Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Hands-On Cybersecurity for Finance

You're reading from   Hands-On Cybersecurity for Finance Identify vulnerabilities and secure your financial services from security breaches

Arrow left icon
Product type Paperback
Published in Jan 2019
Publisher
ISBN-13 9781788836296
Length 308 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Dr. Erdal Ozkaya Dr. Erdal Ozkaya
Author Profile Icon Dr. Erdal Ozkaya
Dr. Erdal Ozkaya
Milad Aslaner Milad Aslaner
Author Profile Icon Milad Aslaner
Milad Aslaner
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Introduction to Cybersecurity and the Economy FREE CHAPTER 2. Cyber Crime - Who the Attackers Are 3. Counting the Costs 4. The Threat Landscape 5. Phishing, Spamming, and Scamming to Steal Data and Money 6. The Malware Plague 7. Vulnerabilities and Exploits 8. Attacking Online Banking Systems 9. Vulnerable Networks and Services - a Gateway for Intrusion 10. Responding to Service Disruption 11. The Human Problem - Governance Fail 12. Securing the Perimeter and Protecting the Assets 13. Threat and Vulnerability Management 14. Audit, Risk Management, and Incident Handling 15. Encryption and Cryptography for Protecting Data and Services 16. The Rise of the Blockchain 17. Artificial Intelligence and Cybersecurity 18. The Quantum Future 19. Other Books You May Enjoy

The scope of cybersecurity

The importance of cybersecurity can't be overstated. The world is in a state of interconnection, and therefore an attack on one host or user can easily become an attack against many people. Cyber attacks can range from the theft of personal information to extortion attempts for individual targets. For companies, many things are always at stake. There is, therefore, a broad scope of what cybersecurity covers for both individuals and corporate organizations—let's look at this in more detail.

Critical infrastructure security

Critical infrastructure is systems that are relied on by many. These include electricity grids, traffic lights, water supply systems, and even hospitals. Inevitably, these infrastructures are being digitized to meet current demands. This inadvertently makes them a target for cyber criminals. It is, therefore, necessary for critical systems to have periodic vulnerability assessments so that attacks that can be used against them can be mitigated beforehand. There have been several attacks on critical infrastructures in different countries. Commonly-targeted sectors include transport, telecom, energy, and the industrial sector. The most significant one was on Iran's nuclear facility. The facility was targeted using a speculated state-sponsored malware called Stuxnet. Stuxnet caused the total destruction of the nuclear facility. This just highlights the effect of cyber attacks against critical infrastructure.

The following is an excerpt from an article that describes the malware attack on Iranian nuclear facility computers (https://www.engadget.com/2014/11/13/stuxnet-worm-targeted-companies-first/):

Once the malware hit their systems, it was just a matter of time before someone brought compromised data into the Natanz plant (where there's no direct internet access) and sparked chaos. As you might suspect, there's also evidence that these first breaches didn't originate from USB drives. Researchers saw that Stuxnet's creators compiled the first known worm mere hours before it reached one of the affected companies; unless there was someone on the ground waiting to sneak a drive inside one of these firms, that code reached the internet before it hit Natanz.

Network security

There is no way businesses can be conducted without networks today. Countries that have isolated themselves from internet connectivity have been left behind financially, since a big part of the global economy is currently powered by the internet. North Korea is an example of one country where the internet is highly restricted and only accessed by a few people. However, having connectivity to networks comes with its own cons. Individual and corporate networks have been subjected to unauthorized access, malware, and denial of service from cyber criminals. There are some techniques that can be used to perform actions on networks that can hardly be detected by network admins without the use of tools such as intrusion-detection systems. Other cyber attacks include sniffing packets, theft, and manipulating data during transit. The tools that are being used to protect against network security threats have become overwhelmed with the amounts of traffic that they have to filter. They have also been facing challenges due to the number of false positives that are getting reported. Because of this, security companies are turning to new technologies, such as machine learning, to enable them to detect malicious and abnormal traffic in a more efficient and effective manner.

Cloud security

Among the new technologies that are receiving massive adoption is the cloud. The cloud allows organizations to access resources that they could previously not access due to the financial constraints of acquiring and maintaining the resources. It's also a preferred option for backing up due to its reliability and availability compared to other backup options. However, the cloud has its own set of challenges where security is concerned. Organizations and individuals are concerned about the theft of their cloud-stored data. There have already been incidences of data theft in the cloud. Cloud security ensures that cloud users can secure their data and limit the people that can access it.

