SlideShare a Scribd company logo

Could the Attacks on the SWIFT Network Have Been Prevented?

Easy Solutions Inc
Easy Solutions Inc

Evidence is mounting that the ecosystem surrounding SWIFT transfers is vulnerable to fraud. While it uses a private network, SWIFT is still a messaging system and therefore an avenue for cybercriminals to launch a wide range of electronic attacks. With the launching of SWIFT Web access end customers become more attractive targets, which may lead to more attacks as criminals start phishing campaigns to compromise SWIFT credentials.

Technology
1 of 25
How to Prevent SWIFT Network Attacks Paul Wilson Product Manager
AGENDA • Recent attacks on the SWIFT network • What are the SWIFT network’s vulnerabilities? • Could the attacks on the SWIFT network have been prevented? • How to quickly detect and stop fraudulent financial activity
3 Cybercriminals attempted to steal US$1 billion in an attack on a Bangladeshi bank
4 Highly Unusual Malware Used – mscoutc.exe • Used a vulnerability in a common pdf reader as attack vector • Deleted configuration and log files • Uses wipe-out techniques to prevent files from being recovered forensically • File-delete function • Manipulated printers to prevent SWIFT network confirmation messages from being received • Identical to Sony hack attack techniques
5 Hackers steal US$9 Million from Ecuadorean bank via SWIFT
6 These are just the attacks that have been made public through journalists and court records.
7 The SWIFT network is a messaging system at its core.
8 SWIFT recently launched a web access portal • SWIFT has noted that the network itself wasn’t compromised • ”…the attackers have exploited vulnerabilities in banks funds’ transfer initiation environments, prior to messages being sent over SWIFT.”
What SWIFT Says 9 “Please remember that as a SWIFT user you are responsible for the security of your own systems interfacing with the SWIFT network and your related environment – starting with basic password protection practices – in much the same way as you are responsible for your other security considerations.”
10 • SWIFT has noted that the network itself wasn’t compromised • ”…the attackers have exploited vulnerabilities in banks funds’ transfer initiation environments, prior to messages being sent over SWIFT.” Insiders are also a threat • Malware was designed just for the bank attacked in Bangladesh, defeating systems and checks • The SWIFT attacks have been so sophisticated and complex that it is surmised that an employee must have collaborated with the cybercriminals.
11 Could the SWIFT Attacks Have Been Prevented?
12 You may not know what future attacks will look like, but you can still make them harder for cybercriminals to launch.
13 Multi-Factor Authentication – The Bare Minimum
14 Malware Detection and Mitigation beyond Blacklists • Threats are moving faster than legacy endpoint detection solutions can identify and stop them • Having 100% of end users covered is crucial • The goal is disabling malware, not removing it.
15 Fraud Intelligence – Do you know if there are… Suspicious connections to your portals? Similar domains to yours on the web? Social media profiles using your brands, that you didn’t create? Unauthorized applications with your brand imagery on app stores? Spoofers of your domains sending fake messages?
16 16 • What if insiders disable all of your protection methods? • What if social engineering tricks your employees into enabling an attack? • What if the problem is at another less secure bank processing a transaction along with yours? When Every Other Protection Layer Breaks Down
17 All wire transactions passing from one bank account to another through SWIFT must be recorded, tracked and contextualized.
18 A spelling mistake in a transaction order, noticed by a bank employee, raised a red flag. It stopped millions of more dollars from being stolen. Machine learning can automate the discovery and alerting of such errors.
19 Manually updating lists of known or suspected fraudulent destinations, and the bank accounts tied to them, is no longer enough.
20 Rules for what you’ve seen before, machine learning and heuristic analysis to predict future fraud.
21 Compound Evaluations Events that might not indicate fraud by themselves may indicate it when found together.
Filters and Rules How to detect fraudulent transactions & activities First Stage Second Stage Third Stage Location Deviation Time Deviation Behavior Heuristic Engine Suspicious Activity Analyzers
Taking a complete approach • Behavioral Learning to react faster to new fraud strategies • Rules and Suspicious Activity Analyzers • Keep your best performing rules while leveraging heuristics for everything else • Complete Solution for Fraud Management 23
In Review Stopping SWIFT attacks in the future • Anomaly detection • Automated predictions through machine-based learning • Automatic list updates of suspicious fraudulent accounts/destinations • Compounded evaluations • All a part of DetectTA from Easy Solutions
Thank You Questions? Paul Wilson info@easysol.net

