HID Global “brings trust” to online and mobile banking in face of cyber threat

As consumers embrace the convenience of online and mobile banking at both traditional and the latest all-digital financial institutions, it has become an increasingly difficult challenge to combat cyber security threats while complying with regulatory data protection mandates. Trusted identity solutions specialist HID Global has solved those challenges for several banks as part of their digital transformation initiatives.

“Our solutions protect data and transactions while delivering a seamless experience for the consumer as well as maximum flexibility for banks,” explained Brad Jarvis, vice-president and managing director of identity and access management solutions at HID Global. “This includes the option of cloud-based authentication services that remove the complexity of providing multifactor authentication to a growing and diverse user population, while also offering the convenience and efficiency of centralised regulatory compliance audits.”

Challenging issues

As a business, HID Global is helping to address some of the most challenging of mobile banking issues. For example, a retail bank in Egypt has improved compliance and reduced fraud and operational costs thanks to an HID Trusted Transactions solution. This is pre-integrated with Temenos digital front office and core banking products.

In addition, a Swiss wealth management group is using the solution, along with the HID ActivID Authentication Server, to optimise flexibility while protecting mobile banking transactions and securing corporate data, applications and systems.

Further, two banks in Eastern Europe and the UK are using the solution for quick and easy compliance with Second Payment Services Directive (ie PSD2) regulations.

Even with financial institutions returning to (almost) normal operating hours, many believe digital banking will grow in importance as part of ensuring business continuity and supporting customers who prefer not to visit their local branch during the ongoing health crisis. According to a McKinsey & Company report, the use of digital channels has grown in Europe by up to 20% during the COVID-19 pandemic.

Adoption of digital banking

“In just a couple of months, customers’ adoption of digital banking has leapt forward by a couple of years,” suggests the document. “Our most recent customer survey showed a 10% to 20% rise in digital banking use across Europe in April. Many Italian banks are striving to enable every single one of their customers to use digital banking. Such a jump in adoption opens the door for banks to turn digital channels into real sales channels, not just convenient self-service tools.”

HID Global’s complete HID Trusted Transactions offer for end users in the banking and finance sector includes the HID Authentication platform delivered either as a server or service, plus a choice of hardware tokens or the HID Approve multi-factor authentication solution with mobile push notification capabilities and the HID Risk Management Solution – Threat and Fraud Detection.

The comprehensive offer from the business delivers risk-based adaptive authentication, threat detection and transaction signing.

*Click here for more information about HID’s advanced multi-factor authentication solutions for the banking sector

WatchGuard report finds two-thirds of malware to be encrypted

WatchGuard Technologies’ latest Internet Security Report shows that 67% of all malware in Q1 2020 was delivered via encrypted HTTPS connections and that 72% of encrypted malware was classified as zero day, so on that basis would have evaded signature-based anti-virus protection.

These findings show that, without HTTPS inspection of encrypted traffic and advanced behaviour-based threat detection and response, organisations are missing up to two-thirds of incoming threats. The report also highlights the finding that the UK was a top target for cyber criminals in Q1, earning a spot in the Top Three countries for the five most widespread network attacks.

“Some organisations are reluctant to set up HTTPS inspection due to the extra work involved, but our threat data clearly shows that a majority of malware is delivered through encrypted connections and that letting traffic go uninspected is simply no longer an option,” said Corey Nachreiner, chief technology officer at WatchGuard. “As malware continues to become more advanced and evasive, the only reliable approach towards defence is implementing a set of layered security services, including advanced threat detection methods and HTTPS inspection.”

Key findings

Other key findings from WatchGuard’s latest Internet Security Report include:

Monero cryptominers surge in popularity Five of the Top Ten domains distributing malware in Q1 (identified by WatchGuard’s DNS filtering service DNSWatch) either hosted or controlled Monero cryptominers. This sudden jump in cryptominer popularity could simply be due to its utility. Adding a cryptomining module to malware is an easy way for online criminals to generate passive income

Flawed-Ammyy and Cryxos malware variants join top lists The Cryxos trojan was third on WatchGuard’s Top Five encrypted malware list and also third on its Top Five most widespread malware detections list, primarily targeting Hong Kong. It’s delivered as an e-mail attachment disguised as an invoice and will ask the user to enter their e-mail and password which it stores. Flawed-Ammyy is a support scam where the attacker uses the Ammyy Admin support software to gain remote access to the victim’s computer

