search.noResults

search.searching

note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
IBS Journal December 2016


41


before it had even been launched. The attack was foiled after it was discovered by staff at cyber security firm Digital Shadows.


The company’s Vice President of Service Delivery Becky Pinkard points out that an unsecured testing environment had left it vulnerable to attackers. “This portal was already being discussed in cyber criminal forums where weaknesses were being deconstructed, whilst hackers also tested malware against the prototype site. The company was fortunate in that we discovered this issue early enough in their testing cycle so that customers were not impacted, although it did mean a push back on their release date in order to verify the integrity of their site and to put more stringent access controls in place.”


Range of threats


Cyber threats can come from a variety of sources ranging from state actors and intelligence agencies to rogue hackers and disgruntled company insiders. Methods are equally wide-ranging, from malware attacks that use software such as Trojans and worms


to target a system directly, to phishing and CEO fraud, where individual staff are manipulated or tricked into performing acts that could lead to breaches.


Cameron Brown, an independent cyber defence advisor who also consults for the cyber risk strategy practice at EY, says the most immediate threats to FinTech are criminals looking to extort money, as well as competitors attempting to steal intellectual property. “Web applications are the chief target for threat actors because this is literally where information about the money is stored. They account for the lion’s share of breaches hitting financial services firms. Moving forward, the problem is likely to compound as more interfaces are established between FinTech startups and more traditional providers in the financial service industry. As the volume of sensitive data crossing these interfaces increases, the corresponding magnitude of risk will magnify. Haphazardly designed application programming interfaces between systems are a soft target for hackers.”


The fallout from a cyber attack is not only financial but can also be reputational, not just to individual


www.ibsintelligence.com


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52