Banks continue to be the most targeted organizations by data-greedy hackers in this digital economy. While several reports show that the compliance framework among European organizations is still not up to the mark post-implementation of the GDPR — a period that witnessed several data breach incidents, another breach incident has raised a fresh question on the security measures adopted by the Banking industry in the region.
Despite the stringency of EU GDPR standards, it is shocking to come across this incident mostly due to the lackadaisical attitude towards access control mechanism. The data-heist in European Central Bank (ECB) a few days back has forced the management to shut down one of its websites which was infected by a malware. The bank found telltale evidence of some unauthorized third party successfully breaching the security of bank server where almost 500 records of the subscribers whose personal records like name, contact details and email IDs were stolen. The bank officials, however, tried to pacify the worried customers by stating that “only contact information was stolen.”
The most-ignored threat exposed
Empirical evidence suggests that the average time for organizations to detect any information security breach is around 200 days, and 160 days (approx) for the financial sector (though varies occasionally). What is more shocking is that the ECB data breach happened during the end of 2018 but was recently noticed by the IT managers, thanks to the routine maintenance work. The hacker stealthily injected a malware on the external server and stole off private customer information from Banks’ Integrated Reporting Dictionary (BIRD) website beyond recovery. Since the site was hosted by an external provider, security violations were highly evident. According to the European Central Bank spokesperson, the organization was hit by cyber attacks even earlier way back in 2014 where contact information for event registrants was stolen from the main consumer-facing website. Later on, the incident came to light only when the culprit tried to claim a ransom to return the stolen data.
Handling Third-Party Risks
Risks arising from uncontrolled third party activities are one of the most destructive cyber threats today. In a shared and distributed environment where it is never humanly possible to micromanage or micro-monitor user activities in the enterprise network, it becomes extremely crucial for an organization to have a mechanism in place that ensures rule and role-based access controls and privileged entitlements. The privileged accounts, which are the gateways to confidential information, are always vulnerable to external and internal threats. These accounts provide access to databases, business-critical applications, roots and other forms of critical systems. Scattered across the network, on-prem hosted third-party environments, privileged accounts face imminent risks from malicious insiders and compromised third-parties.
Data stored and processed by government organizations and administrative institutions is a treasure-trove of confidential data. This data is often targeted by malefactors where the motive to steal information could be disgruntlement, greed, or organized crime (targeted attack). Data security, therefore, should be the cornerstone of the overall cybersecurity framework. And this starts by implementing best practices around access controls offered by Privileged Access Management.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.