Three-year-old Adobe vulnerability appears in top network attacks An Adobe Acrobat Reader exploit that was patched in August 2017 appeared in WatchGuard’s top network attacks list for the first time in Q1 of this year. This vulnerability resurfacing several years after being discovered and resolved illustrates the importance of regularly patching and updating systems

Mapp Engage, AT&T and Bet365 targeted with spear phishing campaigns Three new domains hosting phishing campaigns appeared on WatchGuard’s Top Ten list in Q1 2020. They impersonated digital marketing and analytics product Mapp Engage, online betting platform Bet365 (this campaign was in Chinese) and an AT&T login page (this campaign is no longer active at the time of the report’s publication)

COVID-19 impact Q1 2020 was only the start of the massive changes to the cyber threat landscape brought on by the COVID-19 pandemic. Even in the first three months of 2020, WatchGuard still saw a massive rise in remote workers and attacks targeting individuals

Malware hits and network attacks decline Overall, there were 6.9% fewer malware hits and 11.6% fewer network attacks in Q1, despite a 9% increase in the number of Fireboxes contributing data. This could be attributed to fewer potential targets operating within the traditional network perimeter with worldwide work-from-home policies in full force during the COVID-19 pandemic

Anonymised data

The findings in WatchGuard’s Internet Security Reports are drawn from anonymised Firebox Feed data from active WatchGuard appliances whose owners have opted in to share data to support the Threat Lab’s research efforts. Over 44,000 appliances worldwide contribute threat intelligence data to the report. In Q1 2020, they blocked over 32,148,519 malware variants in total (730 samples per device) and more than 1,660,000 network attacks (38 attacks per device).

The complete report includes key defensive Best Practices that organisations of all sizes can use to protect themselves in today’s threat landscape and a detailed analysis of how the COVID-19 pandemic and associated shift to working from home affected the cyber security landscape.

*To view the full report visit Internet Security Report for Q1 2020

BlackBerry Cylance outlines cyber security predictions for 2020

Josh Lemos, vice-president of research and intelligence at BlackBerry Cylance, has put forward some predictions on cyber security trends for 2020 that will impact Governments and companies across a variety of industry sectors.

(1) Uncommon attack techniques will emerge in common software

Steganography, the process of hiding files in a different format, will grow in popularity as online blogs make it possible for threat actors to grasp the technique. Recent research at BlackBerry found malicious payloads residing in WAV audio files, which have been used for decades and categorised as benign.

Businesses will begin to recalibrate how legacy software is defined and treated and effectively invest in operational security around them. Companies will look for ways in which to secure less commonly weaponised file formats, like JPEG, PNG and GIF, etc without hindering users as they navigate the modern computing platforms.

(2) Changing network topologies challenge traditional assumptions and require new security models

Network-based threats that can compromise the availability and integrity of 5G networks will push Governments and enterprises alike to adopt cyber security strategies as they implement the 5G spectrum. As cities, towns and Government agencies continue to overhaul their networks, sophisticated attackers will begin to tap into software vulnerabilities as the expansion of bandwidth that 5G requires inevitably creates a larger attack surface.

Governments and enterprises will need to retool their network, device and application security. We will see many lean towards a zero-trust approach for identity and authorisation on a 5G network.

Threat detection and threat intelligence will need to be driven by Artificial Intelligence and machine learning to keep up.

(3) 2020 will see more cyber-physical convergence

As all sectors increasingly rely on smart technology to operate and function, the gap between the cyber and the physical will officially converge. This is evident given the recent software bug in an Ohio power plant that affected hospitals, police departments, subway systems and more in both the US and Canada.

Attacks on Internet of Things (IoT) devices will have a domino effect and leaders will be challenged to think of unified cyber-physical security in a hybrid threat landscape.

Cyber security will begin to be built into advanced technologies by design to keep pace with the speed of IoT convergence and the vulnerabilities that come with it. 

(4) State and state-sponsored cyber groups alike are the new proxy for international relations

Cyber espionage has been going on since the introduction of the Internet, with Russia, China, Iran and North Korea seen as major players. In 2020, we will see a new set of countries using the same tactics, techniques and procedures as these superpowers operate against rivals both inside and outside of national borders.

Mobile cyber espionage will also become a more common threat vector as mobile users are a significant attack vector for organisations that allow employees to use personal devices on company networks.

We will see threat actors perform cross-platform campaigns that leverage both mobile and traditional desktop malware. Recent research discovered nation state-based mobile cyber espionage activity across ‘The Big 4’, as well as in Vietnam. There’s likely to be more attacks coming in the future. This will create more complexity for Governments and enterprises as they try to attribute these attacks, with more actors and more endpoints in play at a larger scale.