“Threat-hunting” teams are being called upon to combat cyber crime
Businesses need a more proactive approach to security in order to combat the ever-evolving cybercriminal.
Cybercriminals are no longer interested in just a quick heist, they have their eyes set on a full-scale invasion of financial institutions' infrastructure, according to new research from US-based cybersecurity firm Carbon Black.
While a majority of attacks in the past year were one-off instances of ransomware, almost one in ten involved more sinister attacks in which attackers gained access to secondary "command and control centres", allowing them to dwell much longer in the businesses' networked environments.
"From application attacks to fileless malware, destructive attacks enable cybercriminals to move freely and laterally within an organisation’s network – and they often go completely overlooked until it’s too late," chief cybersecurity officer Tom Kellerman said in a statement.
To make matters worse, one in four financial firms say cybercriminals are countering their defences in real time.
That's because business' defences are usually automated, which is no match for the nimble attackers whose skills are always evolving.
So what is the answer? Carbon Black says the solution to this is for financial firms and other businesses to create "threat-hunting" teams that are just as nimble as the attackers.
These are security teams whose job it is to proactively track down signs of intrusion rather than wait for technology to do the job for them.
"Cyber defence is evolving into a high-stakes game of digital chess, and this latest report offers clear evidence that the cybersecurity challenges facing financial institutions will only worsen. Taking a more proactive approach to defence through the establishment of threat-hunting and incident-response teams is imperative to stopping future attacks," Kellerman said.
Aussie regulators also understand the ongoing threat. The Australian Prudential Regulation Authority (APRA) recently developed new measures to help financial firms avoid data breaches and respond more swiftly when they occur.
Firms themselves can go one step further by taking out cyber insurance, which will protect them from business losses due to cybercrime, as well as from potential lawsuits from clients whose data has been compromised.
This type of crime can have a major impact on Australian businesses. In just the first six weeks since the inception of its new Notifiable Data Breaches Scheme, the Office of the Australian Information Commissioner received 63 notifications from businesses whose customers' data was compromised due to cybercrime and other online vulnerabilities.