Data Attacks, Ransomware, and the Impact on the Financial Sector

This article was written by Steven Jupp, CEO at Avem Capital Limited.

Having spent most of my life working with technology companies, firstly as a hobby, then as a career and finally as an owner, I have seen many changes in businesses' perception of security. Coupled with these changes there have been a variety of advances in the methods used to hack, crack, phish and infect technology-based systems.

[gptAdvertisement]

The London Summit 2017 is coming, get involved!

In today’s world it has unfortunately become commonplace that we are facing an ever-growing threat from an increasing scope of technologically focused criminals. As we are seeing in the physical criminal world, the world of cybercrime is also growing and increasing in line with the opportunities it creates. It is evident that these opportunities are not only for those using technology to enrich their daily lives, but these opportunities are also for criminals exploiting its use as well.

The world of cybercrime is growing and increasing in line with the opportunities it creates

In a world where businesses can be brought to their knees within minutes or held ransom to large financial demands, one would expect a financial firm to adopt the highest degree of logical security to match the physical building’s security. I myself have witnessed horrific networks, bolted together by inexperienced IT engineers or even admin staff, attaching just about everything possible to a so-called, secure infrastructure.

I started writing this article a few weeks prior to the Wannacry ransomware propagation of the internet of everything. Poorly patched and out of date operating systems were the cause of a global outbreak of which many in the logical security sector would deem ridiculous.

On a number of occasions I have read about previous ransom operations, whether directly attacking a corporation, or worm type attacks as seen with Wannacry. Aside from the ones reported in the press, there is also a worrying trend on the number of hidden attacks, not disclosed to public by corporations. This was reported by a number of security officials, including myself, as far back as 2008 and then through the Securities and Exchange Exchange An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectiv An exchange is known as a marketplace that supports the trading of derivatives, commodities, securities, and other financial instruments.Generally, an exchange is accessible through a digital platform or sometimes at a tangible address where investors organize to perform trading. Among the chief responsibilities of an exchange would be to uphold honest and fair-trading practices. These are instrumental in making sure that the distribution of supported security rates on that exchange are effectiv Read this Term Commission of the US requesting disclosure in October 2011.

Quick Fixes?

Some now argue that companies keeping these attacks secret may lead to quicker fixes, but I would consider them to actually be protecting their entities from reputational harm. In some guises, there is obviously a need for the consideration of secrecy, but I would argue that in the world of finance, where Regulation Regulation Like any other industry with a high net worth, the financial services industry is tightly regulated to help curb illicit behavior and manipulation. Each asset class has its own set of protocols put in place to combat their respective forms of abuse.In the foreign exchange space, regulation is assumed by authorities in multiple jurisdictions, though ultimately lacking a binding international order. Who are the Industry’s Leading Regulators?Regulators such as the UK’s Financial Conduct Authority ( Like any other industry with a high net worth, the financial services industry is tightly regulated to help curb illicit behavior and manipulation. Each asset class has its own set of protocols put in place to combat their respective forms of abuse.In the foreign exchange space, regulation is assumed by authorities in multiple jurisdictions, though ultimately lacking a binding international order. Who are the Industry’s Leading Regulators?Regulators such as the UK’s Financial Conduct Authority ( Read this Term is increasing, the disclosure of such attacks is paramount to the client’s financial integrity.

Previously, most disclosures have been based on identity theft, account details and even the recent 191 million US voter registration records loss. However, with a new world of financial gains being made through ransom, we now enter a potentially catastrophic situation whereby a hedge fund or financial institution is held to ransom by organized crime. If the company is made to report the attack immediately, they could complicate / elongate the process of strengthening their cyber defense systems. Leaving the attack undisclosed however, could lead to a further attack of other firms.

There is currently an unhealthy wave of patchy laws and regulation globally

There is currently an unhealthy wave of patchy laws and regulation globally. This has led to mainly voluntary sharing of threat information. The governments of the world need to act extremely fast or the financial sector risks being a 'cherry to pick'. The finance industry is fast becoming a rich flavor for the organized and even less organized crime syndicates around the globe and our collective efforts are required to detract anyone who thinks they can benefit from this.