The coronavirus-driven lockdown prompted many financial institutions to quickly commit to digital resources and a remote work force — many overstraining their security operations center capabilities.
In the midst of this sudden yet necessary transformation, security may not have been a top priority, especially when setting up bank and credit union employees at their home bases. Without a holistic security approach, organizations open themselves up to undue risk.
Financial institutions remain an inviting target to cybercriminals especially during a pandemic with distracted personnel. Cybercriminals took notice of these new high value targets and their connected systems. Additionally, financial institution employees working from home during this crisis also presented more hazards by perhaps unintentionally presenting opportunities for hackers looking to scam their way toward a payday by phishing, impersonation, CEO fraud, ransomware attacks and credential harvesting.
The FBI’s Internet Crime Complaint Center had to issue a public service announcement about attacks exploiting the increased usage of online communication platforms for remote working and distance learning including telework applications, video conferencing software and VoIP conference call systems. The Federal Reserve Bank of New York also urged the public to remain attentive to scams involving individuals impersonating federal employees, who seek money or personal information for COVID-19 research, medical supplies or financial transactions.
Scammers also sent out emails impersonating the U.S. Federal Reserve in attempts to lure recipients with financial relief options through the Paycheck Protection Program. IBM X-Force observed a more than 6,000% increase in COVID-19-related spam since March 11. Lures encompassed phishing emails impersonating the Small Business Administration, the World Health Organization and U.S. banking institutions.
Some of the biggest threats from banking personnel at-home emanate from:
· Weaknesses in Wi-Fi security, where employees’ household networks almost certainly have markedly weaker protocols than their branch environment.
· Phishing attacks enticing employees to clicks on a malicious link to gain access to their institution’s network.
· Vulnerable passwords, which could permit hackers to gain access to various accounts quickly.
· Computers sharing business with personal use.
· Insecure mobile devices.
· An organizations’ inability to handle the remote VPN worker upsurge.
· Keeping devices patched and up-to-date.
· Enhancing security awareness with required training and promoting effective fundamental digital hygiene.
In this locked down world, everyone and every organization is vulnerable but financial institutions and their employees represent lucrative targets. A fraudster with enough motivation, time and resources can even hack encrypted VPNs.
The U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) recommended businesses boost system monitoring to counteract the additional risk management concerns due to the coronavirus response. An always on SOC and/or a security information and event management system (SIEM) can help mitigate the stress of maintaining a perimeter defense at multiple locations with remote personnel.
ThreatAdvice Virtual CISO, NXTsoft’s flagship software solution, provides oversight into all cybersecurity needs, warning organizations and advising what appropriate action to take. In addition, the ThreatAdvice EventTracker, provides a 24/7 SOC team of cybersecurity engineers to assist with threat remediation, remote and on-site. The ThreatAdvice SOC analyzes quarantined security alerts and ensures comprehensive protection. ThreatAdvice Endpoint Protection can roll back files to previous safe versions. ThreatAdvice Educate complements the education piece to ensure compliance and oversight.