Articles

Axiomatic Cyber-attacks – Obviation is the key

It is undeniable and self-evident that the financial services sector has suffered and will continue to suffer from cyber-attacks for years to come. State actors and criminals are highly attracted to this sector. For state actors, attacking the financial sector will ensure rival Governments’ destabilization, and thus give them competitive edge, especially if they are at war. Organized criminals are confident that they can make a hefty quick buck by directly attacking the sector that manages and processes money.  

The entry points for a cyber-attack are various, but the most common ones are through phishing, malware, and vulnerabilities in the financial organization’s systems. Phishing is the number one threat since the technique relies on the human aspect, concentrating on fear and uncertainty of the victims.  Victims are enticed to click malicious links by making them believe, for example, that their bank accounts need updating or that their CEO is in urgent need of money. This social engineering method is often successful since your security is as strong as your weakest link, and humans are the weakest link in an IT system.

Another window of opportunity for an attack is having vulnerable systems. Often, IT systems are deployed and forgotten as long as they are effectively serving their purpose, but this does not mean that the system is secure. Software systems are vulnerable and any weaknesses in the software can be exploited to obtain access to the system. There are teams out there on the Internet constantly scanning and researching systems to identify such weaknesses and if found, eventually, exploited.  For example in March 2021, the European Banking Authority suffered a cyber-attack due to vulnerabilities in its email servers.

Attackers will continue to be creative and constantly update their modus operandi that will ensure their attacks are successful. On the other hand, the sector needs to be prepared to counteract such attacks and always be equipped to stop these types of attacks. States need to legislate so that there is the proper legal framework to combat cybercrime. The European Union has embarked on a legislative framework such as the “Digital Operation Resilience Act” (DORA), with the intention to ensure that the financial sector in Europe is able to stay resilient through a severe operational disruption. The act lays down requirements for the security of network and information systems of companies and organizations operating in the financial sector and critical third parties which provide IT-related services to them. 

In addition to the regulation, it is imperative for financial companies and organizations to train their employees on cybersecurity so that possible cyber threats can be detected and prevented at the source. Companies and organizations are also encouraged to co-operate with each other and to share cyber threat intelligence in an effort to pro-actively mitigate possible cyber-attacks. As the saying goes “forewarned is forearmed”. Last but not least, companies and organizations within the financial sector should keep their systems regularly updated to ensure that known vulnerabilities are corrected, drastically reducing the probability of a possible exploit.  Such mitigating measures will guarantee that the attack window is kept as small as possible, and thus threat actors will have a much harder time to try and break into systems.

It is also important to mention that in order to support cybersecurity capacity building within Europe, the European Union has mandated the set up of a National Cybersecurity Coordination Centre (NCC) within each Member State. These Centres are tasked to bring together cybersecurity knowledge, competency and experience, facilitating information sharing, education and promotion of cybersecurity awareness within all sectors and industries. 

Written by Martin Camilleri