The financial industry, the target of more and more costly attacks on the DNS

The financial services industry, the target of more and more costly attacks on the DNS
Image source: JimBear via Pixabay

Financial services companies are particularly affected by cyberattacks. They possess a wealth of information on the customers, protect their money and provide essential services which must be available day and night. They are a lucrative target. Among the favored lines of attacks: the DNS.

The Efficient IP’s Global DNS threat annual report shows a constant growth of the DNS attacks’ number and the financial impacts, with an average financial loss of 1.2 million euros in 2019. This amount was estimated at 513 000€ in 2017 and 806 000€ in 2018.

If all the industries are affected by cyberattacks, 82% of the companies surveyed have been affected and 63% have suffered a traffic disruption, the financial industry pays a more important price with 88% of impact. Conducted with 900 persons from nine countries of North America, Europe and Asia, the study indicates that financial companies suffered 10 attacks in average during the 12 last months, i.e. an increase of 37% compared to last year.

The increase of the costs is only one of the DNS attacks’ consequences for the financial services industry. The most common impacts are the cloud services’ downtime, experienced by 45% of financial organizations, and internal applications downtime (68%). Furthermore, 47% of financial companies have been the victims of frauds by phishing attacks aiming the DNS.

The survey clearly shows the insufficient security measures implemented for the DNS securing. The delay in applying security patches is a major problem for the organizations of this industry. In 2018, 72% of the interviewed companies admitted that a 3 days’ delay was necessary to implement a security patch in their systems, 3 days during which they are exposed to attacks.

Only 65% of the financial institutions use or plan to integrate a trusted DNS architecture, they seem to be always late and not to be sufficiently aware of the risks associated to this central point of their infrastructure. The evolution of the threats on the DNS is constant, the attacks are many and complex. It is essential to quickly react to better protect yourself.

Industry, trade, media, telecom, health, education, government, service… many others sectors are affected by the attacks. Some solutions exist. ANSSI publishes every year the guide of good practices regarding the DNS resilience, which details many recommendations in order to be protected. Relying on an Anycast network; possessing a protection system against DDoS attacks; having a monitoring of DNS traffic and a team able to take action quickly; possessing an efficient security policy … As many measures essential to the resilience and efficiency of the DNS network against these damaging attacks in terms of financial and image impact.

Hoping to see at last better figures in the 2020 report.

ANSSI annual report – The 5 cyber threats observed in 2018

ANSSI annual report – The 5 cyber threats observed in 2018
Image source: TheDigitalArtist via Pixabay

On April 15, 2019, ANSSI (the National Cybersecurity Agency of France), unveiled its annual report during a press conference. The agency identified 1869 alerts, 391 incidents without counting critical importance operators, 16 major incidents and 14 cyber defence operations for 2018. ANSSI also identified 5 major trends in terms of cyber threats observed in France and in Europe in 2018.

Analysis of cyber threat in 2018 – The 5 major trends

1.Cyber-espionage

Major concern for ANSSI in 2018, according to the agency, cyber-espionage represents the highest risk for the organizations.

Extremely discrete, benefiting from important financial resources, the attackers plan for many years highly targeted and highly sophisticated attacks. In 2018, it was noted that the cyber attackers are increasingly interested in vital activity sectors and specific critical infrastructures like the defence, health or research sectors.

2.Indirect attacks

According to ANSSI, indirect attacks have known an important increase in 2018. Indeed, to avoid the security measures implemented by big companies, which are more and more aware of the cyber risk, the attackers aim intermediaries, like providers, who are more vulnerable, to reach their final targets.

Compromising one partner is enough to reach many companies. So it is essential to choose partners that place their information system’s security at the top of their concerns.

3.Destabilization and influence operations

Because of the nature of the targets and the claims, these attacks though technically moderate, have often an important symbolic impact. An increase has been observed in 2018.

4.Cryptojacking

For reminder, cryptojacking is a cyberattack that consists in using the computer’s power of its victim to mine cryptocurrency.

In 2018, many attacks of this kind were observed. The more and more organized attackers benefit from the security flaws to compromise their victims’ equipment by placing cryptocurrencies’ miners without them knowing it.

5.Online frauds

Online frauds represent as much of a constant cyber threat for the companies and the big organizations as for the individuals. ANSSI noted an important growth of online frauds last year. Big operators are becoming more concerned about cybersecurity, so the attackers turn towards targets less exposed but more vulnerable, like territorial authorities or actors in the health sector which thus were the targets of many phishing attacks in 2018.

Conclusion

The multiplicity and the magnitude of the attacks observed during 2018, prove that it is essential to implement security measures to prevent these cyber threats, within big organizations, big groups as well as small companies.

The conclusion is clear: 2018 proves once again that digital risk, far from being ethereal, must be at the heart of our concerns. Not only those of ANSSI! The cyberattacks affect all of society. That is why we must all seize the matter.” explains Guillaume Poupard, ANSSI’s General Director.