cyber
TRENDS
“ Adversaries targeting the banking industry are primarily criminals focused on financial fraud , using social engineering and infostealers to try to obtain bank account details and banking portal login credentials . We still see adversaries aiming to sabotage operations , steal sensitive data and deploy ransomware , but in much smaller numbers than the financial fraudsters ,” added Canzanese .
Netskope Threat Labs recommended organisations in the banking sector review their security posture to ensure that they are adequately protected against these trends :
• Inspect all HTTP and HTTPS downloads , including all web and cloud traffic , to prevent malware from infiltrating your network . Netskope customers can configure their Netskope NG-SWG with a threat protection policy that applies to downloads from all categories and applies to all file types
• Ensure that high-risk file types like executables and archives are thoroughly inspected using a combination of static and dynamic analysis before being downloaded . Netskope Advanced
Threat Protection customers can use a Patient Zero Prevention Policy to hold downloads until they have been fully inspected
• Configure policies to block downloads from apps and instances that are not used in your organisation to reduce your risk surface to only those apps and instances that are necessary for the business
• Configure policies to block uploads to apps and instances that are not used in your organisation to reduce the risk of accidental or deliberate data exposure from insiders or abuse by attackers
• Use an Intrusion Prevention System ( IPS ) that can identify and block malicious traffic patterns , such as command and control traffic associated with popular malware . Blocking this type of communication can prevent further damage by limiting the attacker ’ s ability to perform additional actions
• Use Remote Browser Isolation ( RBI ) technology to provide additional protection when there is a need to visit websites that fall into categories that can present higher risk , like newly observed and newly registered domains .
We still see adversaries aiming to sabotage operations , steal sensitive data and deploy ransomware , but in much smaller numbers than the financial fraudsters .
WWW . INTELLIGENTCISO . COM 21