Mitigating the DDOS Threats Facing Banks and Fintechsby@joshhorowitz
583 reads
583 reads

Mitigating the DDOS Threats Facing Banks and Fintechs

by Joshua HorowitzDecember 24th, 2021
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

As much as digitization and cyber simplified banking, the Fintech sector has left digital payment activity exposed to malicious and suspicious activity.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Mitigating the DDOS Threats Facing Banks and Fintechs
Joshua Horowitz HackerNoon profile picture

As much as digitization and cyber simplified banking, the Fintech sector has left digital payment activity exposed to malicious and suspicious activity. With financial crime being estimated at 2% to 5% of the global GDP (or $1.6 trillion ), it is alarming that this year, companies around the world are expected to spend more than $1.45 trillion on detecting, preventing, and investigating financial crime.

According to the latest report from Experian, the COVID-19 pandemic is driving people to work and bank remotely. This exposes vulnerabilities in the systems of many companies and banks, leaving them vulnerable to data leakage and DDoS attacks.

Since 2020, DDoS attacks against banks and financial institutions have become strikingly common. The DDoS method overwhelms target servers or websites with artificially generated traffic with crashing load levels that disable any server’s ability to operate. Last year, threat actors forced the New Zealand Stock Exchange to be offline for almost an entire week and asked for ransom to stop the DDoS attacks. The Russian tech giant Yandex was hit with the internet's largest-ever recorded distributed denial-of-service or DDoS attack in September and Amazon Web Services (AWS) defended against a 2.3 -terabit-per-second (Tbps) distributed denial of service (DDoS) attack in February. And these are just three of the most high-profile DDoS attacks in the past 12 months.

As banks are running multiple cloud-based apps – they also run a high risk of exposure through data leakage. This makes it all the more crucial to identify ways to keep data protected, and secure.

There are several measures that banks and financial institutions can use to protect their data and operations from a DDoS attack and data leakage. From implementing network segmentation and applying Firewalls, to developing and enforcing policies on mobile devices, implementing End-to-End security solutions is of urgent need by these institutions. Banks need to have appropriate protection tools installed for both their networks and their applications. This includes such key tools as firewalls, network monitoring software, anti-virus and anti-malware programs, as well as threat monitoring systems. Solutions such as HUB Security's D.Storm provide extended cyber threat intelligence (XTI) that combines both Threat Intelligence, Risk Protection, and External Attach Surface Management Services are of immediate essence to banks.

Several companies undertook the challenge of protecting these financial institutes from notorious MitM/B attacks. HUB Security, for example, launched “D.Storm”, a system that collects data from the bot attacks in real-time and presents it to the user for in-depth analysis. The solutions thus provide the actionable and timely intelligence context banks need to manage the risks in the era of transformation.

Implementing a pro-active threat identification, mitigation, and protection strategy means going through the bank’s system and working out any possible security vulnerabilities, as well as defining a clear response from the organization in the event of a DDoS attack.

There are other solutions banks can rely on to prevent DDoS attacks and data leaks. Companies like Cloudflare and Akamai offer comprehensive protection against attacks of various types. As leaders in the field of cybersecurity and CDN, their on-demand and always-on types of services can cope with up to 1.3 TBps attacks.

As banking becomes increasingly digital, the company’s infrastructure is not limited to the website and is constantly exposed to external attacks. This makes it worthwhile to consider a hardware solution for autonomous protection against DDoS. Specialized tools like BeeThink Anti-DDoS Guardian and Cloudbric protect Windows servers from most DDoS attacks. And may also protect Windows Remote Desktop Connection from password brute force attacks.

Detecting threats as early as possible remains the best way to prevent a DDoS attack from taking down important network infrastructures and affecting end users. When choosing a DDoS protection service, banks should first evaluate their online customer base and the possible monetary impact of DDoS attacks.

New technologies are only as effective as each organization’s cyber-risk culture. Banks must be aware of evolving risks and establish a plan for continuity to stave off the attacks that will continue to impact the security of intellectual property and money transfer systems.