Over a decade ago, a sub-prime mortgage bubble burst, which lead us into the “great recession”. Since then, Governments and central banks have been focusing on finding ways to stabilize the financial sector, in the hope minimizing the chance of another crisis. However, what if the next financial crisis is not fuelled by irrational exuberance, but by a cyber-attack?
This suggestion is not as far-fetched as it sounds. After all, the financial sector is a key target for cyber-criminals, for the obvious reason that financial institutions have access to a lot of money. To make matters worse, many transactions that take place within the financial markets are carried out by High-Frequency Trading (HFT). High-frequency trading describes a set of technologies that use highly sophisticated algorithms for trading stocks, bonds and commodities, at fractions of a second.
One of the problems with HFT is that they are automated systems and are not able to differentiate between volatility caused by the underlying economy, and volatility caused by a technical glitch or a cyber-attack. Not only that, but hackers have been known to target high-frequency trading firms in an attempt to steal their secret algorithms.
Either way, should an attacker manage to disrupt the financial sector in any noticeable way, whether through disrupting payments systems, online banking, disclosing secret algorithms, or even spreading fake news on social media, it could rattle the markets enough to push us into another financial crisis.
In such a scenario, investors may jump towards cryptocurrencies as a safe haven, which would in turn lead to volatility in the regular currency markets. While the cryptocurrency markets are also highly volatile, and exchanges have been known to get hacked, cryptocurrencies themselves – due to their design – are not subject cyber-attacks.
What Can Financial Institutions Do Prevent a Fresh Crisis from Unfolding?
Protecting financial institutions from cyber-attacks is no doubt a complex and multi-faceted problem. Organizations can be subject to a multitude of possible attack vectors, each with their own set of solutions. Below is brief summary of the most common threats and their solutions.
Web Application Attacks
According to the 2016 Data Breach Investigations Report, web application attacks are the greatest threat to the financial sector – accounting for 82% of data breaches. To prevent such attacks, organizations will need to install and maintain a web application firewall (WAF), and make sure that any SQL commands that communicate with their database are not vulnerable to SQL injection.
Additionally, 63% of confirmed data breaches involving weak, default or stolen passwords. Organizations should ideally use multi-factor authentication, and any stored passwords should be encrypted using a “salt”. Sophisticated DCAP (Data-Centric Audit & Protection) solutions provide “threshold alerting”, which can automatically detect and respond to anomalous login failure, and periodically remind users to reset their passwords.
Distributed Denial of Service (DDOS) Attacks
DDOS attacks are the second greatest threat to financial institutions – accounting for 34% of security incidents. Organizations would be advised to implement a dedicated DDoS appliance that is specifically designed to detect and block malicious DDOS traffic.
Advanced Persistent Threats (ATPs)
The goal of an APT is to maintain ongoing access to the network in order to steal large amounts of data over a long period of time. Given the amount of planning that goes into deploying an APT, hackers will only go after organizations that store large amounts of valuable data.
Naturally, financial services are a prime target. According to the above report, 69% of financial services firms who fell victim to a data breach didn’t discover the incident for weeks or months. In order to identify APTs in a timely manner, organizations will need to closely monitor their critical assets.