Threat Identification and Mitigation Strategies for Brokers
2020 was the year of online. It was huge for online trading, online retailers, and communications platforms, to name but a few. With so much of the global populace doing everything from home, it was also a big year for cyber crime. It’s now expected that the global cost of cybercrime will exceed $1 trillion in 2020, and it’s only expected to grow. So much of daily life is now conducted over the Internet, that the number of attack vectors for malicious actors is multiplying, with evermore sophisticated phishing, denial of service, spyware and ransomware attacks becoming the norm.
Recent Cybercrime Highlights
By far the most prominent attack of 2020 was the hack of IT firm SolarWinds. By installing malware in the company’s Orion software, Russian hackers are said to have compromised at least 24 other companies and organisations who use the software, including Cisco, Intel and Nvidia and several US government agencies.
2020 was also the year of the ransomware attack. With Fintech heavyweight Finastra, software giant Software AG and NASDAQ-listed healthcare company, Magellan Health, all being hit by high-profile ransomware attacks.
Twitter was on the receiving end too, when hackers compromised Twitter employees in order to gain access to the accounts of high profile users like Bill Gates, Joe Biden, Barack Obama, Elon Musk and Jeff Bezos in order to promote a cryptocurrency scam.
We at PandaTS were even in the spotlight back in 2019, when we discovered a trojan targeting online brokers that had spread across the systems of several firms. We promptly published our findings and helped affected parties scan their systems for the malicious code.
Attack Vectors and Mitigation Strategies
Not all cyber attacks are created equal, so it’s important to understand the different attacks your business is vulnerable to in order to have the systems and procedures in place to prevent them. Unfortunately, your support staff may actually be your weakest link here. Attacks that get your own agents to open the door are referred to as social engineering attacks. In the Twitter hack, it was staff members who were tricked onto a dummy website that stole their credentials. The onus is on businesses to ensure that they have robust identity verification protocols and multi-factor authentication in place, at a bare minimum, so credential renewal can be automated and out of the hands of staff.
As far as data security is concerned, encryption is something companies pay lip service to in their marketing materials, but its high time they ensured that strong encryption policies are actually in place and strictly adhered to. In this way, even in the event of a data breach, the personal details of your traders can remain safe. The infection we detected in brokerage systems was the result of malicious actors pretending to be affiliate marketers, sending email attachments of leads lists and invoices. So, keep in mind that attackers will hit you where you are most complacent. As part of our brokerage protection initiatives, we have created an encryption solution called PandaTS Vault, which encrypts all data and then provides relevant team members with the ability to decrypt it.
The next step is to have a rigorous system of non-negotiable permissions for staff members. 90% of ransomware attacks are the result of successful phishing attempts. To mitigate the risk of such an attack, or indeed any of the attacks outlined above, email and chat security needs to be placed under the microscope. This includes malware detection and patch management. It’s no good having rigorous malware detection capabilities when your patches are not kept up to date. On an organisational front, decisions ought to be made as to which members of staff are to have what privileges and these should be strictly adhered to. The sharing of credentials between staff members for the sake of convenience and expediency should be strictly prohibited, as you’re always just one mistake away from a data breach or ransomware attack.
Online brokers are particularly vulnerable because they’re exclusively online businesses, and have complex structures with many departments, from CS and sales, to marketing and back office, all having client-facing parts of their operations. This means that any one of these team members could potentially be the weak link for an attack.
Best practices for these types of organisations include application-based document verification procedures that are protected from malware, blanket bans on the downloading of attachments, and online systems that prevent the accessing of anything but whitelisted IPs.
Remember, even a hack that doesn’t compromise your ability to conduct business, can have severe effects on your bottom line. The mere mention of your brokerage in the same sentence as a cyber attack can be a PR nightmare, causing trust among your existing clients to disappear and new prospects to be scared off. In the early days of online trading, cyber security may have been something of an afterthought. In today’s day and age, it should be paramount, with every single member of staff from every department being routinely educated as to the growing risks.
For free consultationRequest a Call
Request A Call