News & Commentary

11:19 AM
John Grady, XO Communications
John Grady, XO Communications

Four Ways to Secure Your Financial Office Network

Financial networks face significant external threats, and must be prepared.

In February 2013, a group of cybercriminals stole $45 million from ATMs across the globe; as a recent IBM Security Intelligence piece points out, financial institutions are among the most popular network attack victims worldwide. How can financial firms of any size make sure their network isn't next? Here are four suggestions:

Monitor Attack Surfaces

Banks and other financial institutions must now monitor for dedicated denial of service (DDOS) attacks on their networks. While the Federal Financial Institutions Examination Council (FFIEC) doesn’t list specific technologies that must be used for detection, companies that refuse to meet the standards could find themselves financially responsible for service disruptions or data breaches.

To avoid these kinds of repercussions, financial enterprises must invest in monitoring tools that can detect threats in real time, report the results and take corrective action. This task is made more difficult thanks to the increasing adoption of both public and private clouds — look for an “as-a-service” solutions capable of monitoring both local stacks and data stored off premises.

Be Proactive

In some cases, even the threat of network breaches can cause problems. Consider the recent Heartbleed bug, caused by a flaw in OpenSSL. When affected servers were queried as part of the toolkit's standard “heartbeat” function, it was possible to obtain more than 60,000 bytes of supposedly secure information simply by inflating the size of the heartbeat request.

While traditional banks and financial offices were largely immune to this bug thanks to enhanced security measures, it's likely attackers will use this Internet scare as a launch pad for “phishing” attacks. It works like this: Would-be thieves send out authentic-looking emails to consumers, claiming they're from a trusted financial company that has been compromised by Heartbleed. Users are directed to fake sites and told to enter personal information, leading to a breach and the erroneous conclusion that a secure network was compromised. Financial institutions can help mitigate this problem by proactively contacting clients with details about existing security measures and letting them know not to trust any “dire warning” emails.

Think Small

As a SANS Institute paper points out, it's also important for companies running a secure financial network to think small when it comes to security. This starts with things like WHOIS functionality, which allows members of the public to obtain domain registration details when an IP address is assigned. Even if a company avoids any mention of financial service in their domain name, WHOIS information provides registration data including corporation names and addresses. This makes any ties to the financial sector clear, and the network a high-priority target. It's often worthwhile, therefore, to opt in for WHOIS privacy protection.

Upgrade When Warranted

While there's no reason to upgrade software or firmware deployments that are still supported and working without issue, all technology eventually comes to the end of its lifecycle. Such is the case for Windows XP — as of April 8, 2014, Microsoft officially withdrew their support and advised all XP users to upgrade their operating systems. The problem? According to Fast Company, more than 75 percent of ATMs in the United States still run on XP. Without bug fixes and software support, banks are faced with the prospect of a costly switchover or the possibility of another ATM cash-stealing blitz. The lesson for companies? Upgrade technology before support is completely withdrawn. Ideally, start by deploying new operating systems or server infrastructure in small-scale, controlled conditions; as service and support improves, move over more critical network components.

Financial networks face significant external threats — be prepared with active monitoring, proactive communications, and smaller-scale, phased security upgrades.

John Grady is Senior Manager of Product Marketing at XO Communications


Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Author
7/9/2014 | 9:30:05 AM
Your last point is a good one. Scary to think that 75 percent of ATMS are still using XP.
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.