According to McAfee security, as many as one in every four organizations has been a victim of cloud data theft (https://venturebeat.com/2018/04/15/mcafee-26-of-companies-have-suffered-cloud-data-theft/) :

Enterprises are moving their data to the cloud, but not everybody is certain that the cloud is as secure as it could be, according to the third annual report on cloud security from cybersecurity firm McAfee. This is due in part to the fact that one in four companies has been hit with cloud data theft.

Application/system security

Many business processes are run with the aid of applications or systems. However, these systems have introduced a weak point in organizations. If these systems are hacked, they can lead to the halting of services or production activities, theft of business secrets, and loss of money. A study by Trustwave SpiderLabs in 2017 revealed that 100% of randomly-selected and -tested web apps had at least one vulnerability. App security is, therefore, receiving attention in many organizations that have set up cybersecurity strategies.

A 2017 study showed that 100% of sampled web apps had at least one vulnerability (https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/don-t-sleep-on-web-applications-the-5-most-common-attack-types-and-how-to-better-defend-them/):

In fact, a stunning 100 percent of web apps that the Trustwave SpiderLabs team tested in 2017 contained at least one vulnerability.

User security

As said before, these are the weakest weak points, and they are particularly hard to protect since they are targeted using social-engineering techniques. These techniques cannot be prevented by using security tools. Attackers get to users through normal interactions, using media such as phones, emails, or face-to-face encounters. Organizations have lost a lot of money due to their employees being attacked using social-engineering attack methods. Therefore, user-awareness programs have been incorporated into most cybersecurity strategies.

Internet of Things security

Internet of Things (IoT) is an emerging technology that has been plagued with security threats. However, its practicality has seen it being adopted in many organizations despite the security challenges. IoT devices have been shipping in an insecure state, which poses threats to organizations and individuals. Cybersecurity has therefore been extended to cover this threat landscape.

Terminologies

Here are some terms related to the cybersecurity world:

  • Cybercrime: Any crime that involves the use of a computer as the object of a crime or as an accessory used to commit a crime. The perpetrators of such a crime are known as cyber criminals. They mostly use computer technology to illegally access sensitive information, scam, or carry out malicious actions.
  • Ransomware: Malware built to extort money from victims by blocking access to their computers and files until they pay a ransom amount. However, the payment of the ransom is never a guarantee of file recovery.
  • Malware: Malicious software. There are three categories of malware: viruses, worms, and Trojans. These are used to either allow unauthorized access or to damage computers.
  • Social engineering: An attack technique that is increasingly being used by cyber criminals to manipulate people into revealing some information or carrying out some actions. The end goal is either monetary gain or access to sensitive information, such as business secrets.
  • Phishing: A common exploitation attack that involves sending fraudulent emails, that claim to be from reputable sources, to users. Phishers aim to get sensitive data or money from their targets. With advancements in technology, phishing attacks are becoming more sophisticated and advanced, and thus more successful.
  • Botnet: A network of zombie devices that have been infected with malware to make them perform certain tasks, such as denial of service attacks. Personal computers were once key targets for recruitment in botnets, but since the introduction of IoT devices, hackers have been shifting focus to this largely insecure technology. A particularly dreadful botnet is the Mirai botnet, which is made up of IoT devices and has been used in several attacks.
  • Data breach: A corporate network is attacked by cyber criminals and some valuable data is stolen. In many cases, customer authentication details, addresses, and their financial information is stolen. Stolen data is valuable and can be sold in black markets or ransomed. Even when the stolen data is encrypted, hackers can find ways to decrypt it, especially if the encryption algorithm was weak.
  • DDoS attack: Attackers target a machine with an overwhelming number of requests, thus clogging its bandwidth and ability to respond to legitimate requests. DDoS attacks are carried out by botnets, which have been discussed previously. DDoS attacks can be used as a diversion technique where hackers cause security personnel to focus their efforts on recovering from the DDoS attack while another attack is taking place.
  • Spyware: Malware used to spy on people for the purposes of obtaining their personal information, login credentials, or other sensitive information. They mostly infect browsers or come hidden in apps and programs. For mobile devices, malware can use GPS sensors to communicate back the whereabouts of a user's device, and they can also access the call history and SMS.
You have been reading a chapter from
Hands-On Cybersecurity for Finance
Published in: Jan 2019
Publisher:
ISBN-13: 9781788836296
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image