Financial Services Sector remains targeted by cyber criminals

Financial institutions have taken significant steps to bolster cyber security efforts in recent years. Nevertheless banks and other financial services companies will get challenged by the speed of technological change the ever increasing sophistication of cyber threats.

Anadolubank
Finabank

Facing the facts: how safe is your organisation against cyber-attacks?

Cyber criminals conduct activities in order to acquire money. Corporations operating in the financial sector automatically become a target since that is where the money is.

Financial institutions, banking websites, automated clearing houses and payroll systems are increasingly being targeted using financial Trojans and ransomware. Viruses are disguising themselves as legitimate pieces of software. In the meantime, the malware distributors are continuing to develop advanced malware and are developing custom pieces of malware solely created for the purpose of targeting financial institutions.

Compliance with GDPR regulations

Financial institutions guard highly sensitive customer information which fact is recognised by authorities and regulative institutions. Authorities are increasingly imposing stricter requirements which organisations have to comply with. Under the new EU GDPR/Dutch Wet Meldplicht Datalekken regulations as of January 1st, 2016, there is a legal obligation to report data leaks.

In order to address and mitigate the consequences of the increasing number of security incidents involving personal data, the GDPR not only imposes requirements to implement appropriate security measures, but also makes it a mandatory requirement to report a data breach to the relevant data protection authority.

On average malware is present for 229 days before it is discovered. Because malware can create a data breach, detection has become even more relevant.

The Solution

The RedSocks Malicious Threat Detection is a solution which analyses outgoing digital traffic flows in real-time. Malicious traffic is detected by inspecting NetFlow and IPFIX outgoing network metadata. The RedSocks MTD is fed continuously by the RedSocks Malware Intelligence Team which compiles the risk lists and algorithms. The RedSocks MTD can generate malicious lists on its own by using Heuristics technologies.

We value your privacy
RedSocks believes corporate privacy to be paramount. Our systems and the flow monitoring systems have thus been developed to secure privacy to the utmost. RedSocks thus monitors flowdata (metadata) rather than content, so that sensitive corporate data always remains confidential. By monitoring bad neighbourhoods on the internet, RedSocks is able to detect previously unknown malicious traffic which makes RedSocks unique when it comes to protecting sensitive records.
The STIX & TAXII module enables you to import your own threat intelligence. This makes it possible to exchange threat intelligence lists and to tailor the solution to your specific needs.

Technically Compliant with the regulation
When using the RedSocks Malicious Threat Detector, data breaches in the technical information infrastructure can be traced to provide proof of the effective security operation in your network. This will enable companies and institutions to take an important step in controlling the risks in terms of liability and expenses resulting from the duty to report data breaches.

How does the RedSocks Malicious Threat Detector work?

The MTD will be located next to the router that transfers your data to the internet. This router provides metadata of the network traffic to the MTD: not the content of the communication, but data like origin and destination address, MAC address, protocol, used port and the size of the communication. The MTD uses the RedSocks “Intelligence Driven Egress Security Model” to inspect network traffic. The MTD analyses the metadata using this model and verifies this data against lists with addresses, of which we know that these communicate with malware. These algorithms and lists are developed and kept up to-date on the basis of analysing a million pieces of malware each hour by the RedSocks Malware Intelligence Team.