Protecting Financial Institutions – Q&A with Deep Instinct’s Shimon Noam Oren

Financial institutions today are tasked with more responsibility than ever before when it comes to keeping sensitive information safe, and it’s one of the industry’s biggest obligations to clients. While biometric technology and artificial intelligence (AI) helps keep some information secure, hackers are still finding ways to access bank accounts and key investment portfolios. In an effort to combat such security threats, financial services companies can leverage AI in their cybersecurity strategy to create a stronger line of defense. Shimon Noam Oren, Head of Cyber Intelligence at Deep Instinct, explains how financial institutions can overcome current security risks and challenges. 

1. What are the top three risks and concerns that the financial industry currently faces? 

Malware infection – Financial institutions are a magnet for malware campaigns, such as spyware, ransomware and a long list of financial malware families affecting their networks, customers and online services. The monetary assets and sensitive information the industry holds and manages makes it a lucrative target for attack, and at the same time, carries significant liabilities and risks making the threat factor extremely high. Therefore, financial institutions simply cannot allow themselves to fall victim to widespread ransomware attacks or major data breaches. That is also why we are seeing tougher regulation and standardization of the security requirements in the industry. 

DDoS – Online services are integral to the industry’s offering, and constitute a growing part of the daily inbound and outbound business processes. DDoS attacks are becoming bigger in scale, volume and frequency and are also harder to mitigate than in the past. They threaten the availability and integrity of online services and communication. Financial institutions will have to invest additional resources and technologies (both in hardware and software) to improve resilience, real time mitigation and remediation where necessary.  

BEC – Business Email Compromises are causing great damage. They are more sophisticated than ever, and rely on social engineering and accurate reconnaissance attackers collect based on credential and contact information theft, backdoor accesses and network presence. When carried out by an experienced hacker, BEC’s are extremely hard to trace and stop partly because they involve human interaction and error. The key for protection in this case is preventing access, exploitation and infection in the earliest possible stage of the attack chain, thus eliminating attackers’ ability to carry out an attack that is likely to succeed. 

2. How can the financial services combat these risks? 

Artificial intelligence and machine learning are crucial for an efficient cybersecurity posture today, especially for financial institutions. Financial institutions are attacked by hundreds of different malware types and families, emanating from various hacking groups, producing thousands upon thousands of new malware variants a day. While attacks on large financial institutions require more sophisticated malware than attacks on end-users, these breaches are potentially much more profitable and have severe ramifications. Solutions that leverage the power of AI and deep learning have a strong predictive nature on new, unseen malware which poses the biggest risk and is exactly what financial institutions are challenged with daily. 

3. How do you see AI and machine learning improving security processes?

Artificial intelligence, especially deep learning, acts as an artificial brain that can detect and respond to threats in real-time. Having this instant protection from zero-day threats and APT attacks on endpoints, servers and mobile devices is crucial.   

4. Do you have any examples of AI playing a key role? 

The recent ransomware attack, WannaCry, is a great example in this regard.  The WannaCry variant that caused havoc last weekend wasn’t the first of its kind. WannaCry had previous variants that were very similar in functionality but simply did not use the SMB vulnerability for lateral movement and infection. Nevertheless, this variant went undetected by the majority of AV/Anti-Malware solutions, except a selected few who base their solution on AI. Deep learning technology is able to detect these types of attacks before they occur. 

5. How might AI make security more challenging?  

AI and ML tools, open-source libraries and resources are becoming widely available, and can be leveraged by black-hat hackers as well. We’ll likely be seeing more malware families and variants that are based on such tools and capabilities.   

6. Do you believe AI and machine learning can ultimately help hackers and criminals? 

Artificial intelligence can enable hackers to try and engineer malware that will aim to bypass or challenge next-gen security solutions. That will put these solutions to the test and will enable testers and evaluators to better differentiate between vendors, their expertise and know-how in the implementation of AI to cyber security. 

7. Over the next five years, do you anticipate new cybersecurity technology coming out specifically for financial services (i.e. biometrics, mobile banking) 

 Cyber technology for financial institutions will likely evolve over the next five years, especially as mobile banking and biometrics becomes a more popular method of conducting business. One of the most commonly-used capabilities for performing fraudulent transactions is intersecting text/voice communication with banks (e.g. receiving one-time passwords through text messages to confirm a transaction). The permission to access text messages or voice calls is usually given by the users, when they unknowingly install the malicious application. This makes endpoint and mobile security even more crucial for financial institutions such as banks. 

8. What should c-level executives within these financial services companies keep in mind when it comes to cybersecurity? 

C-level executives and board members should understand the importance of investing in cybersecurity and the role it plays in daily business operations. Having an open line of communication with the IT department is also key in making sure the business is protected.   

Shimon Noam Oren, Head of Cyber Intelligence, Deep Instinct  

Image Credit: MaximP / Shutterstock