Recommended

What are various types of cyber attacks
What are various types of cyber attacksWhat are various types of cyber attacks
What are various types of cyber attackskanika sharma
 
BOTNET
BOTNETBOTNET
BOTNETSOHITGOBINDAMSHAW
 
Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1NihanthReddyBalaiahg
 
ATM Security
ATM SecurityATM Security
ATM SecurityRoushan Jha
 
Dyre Malware infographic
Dyre Malware infographicDyre Malware infographic
Dyre Malware infographicIBM Security
 
Cyber Attacks on Financial _ Vikjava
Cyber Attacks on Financial _ VikjavaCyber Attacks on Financial _ Vikjava
Cyber Attacks on Financial _ VikjavaSecurity Bootcamp
 
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsMitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsDigital Shadows
 
Important Notes
Important NotesImportant Notes
Important NotesUsman Abdullah
 

Recommended

What are various types of cyber attacks
What are various types of cyber attacksWhat are various types of cyber attacks
What are various types of cyber attackskanika sharma
 
BOTNET
BOTNETBOTNET
BOTNETSOHITGOBINDAMSHAW
 
Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1Detecting and mitigating cyber threats and attacks1
Detecting and mitigating cyber threats and attacks1NihanthReddyBalaiahg
 
ATM Security
ATM SecurityATM Security
ATM SecurityRoushan Jha
 
Dyre Malware infographic
Dyre Malware infographicDyre Malware infographic
Dyre Malware infographicIBM Security
 
Cyber Attacks on Financial _ Vikjava
Cyber Attacks on Financial _ VikjavaCyber Attacks on Financial _ Vikjava
Cyber Attacks on Financial _ VikjavaSecurity Bootcamp
 
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsMitre ATT&CK and the Mueller GRU Indictment: Lessons for Organizations
Mitre ATT&CK and the Mueller GRU Indictment: Lessons for OrganizationsDigital Shadows
 
Important Notes
Important NotesImportant Notes
Important NotesUsman Abdullah
 
Malicion software
Malicion softwareMalicion software
Malicion softwareA. Shamel
 
Ransomware attacks 2017
Ransomware attacks 2017Ransomware attacks 2017
Ransomware attacks 2017Thesis Scientist Private Limited
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking Јаѓќеѕн Јажѕшаф
 
Smartphones' Security
Smartphones' SecuritySmartphones' Security
Smartphones' SecurityNicola Cadenelli
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessBeyondTrust
 
How to Stop Man in the Browser Attacks
How to Stop Man in the Browser AttacksHow to Stop Man in the Browser Attacks
How to Stop Man in the Browser AttacksImperva
 
Security in Computing and IT
Security in Computing and ITSecurity in Computing and IT
Security in Computing and ITKomalah Nair
 
2017 IT Control Environment for Local Gov
2017 IT Control Environment for Local Gov2017 IT Control Environment for Local Gov
2017 IT Control Environment for Local GovDonald E. Hester
 
What is threat intelligence ?
What is threat intelligence ?What is threat intelligence ?
What is threat intelligence ?AariyaRathi
 
Man in the Browser attacks on online banking transactions
Man in the Browser attacks on online banking transactionsMan in the Browser attacks on online banking transactions
Man in the Browser attacks on online banking transactionsDaveEdwards12
 
Nonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportNonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportCommunity IT Innovators
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
Attacks using local system
Attacks using local systemAttacks using local system
Attacks using local systemArjun Trivedi
 
Man-In-The-Browser attacks
Man-In-The-Browser attacksMan-In-The-Browser attacks
Man-In-The-Browser attacksMário Almeida
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Cyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test themCyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test them24by7Security Inc
 
Data and Message Security
Data and Message SecurityData and Message Security
Data and Message SecurityNrapesh Shah
 
Overview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsOverview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsRecorded Future
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsBeyondTrust
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 
Zee internship report
Zee internship reportZee internship report
Zee internship reportCh,Zahid Manzoor
 
New project for automotive parts
New project for automotive partsNew project for automotive parts
New project for automotive partsArmike Wu
 

More Related Content

What's hot

Malicion software
Malicion softwareMalicion software
Malicion softwareA. Shamel
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessBeyondTrust
 
