Threat data key to fending off future cyberattacks against banks

July 28, 2020 | 09:09 am GMT+7

Amidst the increased use of online banking and e-wallets in the region, partly fuelled by the Covid-19 pandemic, cybersecurity experts are reminding banks and financial services in Southeast Asia to learn from the lessons of previous cyberattacks like the costly US$81 million heist in 2016.


Global cybersecurity company Kaspersky, in an online conference with selected news correspondents from the region, spoke about how the financial sector could utilise comprehensive threat data to beef up their defences against sophisticated cybercrime groups such as Lazarus, the cybergang allegedly behind the multi-million dollar Bangladesh Bank Heist.

The company has found malware samples relating to Lazarus activity appearing at financial institutions, casinos, software developers for investment companies, and crypto-currency businesses in several countries globally, including Indonesia, Malaysia, Thailand, and Viet Nam.
Yeo Siang Tiong, its general manager for Southeast Asia, said: “The past offers us warnings which we must heed to be able to build a safer today. This applies to the financial sector and all other organisations especially when it comes to cybersecurity.
“More than four years after the world witnessed one of the most successful cyberheists to date it is essential for banks and related institutions in Southeast Asia to understand how they can leverage threat intelligence to foil sophisticated attempts against their systems.
“For instance, our cybersecurity researchers have been monitoring the Lazarus group closely for years. Through this intelligence, our solutions can detect the possible malware they might use when they try to get into a banking system. We can block them, analyse the malicious file, and alert the organisation’s IT team about which tactics and techniques to look out for based on the group’s previous attack behaviour, saving possible multi-million losses financially and professionally.”
The $81 million cyberheist also resulted in lawsuits, loss of reputation, billions in fines, one indictment and arrest, and several top bank officials’ resignations and even dismissals.
Besides threat intelligence, Kaspersky also noted the importance of the human factor when it comes to securing financial systems. It cited a report which showed that the cyberheist started with a series of spear phishing emails, with one unfortunately opened by an unsuspecting bank employee.
The threat of phishing and spear phishing remains present with Kaspersky detecting 40.5 million globally in the first five months of 2020.
To improve banks’ and financial organisations’ cyber defences, Kaspersky experts said they should integrate threat intelligence into their systems, conduct regular security training sessions for staff, use traffic monitoring software, instal the latest updates and patches for all of the software they use, forbid the installation of programmes from unknown sources, and perform regular security audit of an organisation’s IT infrastructure.