Hackers Prove Patient But Swift

Breaching a global bank network is no smash and grab operation. As organizations focus and fund their cybersecurity resources with even greater alacrity, the bad guys have to continue to polish the edge of their sword, patiently waiting for the right opportunities to score bigger and bigger hits. Such is the case with the recent — and second — attack on Swift, the global messaging network banks use to move money around. If you think you’re covering all your bases and keeping your data out of harm’s way, you may be giving yesterday’s news and last week’s security protocols too much play. Hackers, in one small way, are like PGA Tour Pros: These Guys Are Good.

Old Dogs, New Tricks

As reported in a recent NY Times article and elsewhere, hackers used malware to manipulate a PDF reader used by an unnamed Swift member bank to confirm payments. They repackaged the PDFs, redirected funds, and then swept the PDF to remove all evidence of manipulation. In other words, they didn’t need access to a broad brush of account information. They needed legitimate network credentials and patience, and the flow of PDFs. So ask yourself, how many times do you send sensitive information through a PDF?

 

Swift and Decisive Preparedness

ICS eats malware for breakfast. Not really. In a world of metadata, that would be a metaphor. But you get the point. We use tomorrow’s technology to secure your network from today’s threats. And then we use ethical hackers to test our work and identify points of vulnerability based on current and future threats.

 

The process takes time, but the call is fast. Or swift.

ISO 9001 2015Technology Industry InnovatorsVeteran Owned Small BusinessCMMI Maturity Level 3CISSP® - Certified Information Systems Security ProfessionalCertified Penetration TesterITIL IT Service ManagementCertified Ethical HackerProject Management Institute CertifiedUS Department of Homeland SecurityDisaster Recovery Institute CertifiedCertified Information Systems Auditor