How to Stop Man in the Browser Attacks
How to Stop Man in the Browser AttacksHow to Stop Man in the Browser Attacks
How to Stop Man in the Browser AttacksImperva
 
Security in Computing and IT
Security in Computing and ITSecurity in Computing and IT
Security in Computing and ITKomalah Nair
 
2017 IT Control Environment for Local Gov
2017 IT Control Environment for Local Gov2017 IT Control Environment for Local Gov
2017 IT Control Environment for Local GovDonald E. Hester
 
What is threat intelligence ?
What is threat intelligence ?What is threat intelligence ?
What is threat intelligence ?AariyaRathi
 
Man in the Browser attacks on online banking transactions
Man in the Browser attacks on online banking transactionsMan in the Browser attacks on online banking transactions
Man in the Browser attacks on online banking transactionsDaveEdwards12
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysisdadkhah077
 
Attacks using local system
Attacks using local systemAttacks using local system
Attacks using local systemArjun Trivedi
 
Man-In-The-Browser attacks
Man-In-The-Browser attacksMan-In-The-Browser attacks
Man-In-The-Browser attacksMário Almeida
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
Cyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test themCyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test them24by7Security Inc
 
Data and Message Security
Data and Message SecurityData and Message Security
Data and Message SecurityNrapesh Shah
 
Overview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsOverview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsRecorded Future
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsBeyondTrust
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 

What's hot (20)

Malicion software
Malicion softwareMalicion software
Malicion software
 
Ransomware attacks 2017
Ransomware attacks 2017Ransomware attacks 2017
Ransomware attacks 2017
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Smartphones' Security
Smartphones' SecuritySmartphones' Security
Smartphones' Security
 
Enemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling AccessEnemy from Within: Managing and Controlling Access
Enemy from Within: Managing and Controlling Access
 
How to Stop Man in the Browser Attacks
How to Stop Man in the Browser AttacksHow to Stop Man in the Browser Attacks
How to Stop Man in the Browser Attacks
 
Security in Computing and IT
Security in Computing and ITSecurity in Computing and IT
Security in Computing and IT
 
2017 IT Control Environment for Local Gov
2017 IT Control Environment for Local Gov2017 IT Control Environment for Local Gov
2017 IT Control Environment for Local Gov
 
What is threat intelligence ?
What is threat intelligence ?What is threat intelligence ?
What is threat intelligence ?
 
Man in the Browser attacks on online banking transactions
Man in the Browser attacks on online banking transactionsMan in the Browser attacks on online banking transactions
Man in the Browser attacks on online banking transactions
 
Nonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportNonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident Report
 
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An AnalysisSecurity Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
Security Attacks in Stand-Alone Computer and Cloud Computing: An Analysis
 
Attacks using local system
Attacks using local systemAttacks using local system
Attacks using local system
 
Man-In-The-Browser attacks
Man-In-The-Browser attacksMan-In-The-Browser attacks
Man-In-The-Browser attacks
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lecture
 
Cyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test themCyber Vulnerabilities & How companies can test them
Cyber Vulnerabilities & How companies can test them
 
Data and Message Security
Data and Message SecurityData and Message Security
Data and Message Security
 
Overview of Recorded Future Intel Cards
Overview of Recorded Future Intel CardsOverview of Recorded Future Intel Cards
Overview of Recorded Future Intel Cards
 
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged AccountsHow Federal Agencies Can Build a Layered Defense for Privileged Accounts
How Federal Agencies Can Build a Layered Defense for Privileged Accounts
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
 

Viewers also liked

New project for automotive parts
New project for automotive partsNew project for automotive parts
New project for automotive partsArmike Wu
 
ed767a_bdcd3d54444d4dd1944d3166c493db98
ed767a_bdcd3d54444d4dd1944d3166c493db98ed767a_bdcd3d54444d4dd1944d3166c493db98
ed767a_bdcd3d54444d4dd1944d3166c493db98Abi Grogan
 
Recommendation Letter Adrián Picazo
Recommendation Letter Adrián PicazoRecommendation Letter Adrián Picazo
Recommendation Letter Adrián PicazoAdrian Picazo
 

Viewers also liked (11)

Zee internship report
Zee internship reportZee internship report
Zee internship report
 
New project for automotive parts
New project for automotive partsNew project for automotive parts
New project for automotive parts
 
