Sadly, with the widespread media attention around the coronavirus, attackers are already using the topic to bait victims into opening malicious attachments. Researchers at IBM X-Force have identified several campaigns which, when an attachment is opened, results in an Emotet banking trojan being downloaded silently in the background. This can then steal sensitive information from the user. Kaspersky, Proofpoint and Mimecast have all seen similar attacks.
For businesses, malware can wreak havoc. Not only can it cause websites and mobile applications to be taken down, but it can also access sensitive information which can have devastating security, reputational and financial consequences. For banks, attackers can use sensitive information to commit fraud. So, what can banks and businesses do to ensure they and their customers are protected during this period of heightened threat activity?
Implement expert rules
Both banks and enterprises should already have existing security infrastructure in place designed to prevent attackers from gaining entry. However, it’s important that any security rules in place can be adjusted, so that in times of increased risk, such as now, systems can be set to operate at lower levels of trust. For example, employees or banking customers may need to perform additional authentication steps in order to access data. Banks can also adjust the threshold for any fraud scoring models, allowing more false positives in an attempt to keep fraud at bay.
Adopt a multi-layered approach to security
The more sensitive information an attacker gets access to, the higher the chances of them being able to launch a successful breach or phishing attack. In order to detect and defend against these with greater efficiency, enterprises and banks need to adopt a multi-layered, dynamic approach to cyber-security.
Organisations need to invest in the collection of high-quality data that will allow them to make informed decisions on threats and criminal activity. Although there are a number of tools on the market, we’re seeing the emergence of the next generation of intelligent security such as adaptive authentication, which uses AI and machine learning to score vast amounts of data, analyse the risk of a situation, and adapt the authentication levels accordingly.
By combining a range of authentication tools such as multi-factor authentication, behavioural analysis, biometrics, and even pulling in data from third party tools, adaptive authentication makes staying ahead of the cybercriminals that little bit easier. Security moves from being a black and white binary story to becoming precise and intelligent – providing the exact level of security as and when it is needed.
Boost mobile security
Attackers are increasingly targeting the mobile platform alongside other channels and coronavirus-related attacks are proving to be no exception. Malware and banking trojans, such as the ones being downloaded by unsuspecting people, can steal sensitive information or result in web and mobile sites being taken down. In order to avoid this, enterprises and banks need to work on the assumption that all mobile devices are untrusted and potentially hostile environments and bake in security accordingly. Relying on Google or Apple to catch every security flaw and keep devices safe is not a good security posture to take. Once this is understood, enterprises and banks can take mobile security into their own hands.
For example, using mobile in-app protection and app shielding provides an extra layer of protection beyond that provided by platforms or in app stores. The technology monitors the app, regardless of where it’s installed, to ensure its execution environment is safe and secure to shut down any malicious behaviour before it’s too late.
Implement ML-powered fraud detection systems
For banks, it’s crucial that they’ve got the technology in place to quickly detect and block fraud attempts without causing unnecessary disruption to the customer. Advances in machine learning technology means that fraud detection systems can now process vast amounts of data in real-time such as a user’s transaction history, their location, the device they use, and more. By building up a detailed picture of normal behaviour, the system can then quickly spot abnormal behaviour which may be an attempt at fraud.
Modern risk analytics tools can also detect the likelihood of the HTTP referrer being a phishing page. Rules can then be implemented to determine the appropriate response should a phishing attack be taking place.
Attackers regularly take advantage of spikes in communication or activity to launch attacks. While it shouldn’t take a global pandemic to trigger businesses into action, it’s more important than ever to make sure the right security infrastructure is in place across all channels to keep your business and your customers safe.
Will LaSala is Senior Director of Global Solutions at OneSpan