INFRA
INFRA
INFRA
Financial institutions targeted by cyberattacks using ‘hidden tunnels’ in networks
Cybersecurity company Vectra Networks Inc. today released a new report that suggests that financial institutions are being targeted by sophisticated cyberattackers using what the firm describes as “hidden tunnels” into networks to steal data.
Hidden tunnels are pathways used by hackers to gain access to corporate networks, often hidden in plain sight, that are difficult to detect because a pattern can be found only by observing a series of communications rather than looking at a single request and response.
The finding comes from the 2018 Spotlight Report on Financial Services, which was based on collected metadata from more than 4.5 million devices and workloads from customer cloud, data center and enterprise environments monitored by Vectra, along with data from the 2018 RSA Conference Edition of the Attacker Behavior Industry Report.
Highlighting that financial institutions have become favored targets of hackers, Vectra said it detected twice as many hidden data-exfiltration tunnels per 10,000 devices in financial services than all other industries combined.
For every 10,000 devices across all industries, 11 hidden exfiltration tunnels disguised as encrypted web traffic were detected. But in financial services, that number more than doubled to 23, perhaps because, well, that’s where the money is. From August 2017 through January 2018, hidden exfiltration tunnels disguised as unencrypted web traffic jumped from seven per 10,000 devices to 16 in financial services.
“Cyberattackers build hidden tunnels to break into networks and steal critical data and personal information,” the company said in a statement. “These tunnels are used to remotely control an attack, known as command-and-control, and steal data, known as exfiltration while remaining largely undetected.” Cyberattackers use hidden tunnels “to blend in with normal traffic, evade strong access controls, and exfiltrate financial data,” it said.
The report noted that the same type of attack behaviors led to the now-infamous 2017 Equifax data breach that resulted in the theft of driver’s license numbers, email addresses, Social Security numbers and other personal information from nearly 146 million consumers.
Photo: TJBlackwell/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
