspersky Anti Targeted Attack Platform (KATA)
  • Install the latest updates and patches for all of the software you use
  • Forbid the installation of programs from unknown sources
  • Perform regular security audit of an organization’s IT infrastructure

For endpoint level detection, investigation and timely remediation of incidents, implement EDR solutions such as Kaspersky Endpoint Detection and Response which can catch even unknown banking malware

Author: slickmaster | © 2020 The SlickMaster's Files

No comments:

Post a Comment

Feel free to make a comment as long as it is within the bounds of the issue, and as long as you do it with decency. Thanks!