Cybersecurity Blog: The Cyber Scene is evolving, are you?

Please see links below to Case Studies in Financial Services Cybersecurity:

Overview

Critical infrastructure is not limited to just the energy and utilities sectors. The Financial Services sector is just as critical to a country's security as any nuclear power plant or energy delivery system. It is a hard to imagine our lives with an impaired or disrupted financial commerce system. To address this threat the Financial Services Information Sharing and Analysis Center (FS-ISAC) was launched in 1999. It is the global financial industry's go to resource for cyber and physical threat intelligence analysis and sharing. FS-ISAC is unique in that it was created by and for members and operates as a member-owned non-profit entity. Leidos Cyber, Inc. is proud to be an “Affiliate Member” of FS-ISAC.

Read more

Overview

On March 15 2018, the Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) – TA18-074A providing information on Russian government actions targeting U.S. critical infrastructure organizations including energy, nuclear, water, aviation and critical manufacturing sectors. The TA includes the Indicators of Compromise (IOCs) and technical details on the tactics, techniques, and procedures (TTPs) used by Russian government cyber actors on compromised victim networks.

Read more

On June 27, 2017, a new cyberattack spread across the globe, starting in Europe.  This attack is similar to a 2016 virus called “Petya,” but its spread is reminiscent of the “WannaCry” attack of May, 2017.  This “2017 Petya Attack” is already affecting thousands of computers and is spreading quickly.  Its full impact on businesses, governments, and people is yet to be determined.

Read more

Decisions that Make Companies Vulnerable to Insider Attacks

With the steady rise in cyber-attacks, network defense has become a security team’s number one priority. Many organizations have responded by investing heavily in the best tools to protect their information and systems from outsiders. The hard truth is these technologies are not designed to identify, let alone prevent an insider—contractor, employee, or trusted business partner—from taking information or corrupting a system they are authorized to access.

Read more

Misspelled word thwarts cyber-heist but not before $81 million is syphoned from Bangladesh Central Bank

This past February, hackers were able to steal $81 million from the systems of the Bangladesh Central Bank. Funds were moved from its account at the Federal Reserve Bank of New York to private accounts in the Philippines via wire transfers using the SWIFT payment network. Although this registered as one of the largest cyber heists in history, the damage could have been upwards of $1 billion if not for the attacker’s misspelled word in one of the fraudulent requests. The mistake tipped off an employee at Deutsche Bank and ultimately saved millions of dollars.

Read more