cyber attacks Archives - Business Intelligence

Tag: cyber attacks

product research

How Banking Companies Can Keep Themselves Unscathed from Cyber Attacks

Cyberattacks are becoming more frequent than ever before. Despite increasing emphasis given to cybersecurity in banking companies, this sector is one of the most sought-after targets for cybercriminals. Robbing a bank is one of the oldest crimes in the book. However, bank robbers in the modern day are hiding behind the screen, using targeted and sophisticated cybercrime tactics and leaving IT teams struggling to keep their networks and their vaults secure. According to the Verizon Data Breach Investigations Report (DBIR) 2016, the financial sector had the largest number of security breach incidents, with 795 confirmed data losses. In fact, the U.S. Securities and Exchange Commission (SEC) has stated that cybersecurity in banking the biggest risk facing the financial system.

When it comes to cybersecurity in banking, it is always beneficial to be proactive rather than reactive. Though cyberattacks cannot be fully prevented, planning how to respond to a breach and regularly testing this plan through realistic simulations will helps organizations reduce the severity of such malpractices. In this blog, the experts of cybersecurity in banking and financial sector from Infiniti Research have put forward some of the key ways in which companies in this sector can secure themselves amidst the cyber-attack chaos.

Ways to ensure cybersecurity in banking 

Though the IT teams in banking companies have increased protection of customer data and brought down the number of credit card fraud, this does not completely establish cybersecurity in banking. The internal systems of most banks still need securing. Here are some ways in which the teams for IT and cybersecurity in banking can improve their network security to better secure the vault:Get More Info

Be proactive

Banking sector companies must respond as if their network already has been breached rather than waiting for it to happen. Adopting this mindset forces the IT teams to prioritize the most business-critical parts of the network and use network segmentation as a strategy. If done in the desired manner, network segmentation, achieved through the creation of network zones, limits the ability for a hacker to move laterally across a compromised network.  Cybersecurity in banking through network segmentation requires continual updates and configurations.

banner IR

Enterprise-wide security policy

Having a well-defined security policy is a crucial roadmap towards cybersecurity in banking. This helps the IT team maintain a truly adaptive security architecture and determine the best way for the network to operate with minimal risk. Furthermore, it must be noted that the security policy takes into consideration all the regulatory and enterprise compliance requirements and how to apply timely patches to maintain compliance.

Security policy enforcement

As important as it is to have a security policy to ensure cybersecurity in banking, it is also imperative to validate that it is being enforced across your network. Not doing so will make the network vulnerable to threats. Organizations in the banking sector must constantly monitor their network for changes to configurations and ensure that these changes are approved and compliant with policy. This is a collaborative effort across the enterprise—network operations, security operations, and the CIO. 


Get more insights into Infiniti Research’s market intelligence solutions for the banking sector

Contact US

Cyber Security Threats That the Financial Sector Needs to Keep an Eye on

By recognizing the fact that cyber criminals will find a way to exploit vulnerabilities, financial companies can improve the way they deliver their services, manage security risks, and train their employees.

For over half a decade, cyber security issues have been a bane for many industries. But firms operating in the financial sector have been the worst affected due to their inability to keep up with the security requirements of the modern world. Most cyber criminals attack firms operating in the financial sector because that’s where all the money is. However, with banks and other firms quickly learning how to strike a balance between being open and being secure, instances of digital break-ins have reduced significantly. That being said, here are some of the potential cyber security threats that the players in the financial sector should watch out for :IR_Brochure

Third party cyber security risk

Financial sector companies can experience cyber threats from the third parties and the vendors that they work with. Players in the industry must ensure that they have a system to monitor their vendors or other third party providers continuously. Having a continuous monitoring tool will give companies in the financial sector some relief from cyber threats.

Fourth party cyber security risk

Companies in the financial sector do not generally keep a close watch on their fourth parties. When the fourth party is affected by some ransomware attack, there are high chances of the third party, who has the company’s vital information also to be affected.Therefore, it is essential to keep a close watch on fourth party activities also from time to time.

Global business operation risk

For financial sector companies that operate across borders or at an international level, the threat of cybersecurity is greater. So, companies operating at a global scale must be aware of the cyber threats prevalent in the regions that they operate in.

DDOS attacks

Distributed Denial of Service, or DDOS, is the latest buzzword in the financial sector. This form of cyber attack causes a temporary outage of services, affecting the company’s operations.Some common examples of companies affected by these attacks were Amazon and Paypal.


To know more about the risks and threats in the financial sectorAsk an analyst


Related Insights:

Addressing the Challenges in the Financial Services Industry

Breaking the Chains of Conventional Banking – Blockchain Technology

Competitor analysis

Top 5 Healthcare Breaches… So Far

Year 2017 is half way through, and internet security breach is perhaps one of the topics which has made the maximum headlines – of course after the usual news on political bickering. Just like the past year, this year too hackers have made the most of the fragile online infrastructure of the healthcare industry. In fact, the healthcare sector has emerged as one of the easiest targets for hacking due to its rather weak and obsolete security systems.

In the past six months, the top five healthcare breaches which shook the medical fraternity throughout the globe are:

1.    ABCD Children’s Pediatrics

The San-Antonio based healthcare center was the target of the recent ransomware attack, which breached data of as many as 55,447 patients. On investigation, it was found that Dharma virus, a variant of the Crisis ransomware, had afflicted the files.

Medical records are often used for dark web dealings, pediatric patient records are high commodities in the dark web. The files which were affected by the recent attack included details like medical records, lab results, social security numbers, as well as procedure technology codes.

2.    Harrisburg Gastroenterology

In March 2017, Harrisburg Gastroenterology noticed suspicious activity on their system which led to the compromise of 93,323 patient records. The incident pointed out the loopholes in the website maintenance, which made the Pennsylvania-based institute to notify its patients regarding the breach in data. Critical diagnostic, clinical, as well as insurance information was compromised in this case.

