Financial crime goes big
There were a number of attacks against financial institutions in 2015, but none was more audacious than the Carbanak crime ring, which targeted more than 100 banks and other financial institutions in 30 nations. Kaspersky Lab estimated the gang had stolen as much as $1 billion since late 2013 and had managed to stay under the radar for two years because it kept each transaction between $2.5 million and $10 million.
The scale of attacks against financial institutions indicate criminals are moving away from low-value consumer-related attacks such as identity and credit card theft in favor of high-value attacks. “The old ‘smash and grab’ jobs are becoming carefully orchestrated and executed jobs,” said Mike Davis, CTO of CounterTack.
The FBI also warned of an increase in social engineering campaigns where an attacker sends an email purporting to be from the CEO or another senior executive to the CFO or another executive authorizing a wire transfer. If the recipient is tricked and doesn’t validate the email’s authenticity before the transfer, that money is gone, usually for good.
While external attackers still pose the biggest threat to financial organizations, 2015 showed insiders can cause damage as well. Earlier this year, a former employee of Morgan Stanley pleaded guilty to stealing confidential data from more than 700,000 customer accounts while he was interviewing for a new job with two competitors. And external attackers target insiders who already have access to sensitive data. Encryption, dynamic security policies that travel with data, and robust multifactor authentication controls are some of the defenses financial institutions should consider to ensure that unauthorized individuals can’t read anything they shouldn’t be allowed to see, said Ron Arden, vice-president of Fasoo.
Health care on the breach radar
Some of the biggest breaches in 2015 involved health care organizations, including Anthem, Excellus BlueCross BlueShield, Premera Blue Cross, and CareFirst, to name a few. Eight of the 10 largest health care breaches happened in 2015, according to the U.S. Department of Health and Human Services.
It’s no surprise the attackers went after health care, since the companies tend to have valuable data, including names, addresses, Social Security numbers, medical records, and financial information. The data is difficult to change, meaning it has a longer shelf life and can be used in a variety of follow-up attacks. Attackers accessed more than 100 million health care records in 2015.
While some of the breaches may have been part of identity theft and other cyber crime activities, security experts believe Anthem was the work of Chinese state-actors. The attackers may have been after data on specific individuals for intelligence purposes, or they may have wanted intellectual property relating to how medical coverage and insurer databases are set up. The Chinese government has denied any involvement in the attacks, and Chinese authorities recently arrested individuals they claim had targeted Anthem for cyber crime purposes.
Sign up for CIO Asia eNewsletters.