Hackers holding banks, companies, and individuals’ information ransom sounds like a Hollywood plot, but it’s very real. Ransomware—malicious software that encrypts data on internal computer systems, holding information hostage until a ransom is received for a decryption key—is the latest form of cybercrime.
In the UK, cybercrime is now the most common offence, surpassing physical crime, and it takes many forms: ransomware, fraud, data theft, and copyright infringement. It makes the reinforced glass at teller windows seem somewhat redundant.
Attacks are not always motivated by profit. Some of the world’s largest data breaches are believed to have been sponsored by foreign governments or teenagers for fun. The problem is even more painful as combating cybercrime requires a holistic approach across all of a bank’s IT systems. These systems and processes remain rooted in legacy technology that was never designed for cyber-anything.
In fact, on average, U.S. banks have around 75 MRAs (measures requiring attention) on their systems at any one time, creating opportunities for successful malicious activity. A 2015 Banking Technology study found only 38% banks had a single unified IT system. With 50% of banks having between two and ten different customer-facing systems, and 44% having five or more general ledger systems, it’s an ideal environment for cybercrime.
Up to 70% of threats have an internal origin, so it is vitally important to continually scan the network and pinpoint activities that are not always visible. Such scanning practices need to be sound, but also fast. There’s little value providing analysis after an attack—which is basically where we are today. That’s why using in-memory technology helps in staying ahead of a dangerous game. In-memory computing can, with real time predictive analytics, spot anomalies in the blink of an eye and compare ongoing attacks with past patterns, triggering appropriate and rapid countermeasures. This is especially significant as the average time it takes a company to realise a cyber breach is 205 days.
I mentioned earlier the importance of a holistic approach. By this I mean a combination of defences spanning business operations, management oversight, and independent audits. For those of you entrenched with legacy systems, we advise putting different security layers in to cocoon activities that protect systems at the point of entry, combined with sophisticated compliance analytics able to predict and react beforehand.
Many organisations have a three-zone defence: the business, internal compliance, and external audit with an outer layer for spam protection and preventing data leakage; an office net zone for email encryption and network administration; and a high-secure zone with threat detection and fraud management access control systems.
However, we strongly urge companies to create a fourth layer to specifically protect valuable data. This zone is hidden (see the yellow layer), where extra protection should be installed.
Many organisations have robust measures in place. What’s needed is something that helps wade through the minutia of system details, showing what is and isn’t working. That’s why a dashboard view across the entire enterprise and data analytics is needed.
Cyber security is new, with limited legislation, and is a growing global problem. The first step is to ensure information is encrypted throughout, including all points of access. Just ask: “Is our data encrypted?” Do it today to be a step ahead of cybercrime.
Now take a giant leap ahead. Ask yourself: What are your crown jewels – your most critical assets that you cannot, no matter what, afford to have stolen or destroyed? Because cybercrime has already surpassed illegal drug trafficking as a criminal money maker, and as you read this, chances are your assets are already being targeted.
For more strategies to fight cybercrime, see How Hackers Can Help You Better Fight Cybercrime.