Data security: Who will win the cyber war?

Data security has been a priority for financial services companies. But a series of cyber attacks by international hackers such as the recent "anonymous", combined with the public mistrust that followed the financial crisis, forced financial services companies to raise their cyber security to prevent data leaks and restore customers ' trust. While the victims of a series of major cyber attacks and data leaks in the 2011 years were Sony, PBS, the U.S. Senate and even some large companies and government agencies such as the CIA and the FBI, security experts said financial services companies, which had always been the target of fraud, were increasingly targeting cyber criminals.

For example, the Consumer Rights Protection website has been the first to report that Citibank caused a data leak on May 10, 2011 As a result of a hacker attack. Two weeks later, Citigroup officials admitted that data thieves had stolen 36,000 names, accounts and e-mail addresses.

Prevention of financial crime, risk and compliance solutions provider Nice Actimize, director of product marketing, said: "The fact is that criminals trying to commit fraud are targeting people who are making money through online banking." "In addition to microfinance, hackers have targeted asset managers, wealth managers and even investors who visit online assets," Knieff said.

Cyber attacks are becoming rampant and becoming more cunning than ever, security experts say. According to reports, hackers can even spend 400 to 700 dollars on the Internet to buy software tools to commit crime, depending on the number of machines they want to infect.

Chief technology officer of U.S. trade holding company Lou Steinberg

"Five years ago, financial services companies saw hackers use relatively simple ways to attack customers ' accounts, but the pattern of attacks has changed a lot," says Lou Steinberg, chief technology officer at the US trade holding company. In addition, many hackers, such as ' Anonymous ', are beginning to have a collective division of health. ”

Jason Milletary of the SecureWorks company's anti-threat Division (CTU), a research group that provides security information services for financial services companies, says hackers use a variety of technologies to spread malware, such as malicious code used to steal personal information, passwords, Or it can be used to control malicious code that the machine sends spam without the user's knowledge. Hackers also use social engineering, such as e-mail messages disguised as a victim's colleague or friend, to lure the victim to open an attachment in a message to get the user's password. Hackers also exploit the weaknesses of the application to steal the victim's credentials.

"We see malware evolving, so they can evade detection," says Milletary, who is now the head of malware analysis at the team. He noted that the biggest malware threat to 900 financial customers using Dell Secure Works's intrusion prevention system was a black hole. The criminal software, developed by a Russian hacker, can attack a computer by a malicious script implanted on the site.

"At the moment we are seeing more and more cunning hackers organize research and analysis of us and other financial services systems," Steinberg said. They are trying to find our weakness. The hacker is the attacking side, and we are the defensive side. ”

(Responsible editor: Lu Guang)