Three Essential Steps Financial Firms Can take to Protect Against Recent DNS Attacks

By Marc Capobianco

Financial Services sector continues to be a lucrative target for cybercriminals, with statistics showing data breaches rose 480% for this industry in 2018 alone. Email phishing remains the avenue of choice for cybercriminals and accounts for 92% of all attacks.  Unlike the past occasional phishing emails one might receive, which seemed obvious to spot (i.e. the rich Nigerian prince with millions tied up in a central bank who just needs $10,000), today’s phishing efforts are constant and Cybercriminals are leveraging advanced machine learning techniques to evade most modern firewall and endpoint detections systems.

 Today’s more elaborate phishing attacks often mimic an email from a co-worker, a vendor or bank that you regularly do business with, a client, or a website that you frequent (Netflix, Amazon).  The email looks legitimate and might be about a recent payment declined, your order being returned, or the status of an invoice payment.  The victim clicks the embedded link to review the order or account details and is taken to a fake website that looks identical to the legitimate website.  This fake web site may be using a disposable domain name that was set up for a very specific attack and will then vanish after the cybercriminal has siphoned the necessary data from their victim.

How to stay one step ahead?

Recommended Actions: 

1.        Implement Advanced Perimeter Anti-Spam Filtering Service with URL Defense

Advanced Email Protection services filter and quarantine inbound junk mail and spoofed emails in an individual quarantine while denying delivery for items containing known viruses or malicious content. URL Defense protects financial firms against targeted spear phishing attacks, zero-day exploits and advanced persistent threats.  URL defense employs sophisticated techniques to perform real-time dynamic analysis of the embedded URL in the e-mail protecting the user from accessing malicious, fake web sites or command and controller centers.

2.        Leverage Secure DNS Servers

Many organizations rely on public DNS servers from their ISP to direct web traffic to the appropriate domain name.  However, traffic can be directed to malicious or fake websites using newly registered domains, disposable domains, and other phone home command and control centers. Tier1Net recommends leveraging Secure DNS servers for name resolution and web browsing. These secure DNS servers use the Internet’s infrastructure to block malicious destinations before a connection is ever established identifying targeted attacks.

3.        Endpoint Protection with Artificial Intelligence

With more than 400,000 new viruses discovered daily, traditional anti-virus software is simply unable to keep pace.  Tier1Net recommends enhancing traditional AV software by adding on Intelligent Endpoint Protection and endpoint detection and response (EDR) that utilizes Machine Learning to protect against zero-day attacks.

Read more at https://techcrunch.com/2019/02/23/icann-ongoing-attacks-dns/

Contact Tier1Net to learn more about how Tier1Net is mitigating this risk with its Financial Services Cybersecurity Framework.

#OneStepAhead  #Cybersecurity  #GetTier1Net

Share:

Leave a Reply

Your email address will not be published. Required fields are marked *

*

HTML tags are not allowed.