With the recent Russian cyberattack affecting federal, state, and local government entities as well as corporations like Microsoft in the private sector, financial institutions must be more vigilant to protect their website networks. Cyberthreats can target any part of your system. Hackers can access your network through online actions by your employees, customers, and vendors.
This week, we’re going to look at three common cybersecurity threats that cyber thieves will use to compromise your bank website: denial of service attacks, corporate account takeovers, and watering hole attacks.
- Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
- Corporate Account Takeovers (CATOs)
- Watering Hole Attacks
- Final Words
Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
In September, the Cybersecurity and Infrastructure Security Agency (CISA) reported an influx of denial of service (DoS) and distributed denial of service (DDoS) attacks on financial institutions worldwide. DoS and DDoS breaches flood your bank web host with internet traffic, slowing or completely bringing down your website.
This can frustrate your online banking customers when they’re unable to complete transactions. Potential customers may question your credibility and reliability if your website responds slowly or not at all.
You can prevent DoS and DDoS threats by installing a firewall to restrict incoming and outgoing traffic on your bank website and scanning your network daily with antivirus software. At BankSITE® Services, we go a step further, protecting your site with AT&T’s DDoS Defense System. In the event of a DDoS attack, our Attack ByPass System allows you to redirect select customers to your online banking website or a static maintenance page.
Corporate Account Takeovers (CATOs)
Malware will be an ongoing threat in 2021, especially in a corporate account takeover (CATO) attack. Any business that performs electronic transactions through an online banking business account is a CATO target. With this type of breach, cyber thieves impersonate a business to send wire and ACH transactions from its online banking account into the thieves’ accounts.
Although malware scanning may be the first line of defense, multilayered security is the best deterrent for CATO threats. This might include installing tools to block connections to suspicious or fraudulent IP addresses, regularly maintaining and validating the firewall, and implementing monthly security patches.
In addition to these security measures, BankSITE® Services has partnered with Trustwave to perform third-party vulnerability assessments on our network to protect our customers’ bank and credit union websites from malicious takeovers. The Conference of State Bank Supervisors, the Financial Services Information Sharing and Analysis Center, the US Secret Service, and the Texas Department of Banking have also developed best practices to help banks and credit unions mitigate CATO.
Watering Hole Attacks
Early in 2017, cyber thieves launched watering hole attacks on several financial institutions. With this type of malware attack, a cybercriminal watches your employees’ online behavior to discover frequented websites, such as the Federal Depository Insurance (FDIC), the National Credit Union Administration (NCUA), or the Federal Reserve. The thief determines the vulnerabilities on these sites, which become watering holes.
The next time your employees visit the “watering hole,” they’ll be infected with malicious code. The malware allows the attacker to steal the employees’ network credentials, making you and your customers vulnerable to phishing and ransomware schemes.
To prevent watering hole attacks, update your operating systems and software regularly. Along with scanning your bank website, network, and employee computers for malware, you can install security software that will alert users of malicious websites. BankSITE® Services scans client websites daily for malware, malicious JavaScript, malicious iframes, drive-by downloads, suspicious redirections, and IE-only attacks. If your site has been infected, we can quickly restore an uninfected version from backup to avoid uninterrupted service of your website.
Final Words
By staying abreast of the latest cyber breaches, you can safeguard your bank website from becoming a target. Your team can also evaluate your cybersecurity plan and identify areas of improvement by reviewing these Cyber Challenge scenarios created by the FDIC.
Employee training should be the first step of your cybersecurity plan. To meet bank website security challenges beyond your expertise, consider hosting your site with BankSITE® Services. Reach out to us to schedule a consultation.