Lesson planning
Lesson planningLesson planning
Lesson planning
 
7 Bishopsgate
7 Bishopsgate7 Bishopsgate
7 Bishopsgate
 
Paddington
PaddingtonPaddington
Paddington
 
ed767a_bdcd3d54444d4dd1944d3166c493db98
ed767a_bdcd3d54444d4dd1944d3166c493db98ed767a_bdcd3d54444d4dd1944d3166c493db98
ed767a_bdcd3d54444d4dd1944d3166c493db98
 
56f8b82ca2598bd78bf4a5af3085e811
56f8b82ca2598bd78bf4a5af3085e81156f8b82ca2598bd78bf4a5af3085e811
56f8b82ca2598bd78bf4a5af3085e811
 
Recommendation Letter Adrián Picazo
Recommendation Letter Adrián PicazoRecommendation Letter Adrián Picazo
Recommendation Letter Adrián Picazo
 
Sepam funciones
Sepam funcionesSepam funciones
Sepam funciones
 
Carbon nanotubes
Carbon nanotubesCarbon nanotubes
Carbon nanotubes
 
Mumbai
MumbaiMumbai
Mumbai
 

Similar to Could the Attacks on the SWIFT Network Have Been Prevented?

Swift-cyber-attacks.pptx
Swift-cyber-attacks.pptxSwift-cyber-attacks.pptx
Swift-cyber-attacks.pptxAmineRached2
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...Alan McSweeney
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.pptKaukau9
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer CrimesRaffa Learning Community
 
cybercrime survival guide
cybercrime survival guidecybercrime survival guide
cybercrime survival guideGary Gray, MCSE
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer CrimesRaffa Learning Community
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryInvincea, Inc.
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptschwarz10
 
The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.Teri Radichel
 
Protecting Your Business From Cybercrime
Protecting Your Business From CybercrimeProtecting Your Business From Cybercrime
Protecting Your Business From CybercrimeDavid J Rosenthal
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptxANIKETKUMARSHARMA3
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptxSohamChakraborty61
 

Similar to Could the Attacks on the SWIFT Network Have Been Prevented? (20)

Swift-cyber-attacks.pptx
Swift-cyber-attacks.pptxSwift-cyber-attacks.pptx
Swift-cyber-attacks.pptx
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
 
Bangladesh Bank Heist.ppt
Bangladesh Bank Heist.pptBangladesh Bank Heist.ppt
Bangladesh Bank Heist.ppt
 
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
Whitepaper Real Time Transaction Analysis And Fraudulent Transaction Detect...
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 
cybercrime survival guide
cybercrime survival guidecybercrime survival guide
cybercrime survival guide
 
2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes2014-09-03 Cybersecurity and Computer Crimes
2014-09-03 Cybersecurity and Computer Crimes
 
PoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail IndustryPoS Malware and Other Threats to the Retail Industry
PoS Malware and Other Threats to the Retail Industry
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.ppt
 
Globally.docx
Globally.docxGlobally.docx
Globally.docx
 
The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.The Threat Is Real. Protect Yourself.
The Threat Is Real. Protect Yourself.
 
Jon ppoint
Jon ppointJon ppoint
Jon ppoint
 
Lecture 3.pptx
Lecture 3.pptxLecture 3.pptx
Lecture 3.pptx
 
Protecting Your Business From Cybercrime
Protecting Your Business From CybercrimeProtecting Your Business From Cybercrime
Protecting Your Business From Cybercrime
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
Banks and cybersecurity v2
Banks and cybersecurity v2Banks and cybersecurity v2
Banks and cybersecurity v2
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 
Cyber Security Introduction.pptx
Cyber Security Introduction.pptxCyber Security Introduction.pptx
Cyber Security Introduction.pptx
 

Recently uploaded

"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsPaul Groth
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka DoktorováCzechDreamin
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsExpeed Software
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeCzechDreamin
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesThousandEyes
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityScyllaDB
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...CzechDreamin
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Alison B. Lowndes
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀DianaGray10
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Thierry Lestable
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1DianaGray10
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxDavid Michel
 

Recently uploaded (20)

"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 

Could the Attacks on the SWIFT Network Have Been Prevented?

