The exponential growth in online payments in India, with total digital payment market expected to grow to USD 1 trillion by FY23E and the post-demonetization emphasis on building a cashless economy has once again severely underscored the need for strengthening and bolstering financial cybersecurity. While cyber threats to the BFSI sector have been increasing globally, the type of attacks vary from country to country. India, for instance, faces one of the highest number of financial Trojan infections. In October 2016 an ATM card hack affected around 3.2 million debit cards across the country.
Will 2018 be any better?
2018 will experience increased threat perception and even more targeted attacks. While 2017 saw attacks like WannaCry, NotPetya and Bad Rabbit creating an uproar, it is expected that 2018 will witness many more attacks. BFSI enterprises will need to speed up product innovations while ensuring their information security measures are robust and adaptive.
Here’s our quick take on the main types of security threats that can affect BFSI organizations in 2018:
1.Cryptocurrencies – wildly popular and a prominent target: While there have already been cyber-attacks on Initial Coin Offerings to steal Crypto-currencies, attacks on Bitcoin and Ethereum amongst others are expected to become bigger. Malware like Bad Rabbit and CryptoShuffler are already wreaking havoc in the cryptocurrency arena. The former convinces people to install a fake Flash installer, which drops several viruses that encrypt files and shuts down the victim’s machine, asking for ransom. The latter replaces wallet addresses on a user’s clipboard with that of the malware’s creator as they copy and paste wallet data for transfers. Very soon, most BFSI organizations are likely to deploy services related to cryptocurrencies in one form or another as vulnerability to such mining malware is definitely a matter of growing concern.
2. Mobility security threats will take the forefront: As per a study conducted by global tech company Avaya, Indian customers are more likely to use a mobile banking app than customers in Australia, Britain and the UAE. It estimates that 26% of Indian customers prefer accessing services via the bank’s website and mobile app rather than talking to a human agent against 19% in Australia, 21% in Britain and 24% in the UAE. Mobile-first consumers are more vulnerable to malware variants devised to steal personal banking information by cyber criminals. Increasing demand for faster BFSI transactions, particularly the ones across the border, are being targeted by cyber criminals.
3. Supply chain attacks will be on the rise: Large financial organizations invest considerable resources in cybersecurity. Yet, the constant cyberattacks that BFSI industry is under indicate that the software applications designed specifically and adopted by the BFSI sector are not secure enough. The security protection embedded on these applications are believed to be weaker. This is a weakness that cybercriminals exploit heavily as seen last year in the NetSarang and CCleaner In 2018, we expect cybercriminals to execute attacks via software designed specifically for BFSI sector, including the ones used at ATMs and PoS terminals.
4. ATM hacks are going to get more frequent: Attacks on ATM may get more frequent with ATM malware available on darknet markets for just a few hundred dollars. In May 2017, Kaspersky Lab researchers came across a forum post, promoting an ATM malware that was targeting specific vendor ATMs. It came with a kit with instructions, tips and tracks for emptying ATMs with the help of vendor specific API that didn’t require any interaction with ATM users and their data. The forum has since then been taken down by authorities but raises some serious concerns about ATM security.
5. Fraud-as-a-Service isn’t rare anymore, especially account-centric frauds: Support for smart cards at purchase points, biometric authentication, tokenization of payments, etc. have made hacking more difficult for cybercriminals. Even then however, financial fraudsters show no signs of slowing down. Individual hackers have now morphed into hacker syndicates that leverages a combination of banking knowledge, technology and insider information for executing illegal transactions, money laundering and credit/debit card frauds. Imitating the models of IT solution and service providers, cybercriminals have rolled out solutions of their own. Ransomware Trojans can be franchised or leased; for instance – DDoS attacks can now be ordered and phishing websites can be set up overnight. This Fraud-as-a-Service model has opened up new opportunities for newbie hackers who might lack skills and experience that were once mandatory. This means financial organizations need to prepare harder for more and frequent attacks, of varied intensity.
6. Demand for higher speed will lead to more threats: Growing demand from consumers for real-time and frictionless cross-border financial transactions pressurizes banks and financial service providers to verify information more quickly, which increases the risks of errors. Considerable attempts are being made to improve the interoperability of electronic identification and authentication systems. To ensure neither the speed of transaction nor the integrity of the service gets hampered, companies will need to rely on solutions powered by Neural Networks, Machine Learning and Artificial intelligence (AI).
7. The era of social engineering and phishing is not over yet: While newer and innovative ways of stealing financial data emerge every day, conventionally tried and tested methods of financial cybercrimes like phishing, network scanning, virus/ malicious code, website defacements and website intrusion & malware are growing as strong as ever. Lack of monitoring and detection technology, processes and governance can be ascertained as the major reasons for this.
Consumer awareness is a must, along with a real-time threat detection and resolution:
While RBI and the Government are taking proactive steps to battle cyber-attacks, they are also dependent on the coordinated and timely action from stakeholders. As the BFSI ecosystem evolves with newer technology trends like crypto-currencies and blockchain, cybersecurity must be prioritized as a part of the design architecture with the aim of detecting the stemming attacks in real time, rather than repairing the damage. This is to say; security contracts should not be limited to uptime and resolution of vulnerabilities but must be embedded in an organization’s ecosystem. Security boundaries for all players in the BFSI sector should also be extended to end users. These measures should be supported by multichannel, multilingual and multicultural campaigns aimed at consumer education and awareness.
Given that security investment is going to be a priority in the BFSI sector, how robust would you consider your strategy? What are the security threats your organization faces?