Hackers batter financial sector with login attacks

Published: February 23, 2020
PHOTO: Reuters

PHOTO: Reuters

Financial services companies continue to be a recurrent target of hackings. Attacks against the financial sector are growing in ‘quantity and sophistication’ according to a new report from Akamai Technologies.

In August 2019 Akamai observed a record-breaking attack against a financial firm. This attack included 55 million malicious login attempts. Although the attackers eventually failed Akamai report notes that financial services companies remain the primary target of hackers.

Hacker used $35 computer to steal NASA data

According to the report from December 2017 through November 2019, 85,422,079,109 credential abuse attacks occurred across Akamai’s customer base. 20 per cent or 16,557,875,875, were against hostnames that were clearly identified as API endpoints. Of these, 473,518,955 attacked organizations in the financial services industry.

The report revealed that Malaysia was the third-largest source of attacks, behind China and the United States: “In our most recent data set, Malaysia accounts for 351,107,813 of the malicious logins against financial services, or 21.49% (a drop of 1.66%, despite the 100-million-plus increase in total malicious login count).”

Pakistan’s cyberspace at the mercy of hackers

As credential stuffing, SQLi and DDoS attacks continue to threaten the financial sector; the report proposes to fight this assault with the Zero Trust model.

“The Zero Trust model replaces “trust, but verify” with “trust nothing, and trust no one.” Under Zero Trust, the network cuts off all access to network resources until it determines who the user is, and whether they’re authorized. Nothing, absolutely nothing, inside or outside of the network is trusted” the report observes.

It will be harder for criminals to leverage phishing or custom command and control servers – the report suggests – since DNS can be blocked at the source.

Facebook Conversations

Leave Your Reply Below

Your comments may appear in The Express Tribune paper. For this reason we encourage you to provide your city. The Express Tribune does not bear any responsibility for user comments.

Comments are moderated and generally will be posted if they are on-topic and not abusive. For more information, please see our Comments FAQ.

More in Technology