  • 1. How to Prevent SWIFT Network Attacks Paul Wilson Product Manager
  • 2. AGENDA • Recent attacks on the SWIFT network • What are the SWIFT network’s vulnerabilities? • Could the attacks on the SWIFT network have been prevented? • How to quickly detect and stop fraudulent financial activity
  • 3. 3 Cybercriminals attempted to steal US$1 billion in an attack on a Bangladeshi bank
  • 4. 4 Highly Unusual Malware Used – mscoutc.exe • Used a vulnerability in a common pdf reader as attack vector • Deleted configuration and log files • Uses wipe-out techniques to prevent files from being recovered forensically • File-delete function • Manipulated printers to prevent SWIFT network confirmation messages from being received • Identical to Sony hack attack techniques
  • 5. 5 Hackers steal US$9 Million from Ecuadorean bank via SWIFT
  • 6. 6 These are just the attacks that have been made public through journalists and court records.
  • 7. 7 The SWIFT network is a messaging system at its core.
  • 8. 8 SWIFT recently launched a web access portal • SWIFT has noted that the network itself wasn’t compromised • ”…the attackers have exploited vulnerabilities in banks funds’ transfer initiation environments, prior to messages being sent over SWIFT.”
  • 9. What SWIFT Says 9 “Please remember that as a SWIFT user you are responsible for the security of your own systems interfacing with the SWIFT network and your related environment – starting with basic password protection practices – in much the same way as you are responsible for your other security considerations.”
  • 10. 10 • SWIFT has noted that the network itself wasn’t compromised • ”…the attackers have exploited vulnerabilities in banks funds’ transfer initiation environments, prior to messages being sent over SWIFT.” Insiders are also a threat • Malware was designed just for the bank attacked in Bangladesh, defeating systems and checks • The SWIFT attacks have been so sophisticated and complex that it is surmised that an employee must have collaborated with the cybercriminals.
  • 11. 11 Could the SWIFT Attacks Have Been Prevented?
  • 12. 12 You may not know what future attacks will look like, but you can still make them harder for cybercriminals to launch.
  • 14. 14 Malware Detection and Mitigation beyond Blacklists • Threats are moving faster than legacy endpoint detection solutions can identify and stop them • Having 100% of end users covered is crucial • The goal is disabling malware, not removing it.
  • 15. 15 Fraud Intelligence – Do you know if there are… Suspicious connections to your portals? Similar domains to yours on the web? Social media profiles using your brands, that you didn’t create? Unauthorized applications with your brand imagery on app stores? Spoofers of your domains sending fake messages?
  • 16. 16 16 • What if insiders disable all of your protection methods? • What if social engineering tricks your employees into enabling an attack? • What if the problem is at another less secure bank processing a transaction along with yours? When Every Other Protection Layer Breaks Down
  • 17. 17 All wire transactions passing from one bank account to another through SWIFT must be recorded, tracked and contextualized.
  • 18. 18 A spelling mistake in a transaction order, noticed by a bank employee, raised a red flag. It stopped millions of more dollars from being stolen. Machine learning can automate the discovery and alerting of such errors.
  • 19. 19 Manually updating lists of known or suspected fraudulent destinations, and the bank accounts tied to them, is no longer enough.
  • 20. 20 Rules for what you’ve seen before, machine learning and heuristic analysis to predict future fraud.
  • 21. 21 Compound Evaluations Events that might not indicate fraud by themselves may indicate it when found together.
  • 22. Filters and Rules How to detect fraudulent transactions & activities First Stage Second Stage Third Stage Location Deviation Time Deviation Behavior Heuristic Engine Suspicious Activity Analyzers
  • 23. Taking a complete approach • Behavioral Learning to react faster to new fraud strategies • Rules and Suspicious Activity Analyzers • Keep your best performing rules while leveraging heuristics for everything else • Complete Solution for Fraud Management 23
  • 24. In Review Stopping SWIFT attacks in the future • Anomaly detection • Automated predictions through machine-based learning • Automatic list updates of suspicious fraudulent accounts/destinations • Compounded evaluations • All a part of DetectTA from Easy Solutions

Editor's Notes

  1. What is the purpose of this slide?
  2. Image - http://www.stellarintelligence.com/wp-content/uploads/2016/01/banner3.jpg
  3. Image- http://www.komaxgroup.com/~/media/Wire/Images/Visuals/slide-1.jpg
  4. Image - https://edc2.healthtap.com/topics/145988154_large.jpg