A new need for financial cyber security
New PSD2 banking rules in the EU are now forcing traditional financial players to open-up customer data to FinTech disruptors via open APIs. It’s hoped that the new legislation will help to create a level playing field between new-comers and incumbents through driving innovation and improving customer choice. However, it’s also expected it will increase financial cyber security risks.
Despite threats, the finance industry is showing no signs of slowing down. In fact, in the first half of 2018, the UK market attracted $16bn worth of investment, more even than the US. Supporting over 60,000 jobs today, it’s predicted to attract another 30,000 by 2030 as growth continues.
Digital transformation and the financial sector
Digital transformation is coming from platforms and technologies like blockchain, big data analytics, AI, cloud and mobile. It offers the opportunity to rapidly evolve and deliver new services to market, align IT with the business to drive profits, and put the customer at the heart of everything financial firms do.
But as financial services and FinTech firms digitally transform, new threats emerge. Cyber criminals are increasingly targeting the sector, despite the large expenditure on security. According to the FCA, breaches soared five-fold in 2018.
The cost of cyber attacks in financial services industry
Customer data is valuable to the financial industry and hackers alike. Once hackers get their hands on customer data, it tends to be sold on dark web forums for use in fraud schemes. This is a serious risk now that sensitive customer and employee information is regulated not only by the FCA but also the GDPR. In the UK, the average cost per lost or stolen record is £163 in financial services, the highest of any sector, according to IBM. That means serious incidents could very soon incur losses in the millions.
IT downtime is another serious risk for financial services firms. Customer expectations of a 24/7 mobile and online banking service means that any service interruption that impact corporate reputation and customer churn. In fact, according to some reports, downtime could cost UK firms as much as £2bn per year in lost revenue.
Despite the costs, both monetary and reputational, just a third (32%) of FinTech firms stated cyber security as their top technology investment.
Organizations first need to understand the potential impact of financial cyber security crime on their business, and then take a fresh look at DNS as a new way to tackle it. By moving beyond traditional security measures like firewalls and AV, they can gain valuable visibility into threats, and ultimately automate highly effective incident response through harnessing DNS.
Why DNS is important
DNS is a particularly attractive target to cyber criminals as it enables attackers to facilitate phishing, malware installs and data exfiltration.
One study has found that 39% of financial services firms were hit by five or more DNS attacks in the previous 12 months, yet over half of them (52%) claimed to be unaware of DNS-based malware. The DNS is often overlooked by stretched IT teams continually forced onto the back foot by attacks. Yet the truth is it plays a vital role in every organization, converting the domain names used by people to the IP addresses used by machines to communicate online. Without it, something as simple as browsing the web would be virtually impossible for bank employees and customers.
Yet DNS was also built in an era before professional cyber crime. That means it contains vulnerabilities which hackers are adept at exploiting. DNS servers can be targeted to redirect unwitting users to phishing and malware sites, for example. Or hackers can take advantage of the fact that most firewalls whitelist DNS, by smuggling stolen data out of victim organizations in DNS traffic, or using it to issue commands from command-and-control (C2) servers.
The good news is that, because DNS is always-on, it is also a great place to add in security. Nominet’s NTX platform uses advanced analytics to spot malicious activity right down to single packets in huge volumes of legitimate DNS traffic. With this visibility and control, IT teams can regain the initiative by predicting, detecting and blocking attacks early on in the kill chain.
If they have the right tools in place, DNS-based security can be an invaluable first line of defence for financial services firms.