In an endeavor to steal some sensitive data of users, now the cyber-criminals have been targeting the financial firms by building a concealed tunnels to break into the networks. According to a recent report by Vectra, these types of attack behaviors are almost the same as those which led to the 2017 Equifax breach.
According to the latest report, Spotlight Report on Financial Services 2018, attackers can easily gain remote access via the use of command-and-control (C&C) concept. In the data analyzed, the attackers had established near about 30 web shells that are available from approximately 35 different public IP addresses, which allowed them to exfiltrate data while going hidden.
While the attackers regularly leverage some hidden tunnels to infiltrate networks with the strong access controls, as legitimate applications also use some hidden tunnels to bypass security controls which sometimes can compromise full functionality. That’s why it is one of the best and successful attack method for criminals.
Chris Morales, head of security analytics at Vectra said that every industry has a profile of network and also the behavior of users which directly relates to the specific business models, users, and applications. Attackers will blend and mimic in with these type of behaviors and also make them difficult to expose.
In latest innovation, Vectra spotted that more hidden C&C tunnels and more than twice as many of the hidden data-exfiltration tunnels as per the 10,000 devices in the financial services than some all other industries combined.
To avoid the firewalls, some of the attackers use special tunneling tools to move tangentially, stockpiling data from the database after the database as they go. However, they were easily able to accumulate so much data that it then already needed to be divided into some smaller stockpiles so that no any alarm bells went off during the exfiltration.
The report also said that all these points are on the one uncomfortable fact that the largest enterprise organizations in the world will always remain profitable targets for the complicated cyber-attackers. But the security breaches across the multiple industries build ahead on an upward path, and the industry related to financial services is no any exception.