Cyber attacks on banks are getting more sophisticated, according to Huawei Symantec.
Describing the sophistication, the company says a recent distributed denial-of-service (DDOS) attack on a financial institution was measured at an astounding rate of 150 million instructions per second.
Such attacks are usually attempts to make a computer resource unavailable to its intended users. These are common in services hosted on high-profile Web servers such as banks and credit card payment gateways.
The company says a DDOS attack is the intentional paralysing of a computer network by flooding it with data sent simultaneously from many individual computers, often part of a botnet, in an attempt to make the resource unavailable to its legitimate users.
By opening their IT systems to the Internet, banks and their customers are increasingly at risk from Internet-based security attacks. The key challenges facing financial institutions are throughput, uptime and security.
Huawei Symantec's product manager, Shabir Satar, says nowadays hackers are able to send 150 million instructions each second, bombarding a financial institution's router. “Most systems are unable to cope with this rate of bombardment. It causes the server and network to fail, opening the bank's systems to a full cyber attack.
“The increasing number of cyber attacks, and the rate and level of sophistication, makes it uncertain whether existing computer systems will be able to cope with cyber attacks five years from now.”
According to Satar, when purchasing new equipment or upgrading, banks need to consider the implications of cyber attacks up to five years and beyond. “This was previously never the case. Selecting hardware was purely a decision based on its ability to cope with future growth and performance.”
Remote users, those customers accessing their banking information online, pose unique challenges for banks, he explains. “Online access increases the vulnerability of the network. Hackers focus on remote terminals and mobile users to infiltrate core banking services.”
In this way, data can be intercepted or damaged, core services interrupted and malicious viruses spread - compromising both the bank and its customers, he adds.
To defend against increasingly complex security attacks, banks are required to deploy multiple types of terminal management products, according to Satar.
However, he says, as these products are unrelated to each other, deploying them in a network is difficult. Procurement costs are high and there are compatibility issues. “In addition, network architectures are complex and difficult to maintain in terms of network security.”
Banks are also under pressure to go green by reducing the energy consumption of their ever-expanding data centres, says Satar. “In addition, there are increasing demands on storage. Banks, by law, have to keep electronic records such as e-mails for a minimum of 10 years.”
And internally, document security is a high priority, he says. During a document's lifecycle, changes need to be tracked, with changes time and date-stamped giving a full audit trail of the changes, he points out.
“Banks also need to carefully manage bandwidth and use what they have as efficiently as possible. This means providing bandwidth where it is most needed and reducing it where it is not critical or being wasted.”
To meet the demand for simpler IT solutions, Huawei Symantec says it has released an integrated terminal security solution that combines network access control, security policy management, staff behaviour management, patch management, asset management, and secure and effective software distribution. This reduces the task of maintaining terminals and reduces deployment complexity.
The software actively evaluates any local or remote users' security status before they access the network and repairs any system vulnerabilities of insecure terminals. In this way, viruses are blocked and a complete terminal security environment is created.
Share