Hardly a A day goes by without a major cyber incident in Germany in a strategic area of the economy – from industry to the energy sector to the payments and financial services sector – being reported to the responsible authorities. Just one example of the enormous threat is the Distributed Denial of Service (DDoS) attack on online banking by 820 financial institutions in June 2022.
Bank robbers don’t crack safes these days. Digital banking opens up loopholes for them around the world and in real time. It requires high flexibility and high speed, which can hardly be achieved using conventional IT infrastructures with their own data centers. This reinforces the trend towards the cloud, through which more and more external partners are integrated and enormous amounts of data are traded. As a result, the security situation in the financial sector is developing in a similar way to manufacturing companies that are transforming into Industry 4.0. Originally, the worlds of information technology (IT) and operational technology (OT) were physically strictly separated in manufacturing companies.
If cyber criminals got into the IT network, they were denied access to the production environment . But in smart factories, in which devices and systems are networked with industrial software applications via the Internet of Things (IIoT), the boundary between the networks is becoming increasingly porous. If attackers penetrate the OT, they often have an easy time because the operating versions of industrial controls and systems are often outdated and, unlike office equipment, do not receive regular updates. Compared to classic corporate IT, security incidents in industrial systems can lead to significantly greater damage – for example, when a production line comes to a standstill, a malfunctioning system injures people or a power grid goes offline due to an attack on a critical infrastructure.
The dimensions are worrying: More than 220 billions of euros are damage to the German economy in the year 2021 according to a study by the Bitkom industry association. The sum is about twice as high as in the year 2016 Cyber attacks caused at 86 Percent of those surveyed around 1. business damage; two years ago it was only 70 percent. Of course, a bank does not have an OT network in the classic sense like a production company, but instead an application network. All financial transactions run through it and it contains hardware such as ATMs or bank statement printers. Here, too, the digital transformation is interweaving the formerly separate office and payment networks and creating new targets for attack.
In the extreme case of a large-scale hacker attack lasting several days, even the global financial market collapse – according to a multinational simulation involving a total of ten countries as well as the International Monetary Fund (IMF), the World Bank and the Bank for International Settlements (BIS) at the end of last year. One of the most common security threats in the banking world is phishing. With the „old-timer“ among cyber attacks, it is still possible to „fish“ personal data or credit card numbers from unsuspecting Internet users via fraudulent links. A more sophisticated variant is spear phishing. A cybercriminal first collects targeted information about his victim in order to then pretend to be a personal contact, e.g. B. has the authority to initiate a transfer. Also widespread are Domain Name System (DNS) attacks, which lead to downtime for cloud services or company-internal applications, and DDoS attacks, which paralyze servers by overloading them. Such failures, especially in time-sensitive transactions, can lead to high financial losses, while stolen customer data and compromised websites damage financial institutions‘ image and customer confidence.
As reaction years ago, the industry prescribed itself minimum standards for the digital theft of card data, such as the Payment Card Industry Data Security Standard (PCI DDS). All banks, merchants and other companies that process credit card data remotely must use multi-factor authentication and establish special processes to detect, document and react to errors in the security control system at an early stage. In addition, the financial institutions, also as operators of critical infrastructures, are subject to a steadily increasing flood of legal regulations, such as the one in August 2021 amended banking supervisory requirements for IT (BAIT). This contains new chapters on operational information security and IT emergency management, according to which restart, emergency operation and recovery plans are to be set up and checked annually on the basis of an IT test concept. Such regularity to continuously improve security is essential to win in the race against cybercriminals who are becoming more and more professional.
Short innovation cycles in banking services are one reason why vulnerability to cyber attacks is increasing dramatically, even in well-maintained IT environments. Others are the balancing act between usability and security as well as increased mobile work, which increases the risk of attacks from within. In order to identify weak points, telent supports its customers in the first step with a comprehensive analysis of the networks. Check-ups reveal in detail how networks are structured and what actually happens in them. For example, whether a private router is installed in a branch or bitcoin mining is carried out on a business PC. With the knowledge of the current status, the experts check how well the networks recognize and ward off attacks: starting with firewalls and network segmentation to security systems such as SIEM (Security Incident & Event Management) and ISMS (Information Security Management System).
This is followed by awareness training courses for employees and end customers. After all, cyber attacks are one of the greatest risks for the operational business. These dangers can only be minimized with up-to-date, highly efficient security concepts.
NachrichtenJetRead MoreSicherheit, –, „it, and, difference, iiot, Nachrichten, security, their