INFRA
INFRA
INFRA
Financial institutions targeted by cyberattacks using ‘hidden tunnels’ in networks
Cybersecurity company Vectra Networks Inc. today released a new report that suggests that financial institutions are being targeted by sophisticated cyberattackers using what the firm describes as “hidden tunnels” into networks to steal data.
Hidden tunnels are pathways used by hackers to gain access to corporate networks, often hidden in plain sight, that are difficult to detect because a pattern can be found only by observing a series of communications rather than looking at a single request and response.
The finding comes from the 2018 Spotlight Report on Financial Services, which was based on collected metadata from more than 4.5 million devices and workloads from customer cloud, data center and enterprise environments monitored by Vectra, along with data from the 2018 RSA Conference Edition of the Attacker Behavior Industry Report.
Highlighting that financial institutions have become favored targets of hackers, Vectra said it detected twice as many hidden data-exfiltration tunnels per 10,000 devices in financial services than all other industries combined.
For every 10,000 devices across all industries, 11 hidden exfiltration tunnels disguised as encrypted web traffic were detected. But in financial services, that number more than doubled to 23, perhaps because, well, that’s where the money is. From August 2017 through January 2018, hidden exfiltration tunnels disguised as unencrypted web traffic jumped from seven per 10,000 devices to 16 in financial services.
“Cyberattackers build hidden tunnels to break into networks and steal critical data and personal information,” the company said in a statement. “These tunnels are used to remotely control an attack, known as command-and-control, and steal data, known as exfiltration while remaining largely undetected.” Cyberattackers use hidden tunnels “to blend in with normal traffic, evade strong access controls, and exfiltrate financial data,” it said.
The report noted that the same type of attack behaviors led to the now-infamous 2017 Equifax data breach that resulted in the theft of driver’s license numbers, email addresses, Social Security numbers and other personal information from nearly 146 million consumers.
Photo: TJBlackwell/Wikimedia Commons
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
