Having stumbled upon the field by accident when his computer became infected with the Cascade virus, Eugene Kaspersky is now a global thought leader in cybersecurity. Today he’s the CEO of Kaspersky Lab, the world’s largest privately-held vendor of endpoint protection. CeBIT Australia 2017 is delighted to welcome Eugene Kaspersky as one of the keynote presenters.
In the lead up to the event, we had the chance to catch up with Peter Brady, General Manager at Kaspersky Lab to discuss the latest cybersecurity trends and threats in the finance industry.
In February 2017 Kaspersky Lab recorded an upward trend in the professionalism and volume of financial phishing and banking malware. Can you give us some insight on these attacks and what vulnerabilities they are targeting?
Brady: Malware and targeted attacks are the only incidents that banking organisations experience more than their peers in other industries. However, the difference is significant. If you go back just two years, the year-on-year incline in attacks was very subtle. Last year we saw a 30.6% jump.
Because of the potential financial gain, the finance and banking industry is a prime target for hackers and cybercriminals. A lot of these institutions don’t know how they are being attacked, nor do they have the means to register when they have been infiltrated. These days, Advanced Persistent Threats (APT) can sit on a system for 200+ days and nothing out of the ordinary will happen. They just watch endpoint centres for a duration of time and decide to strike when the time is right. For this reason, APTs are difficult to detect without the right technology and expertise.
Financial institutions and other organisations also need to protect themselves better against attacks to their system from within the business as they are becoming more prevalent. The increase in BYOD policies is impacting this and is making the intranet a potential target. This is not so much because it’s being directly attacked, but more because employees are unknowingly exposing the business systems to threats via their devices. This is usually not something done with malicious intent, yet it’s a real possibility and organisations need to be ready for it. Protecting business systems via antivirus from external threats is no longer enough.
In a survey we did last year, almost 23% of financial institutions reported that they were subjected to at least one targeted attack that they knew of. What’s concerning is that despite these trends, 59% of financial services firms don’t use 3rd party intelligence to protect themselves against these threats.
Why do you believe there’s been such a jump in attacks?
Brady: It seems that cybercriminals are now taking a scattergun approach and hope that at least a couple of people will fall for it. Take the example of the email scams from long lost ‘relatives’ living in Nigeria. There are always one or two people who will open the email and attachment.
On the other hand, we’re also becoming a far more tech-savvy society which means that there are a lot more opportunities for attacks than there were only five years ago. Elder compatriots are a lot more connected and so are kids at school. This means that there’s a much bigger marketplace for malware and ransomware. This increase in potential access points is not just a serious threat to the financial industry, but also healthcare and infrastructure assets such the electricity grid, water and nuclear plants.
Another factor causing a spike in the attack are hackers’ desire to reach their 15 minutes of fame (or notoriety). If they have the technical skills, why wouldn’t they attack something which will give them great news coverage? We have seen a jump in these kinds of incidents over the last year.
How many of these attacks are going unnoticed by businesses?
Brady: It’s impossible to know exactly, because so many do remain unnoticed or unreported.
However, Kaspersky Lab detects up to 325,000 new malware attacks daily. This gives us a little bit of an idea of the volume of attacks that manages to fly under the radar.
What tips would you give financial institutions to help keep their data safe?
Brady: The technology landscape is constantly changing and therefore the threats are always evolving. Hackers are not just targeting the institutions directly, but also customer accounts. That’s why financial institutions need to look at all points of vulnerability to be effective and:
- Build a highly integrated anti-targeted attacks protection
- Embrace a multi channel anti fraud approach
- Get actionable intelligence on evolving threats
I also highly recommend to look into protection against ransomware. These attacks are becoming more and more common and there’s no guarantee that attackers will leave you alone if you keep it quiet and pay the ransom. They may have only got $500 this time, but since that was so easy they’re just going to ask for more next time. We don’t believe you’ll ever get out of the ransomware cycle.
The worst thing to do is to keep ransom attacks quiet as it’s really enabling criminals to go about their business undeterred. On the other hand, if organisations do tell us about these incidents, we can build products to protect you. For instance, No More Ransom is a collaboration between the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky Lab and Intel Security. It offers free decryption tools that will help you to get at least some of your files back.
You will be exhibiting at CeBIT Australia 2017. What message would you like to get across to visitors?
Brady: There’s no such thing as being too too well-protected against cyber threats and you should partner with the world’s number 1 security product. We offer the most independently tested and awarded product on the market today. Come and visit us at our booth to learn a little more. Because attacks can happen to anybody, at any time.
Would you like to learn more about the evolving cybersecurity landscape and see Eugene Kaspersky on stage? Register for CeBIT Australia today!