365NEWSX
365NEWSX
Subscribe

Welcome

Hackers paralyzed a pipeline. Banks and stock exchanges are even bigger targets

Hackers paralyzed a pipeline. Banks and stock exchanges are even bigger targets

Hackers paralyzed a pipeline. Banks and stock exchanges are even bigger targets
May 12, 2021 2 mins, 14 secs

Banks and stock exchanges overseas have been hit by damaging cyberattacks in recent years.

The good news is that banks and exchanges, more so than pipelines and other aging physical infrastructure, have some of the most robust cyber defenses in the private sector, security experts told CNN Business.

"But as we saw with SolarWinds, the government itself is not immune to compromise."

If Russian hackers were able to infiltrate critical federal government agencies through the SolarWinds attack, nothing is completely safe from cyber threats.

'Blind spots'

Although big banks are believed to have strong defenses, security experts and industry officials fear hackers could infiltrate the industry through third parties with lax security.

Brendan Conlon, who worked at the National Security Agency for over a decade, said that while big banks "practice good cyber hygiene," the consultants, law firms, contractors and vendors they rely on may not and could be vulnerable to ransomware.

"These institutions are likely to have blind spots in their critical supply chain," said Conlon, who is now vice chairman of cybersecurity firm BlueVoyant.

Now they need to acknowledge the risk that their less secure vendors are presenting to their business."

The Financial Service Information Sharing and Analysis Center (FS-ISAC), the authority for cyber threats facing the industry, is aware of this threat.

"Institutions with robust cybersecurity programs are well positioned to prevent ransomware attacks on their own networks but the risk to be impacted by third-party suppliers is increasing," FS-ISAC CEO Steven Silberstein told CNN Business in a statement.

Silberstein also noted that ransomware operators have "grown and matured in sophistication, making it an area of concern."

The financial industry is a large target for many different groups -- from organized criminals seeking to steal money to politically motivated groups attempting to make a statement.

In its annual report, Nasdaq (NDAQ) said potential threats include attacks from foreign governments, hacktivists, insiders and criminal organizations.

Danny Jenkins, CEO of cybersecurity firm ThreatLocker, told CNN Business that banks get hit with attempted ransomware attacks "nearly everyday" but they're mitigated.

"The likelihood of seeing a major bank go completely offline is small but not impossible," he said, adding there is "much higher probability" that ATM networks or major branches get disrupted.

To keep up with the bad guys, he urged banks to rely more on cyber defenses powered by artificial intelligence.

"As a threat hunter, I hate saying that because it puts guys like me out of a job," he said.

Prudhomme, the IntSights executive, described it as a "constant cat-and-mouse game" between companies and hackers.

"Just when you develop a new defense and you think you're squared away," he said, "some actor will find a way to circumvent it."

Summarized by 365NEWSX ROBOTS

RECENT NEWS

SUBSCRIBE

Get monthly updates and free resources.

CONNECT WITH US

© Copyright 2024 365NEWSX - All RIGHTS RESERVED