There’s no doubt that as the world relies on a digital platform to do any daily tasks, it also raises the ways how criminals perform malicious acts. As Padgett-Beal goes into the financial business with acquiring Island Banking Services, we should identify any threats that they should know about as we go into this new business territory. I’ve researched a current attack that has happen that targeted sub-Saharan Africa banks in which this hacking group used social engineering to penetrate the banks cybersecurity infrastructure. In this brief, I also go over some recommendations to mitigate this kind of attack within our company. It’s important to identify the new threats that are out there to ensure our cybersecurity management program is current to deflect these new threats.
Early 2020, it has been identified that major banks located in sub-Saharan Africa has been in target from cyber-attacks. Although it has not been clearly identified, how the attacker was able to infiltrate the banks cybersecurity and how they attacked matched the same attack method as the hacker group, Silence Group (EBAW, 2020). Silence Group is a known Russian hacking group. Their methods are considered very considered advanced due to their efficient tactics. They are considered one of the most active Advanced Persistent Threat (APT) actor around the world and have been orchestrated successful bank-focused campaigns (Christian, 2020). It’s thought that the reason why they have started attacking African banks is due to their lack of current cybersecurity practices.
How they attack is from creating a social engineering scheme. They send phishing emails that contain malware to the employees. Once the malware infects the machine, it then makes its way to the bank’s security perimeter. From here is where the APT gets its name, once in the malware just stays there with not much movement. It just performs reconnaissance with day to day operations by utilizing screen shots, video recording, and understanding how everything works. When the hackers are ready to strike, they turn everything on that the malware is capable of such as ATMS which could reach up to millions.
Some recommendations that PB should do is train users to help identify a phishing attempt, and what to do if they think they have received one. Users are the most common vulnerability as they can make a mistake of clicking on a questionable email link. Also having an Intrusion Detection Software (IDS) to see any traffic being sent out to unfamiliar IP addresses and the size. If the Silence Group is sending images and videos to themselves, they may use a single IP address and if they are sending video files, the size of the file should be big enough to raise some questions (Masweneng, 2020). Another recommendation is to have a firewall and anti-virus software that has up to date with the current threats that are out there and identified. If a known cyber attack was identified a month ago, and the current version of a firewall was updated six months ago, the network is vulnerable to that attack as the firewall or anti-virus doesn’t have the new information to detect and block any new malicious activity.
As Padgett-Beal goes into the financial business, it’s important to understand the different and new threats that are associated with that area of business. I went over a recent cyberattack that targeted financial institutions in sub-Saharan Africa. It’s thought that the reason why area was targeted was due to its lack of their cybersecurity management processes that made then more vulnerable to attacks. I went over some recommendations that would mitigate these kinds of attacks which include training employees and ensuring anti-virus software is continuously updated from the vendor. We need to stay vigilant with what threats are out there and do whatever we can to safeguard our business.
Christian, A. (2020, February 3). Silence group now making rounds to exploits Sub-Sahara African banks. Retrieved from https://weetracker.com/2020/02/03/silence-group-ss...
EBAW. (2020, January 13). Sub-Saharan Africa banks under attack from Russian speaking hacking group. Retrieved from https://www.busiweek.com/sub-saharan-africa-banks-...
Masweneng, K. (2020, January 13). Notorious 'Silence' hacking group targeting banks in sub-Saharan Africa. Retrieved from https://www.timeslive.co.za/news/south-africa/2020...