3.    The National Health Service in England and Scotland

In case of hospitals under The National Health Service (NHS), it was the ransomware variant Wanna Decryptor which breached the private information. Wanna Decryptor is one of the most lethal ransomware variant on the dark web, which is why the damage caused was rather huge. The attack crippled the delivery of healthcare services in at least 16 organizations under the NHS. Patients were warned to avoid certain departments, ambulances were diverted, and worst of all, in many cases the hospital staff were unable to access patient data.

4.    Molina Healthcare

Another major Medicaid and Affordable Care Act insurer, Molina Healthcare, had to shut down its patient portal due to security flaws. With a simple change in the URL, the portal provided easy access to all the medical claims data of patients. The breach made news due to the fact that the basic Security 101 flaw was not taken care of. Thus, even though the exposed data did not contain social security numbers, other details like disease, diagnosis, and other medically critical patient information were compromised.

5.    Airway Oxygen

It was in April, that the ransomware attack hit the home medical equipment supplier Airway Oxygen. In this case, the hacker gained access to the network and hacked it in such a way that the employees were shut out from the system where the personal information of the patients was stored.

All these attacks only highlight the need for the healthcare sector to move towards better security measures and a proactive IT department which keeps a close watch on suspicious cyber activities. The time to act, is now!

Steps to Keep Your Medical Devices Ransomware Proof

As hospitals in the UK and Indonesia grappled with the Ransomware attack, the susceptibility of medical devices to cyber attacks again made news across the globe. One of the most conservative verticals of the life sciences industry, the manufacturers of medical devices are gradually adopting technology to provide a better diagnosis of health conditions. No doubt digitization has transformed the overall performance of the medical devices, but at the same time, it has exposed the industry to events like hacking, malware, and cyber attacks as well.

Hacking of medical devices – What is at stake?

Most medical devices have electronic records of the patient’s medical history, the medicines prescribed, as well as information on allergies and other vital facts. Any compromise on this data will not only attract huge financial loss for the hospitals but will also cost the very lives of the patients. Medical devices like insulin pumps and pacemakers have higher exposure to hacking and malware attack. The wireless technology employed in these devices make them an easy target for the hackers.

Medical devices manufacturers – Bracing up to the challenge

With more than 100 million personal health records being compromised, the Food and Drug Administration (FDA) has rolled out a set of guidelines for the device manufacturers as well as healthcare facilities.

As a medical device manufacturer, the FDA recommends that:

  1. The medical device inventory, change management systems, and other networked servers and workstations are monitored closely
  2. All the devices which are running on unpatched version of Windows should be upgraded to the relevant security patched version of the Windows
  3. Conducting vulnerability scans on a regular basis. Though not a foolproof procedure, vulnerability scans do help in identifying devices which are liable to malware attack
  4. Involving the third-party managers and medical device vendors in the risk management process
  5. Prioritizing patches for medical devices and involving the IT department to update the affected medical devices

Lastly, the FDA also wants medical device manufacturers to build response mechanism to handle incidents of cyber attack and see to it that the other devices and medical facilities do not get infected.

Cosmetic packaging

Medical Devices Security: New Challenge in the Life Sciences Industry

Cyber criminals are not just looking out for your bank and credit card details alone. In fact, there are good chances that your medical devices might get hacked as well. Hacking of medical devices is no longer just a chapter of some popular sci-fi novel; rather it has emerged as a growing concern for all the stakeholders in the healthcare industry. The situation has turned critical with the recent Wannacry ransomware affecting the British healthcare services.

The Internet of Medical Devices

The evolution of wireless technology has hugely influenced medical technology as well. No doubt mHealth and networked medical devices have transformed the delivery of medical services, however it has also exposed the entire medical system to cyber attacks as well. Apart from issues related to a patient’s safety, hacked medical devices can be used for identity theft, tax frauds, as well as buying medications which can be later sold on the dark web.

Complex software and network capabilities have transformed medical equipment into sophisticated devices. The need of the hour is to build a strong and secure network which will protect the equipment from hacking and other cyber malpractices.

Medical device security: A shared responsibility of every stakeholder

The onus of medical device cyber security falls on every stakeholder within the industry. Right from device manufacturers, healthcare providers, regulators, to the patients – each and every one of them need to take essential steps to avoid cyber attacks.

For instance, device manufacturers should work towards:

  1. Platform and server hardening
  2. Foolproof inscription and code-signing
  3. Protecting manufacturing integrity

Providers of healthcare services, on the other hand, have to work towards holistic asset management, risk mitigation, and detection of anomalies in their network.

Cyber proofing medical devices: The only way ahead

Apart from issuing several alerts, the Food and Drug Administration (FDA) has released an industry guidance document titled Postmarket Management of Cybersecurity in Medical Devices. This guide enables the manufacturers to identify issues during the design and development of the devices. Similarly, regulations like HIPAA and the ISO/IEC 80001 series of standards provide frameworks which need to be compiled by medical device manufacturers.

Lastly, it is important that serious thought is given to the lifecycle of medical equipment and the entire procurement process of these devices. Transparent procurement along with diligent contract and lifecycle management is sure to enhance the security standards of the medical devices.

Infiniti Research offers healthcare intelligence solutions to help clients tackle key challenges in the healthcare industry

Close
Infiti Logo

Hello there!

Contact us to know more about our cost-effective custom market research offerings to support efficient market penetration, new product launch, and devise strategies to monitor and outperform your competitors.

Cookie Policy

The Site uses cookies to record users' preferences in relation to the functionality of accessibility. Please refer to the help guide of your browser for further information on cookies, including how to disable them. Review our Privacy & Cookie Notice