In 1997, a security officer at a Dunbar armored car facility masterminded the theft of $18.9MM in cash. It had been the largest cash armed robbery to date. Despite being fired the day before the planned heist, Alan Pace III had somehow retained a key to a side entrance at the facility, making it easy for him and his accomplices to get into the facility. Although all the men involved were eventually caught, the stolen money was never fully recovered — over $10MM of the money is still missing. This goes to show that sometimes, even when the criminal is apprehended, it’s too late to repair the damage they have already done to your financial institution.Flash forward a couple of decades to a banking world that relies heavily on tech. Bank defenses against cyberattacks tend to focus on the final destination of an attack: a bank’s computer system or client accounts that have been breached. But that type of defense is more like a security alarm; it is triggered once the criminal has already gained access, and then it’s a race to stop the intruder before too much damage is done.What if you could spot a potential hacker before the attack occurs? A cyberattack on a bank client often originates in the digital space between clients and bank servers. Attackers are looking for ways to insert their malicious codes into the communication stream between client digital devices and bank websites. So, patrolling that murky digital space around a bank server could offer an extra layer of security.It is important for community financial institutions (CFIs) to understand the various ways cybercrooks can launch attacks. There are a growing number of potential threats that CFIs need to watch for:
- Cross-site request forgery. An intruder uses trickery to induce an account holder to perform unintended actions, like changing a password or login and then using that information to break into the account.
- E-skimming and formjacking. A hacker intercepts and steals key information, like account or credit card data, often by inserting fake code into a web page.
- Distributed denial of service (DDoS) attack. A cybercrook floods a website with fake traffic, causing it to crash or lock up.
Better protection of a CFI’s digital realm and its client accounts requires more attention to a bank’s virtual perimeter. There are several strategies and tactics that can help:
- Run vulnerability scans. CFIs can use tools that scan for vulnerable points in its digital wall. This is a little like using a guard dog to scan the perimeter of a sensitive installation. Banks can also regularly scan client account access points for weak spots.
- Invest in client-side monitoring. Client-side attack monitoring tools can help spot early attempts by cybercriminals looking for ways to break into client accounts. By spotting a cybercriminal who is casing client accounts, a bank can act to block an intrusion.
- Update security. Cybercriminals are constantly evolving methods in response to defenses. It is important for CFIs to do the same. IT teams need to be aware of the latest threats and regularly update defenses.
Effective cybersecurity involves more than just erecting barriers and monitoring for break-ins. Stopping a breach before it occurs means patrolling the outer perimeter of a bank’s digital presence and its client accounts. That additional layer of security can help CFIs intervene before critical systems and data are compromised.