How FIs Are Combating Increasingly Sophisticated Attacks |
Recent reports from The Wall Street Journal WSJ regarding a sizable increase in the number of cyberattacks on big banks may have been greatly exaggerated Some industry experts believe that financial services companies have not seen a rise in cyberthreats at all Bill Nelson CEO of the Financial Services Information Sharing and Analysis Center FS-ISAC told PYMNTS that these rumors are likely the result of an overzealous watchdog or security vendors that are hoping to create a market for their offerings That said financial institutions FIs arent out of the woods yet There hasnt been a surge in the amount of fraud specifically targeting financial services firms but the overall fraud rate is climbing particularly as consumers embrace mobile banking applications and digital banking channels We saw that report and it was news to us but attacks are always increasing he said So I think banks need to be vigilant I think organizations need to invest in new technologies and make sure theyre catching any critical systems vulnerabilities They have to know what and who the biggest threats are Banks seem to be following that advice and have ramped up fraud prevention efforts in recent years The technologies implemented for this purpose have a wide range of applications and uses and they each share and rely upon data Using Data To Fight Fraud One of the biggest challenges for banks is the sheer amount of attack methods FS-ISAC officials have seen fraudsters use a wide and expanding range of techniques These attacks are not just growing in number though theyre becoming more adept at wreaking havoc Cybercriminals remain a threat particularly those who steal money because they go after banks and their customers companies like retailers Nelson said The number of different attacks has really increased over time and theyre more sophisticated Theres more malware and more variance emerging all the time The ever-growing list of cyberattack methods paired with the surge in digital transactions means that banks and FIs that want to avoid becoming the latest victim of cybercrime need to invest in systems that can detect cyberattacks Modern fraud prevention solutions are built around new emerging tools and technologies like machine learning ML and artificial intelligence AI Detection is really important he noted Ultimately its about how you respond if and when you do detect something You need to make sure you have the right software to clean that malware off not only your systems but customer systems as well Nelson also mentioned solutions like two-factor and knowledge-based authentication as powerful tools that banks could deploy to ward off cyberattacks Sharing Smarts Newer sophisticated attack methods are becoming more difficult for banks and FIs to detect and prevent When cybercriminals work together they learn from each others successes to create more effective malware There are a number of different threat actors and cybercriminals Weve seen as many as 78 different forums for cybercriminals where they can share information about how to launch an attack and how to make an attack successful he said They have a huge network of people Banks and FIs can collaborate in the same way however which is a crucial weapon in the fight against fraud If these institutions share data on cyberattacks fraudulent transactions or other incidents they can provide more ammo to AI and ML systems which rely on information like this to detect and prevent fraud Sharing information can also help banks differentiate between unsubstantiated attack rumors like the one seen in the WSJ and legitimate increases in cybercrime This allows FIs to spend less time preparing for threats that never come to pass and more time focusing on fighting the attacks that do impact their organizations As more banks and FIs adopt AI and ML solutions real-time information sharing on both successful and failed attacks as well as the properties that separate legitimate transactions from suspicious ones will likely become more important This isnt just executives getting together for a nice dinner and discussing whats happened over the past quarter he said This requires banks to say Hey Im being attacked and this is what Im seeing and share that information with other banks so they can protect their infrastructure and more importantly their customers Collaboration will become key in fighting fraud in the coming years particularly as banks continue to face increasingly specific types of attacks