Summary of my blogs

Hai Pham - Week 12

Week 12 – Summary of my blog

The theme for my blog is Cybersecurity in Financial Service.  I chose this topic because I have been working for a financial services company and one of the top priority of the company is cybersecurity.  It is because the company keeps so much sensitive information such as customer personal information, proprietary information, monetary data, and these data so crucial to the company, to the customer that cannot be leak out.  If it does, the company would run into big problem such as damage reputation, financial lost, lawsuit and losing customers. 

All around my blog, all the topics were related to cybersecurity threats, data management, how to protect the data, most common threat to the financial security and the cybersecurity trend.

As it has been stated, financial institution hold both financial and personal confidential data and that was why it has been become one of the most targets for hackers to attack.  To prevent the attack or the loss of data, the companies have encrypted the data.  With encrypted data, the hackers have a very little chance to decrypt it and use it.

I have talked about different ways of data encryptions that financial institutions use the most.  The first technique that I mentioned was the Data Encryption Standard (DES) which used only 56 bit of key size to encrypted the data.  This method had some security holes so it has been implemented to have 168 bit, which is call Triple DES.  Then I talked about two other strong encryption methods, which were RSA and Blowfish that even have a strong encryption method that can secure the data more.

One of my blogs was talking about the most common way that hackers use to attack financial institution is Phishing.  Right after I talk about this, the WannaCry ransomware came out and it mainly use the Phishing method attack the PC’s users. 

Bottom line is financial institutions are the most victim for cyberattack.  Companies are fully aware of it but why there are still victims out there day after day?  Hackers are constantly finding the ways, smarter method to attack and so, financial companies need to keep their environment up-to-date with technology to protect themselves.

Blogging is a good way to share the thoughts to others.  When writing the blogs, it is required me to do some research to find out the facts and real examples about the topic that I am writing. This help me to broaden my knowledge.  Then I also have a chance to read other blogs and this definitely helps me with more useful information and thought that people share.

Cybersecurity Trend for 2017

Week 11 Blog – Hai Pham

Cybersecurity Trend for 2017 that company will focus to increase security for customers.

Target attack on entry point is one of the most popular attack nowadays.  As we can see now that many organization growing their services and businesses by using the third parties.  It is due to the time and cost saving, having larger resource network, gaining more expertise from third party, company can focus on their core products, having more flexibility and scalability.  However, beside those good and strong points of using third parties, the third party often have many security holes or week protections that so vulnerable and would very easy to become the victims for hackers to take advantage and attack.  With that, companies when working with third parties, they should also require much higher of security level before they should work with.

The current trend on security threat is less sophisticated malware and more on social engineering threat is happening now.  Cybercriminals are changing the method of attack by using the less simple and work but still affect more by using social engineering to attack.  The trend on the leading back show 75% incident on fraudulent with social engineering now and only 17% with malware.  Hackers switch to use a simple way with less effort and cost less but still making the same “profit”.  With that, financial institution will change accordingly to adapt with the threats on social engineering.

Compliance and Penetration testing are another key fields that financial institution should focus on.  Both compliance and Pen test increase the security and eliminate the risk of attack.

We might never have thought but insider operatives are actually the big threats.  Many employee can be exploited by criminals or even the third party.  Employee leak out data or information or sometime sell access to the criminals.   Once the hackers can get inside the network, they can steal or damage big things.

References:

Karpersky.  Cybersecurity in financial institutions 2016 — and what 2017 holds.  (2017).  Retrievd on 5/15/2017 from https://www.mitchellsny.com/blog/the-advantages-of-outsourcing-logistics-to-a-third-party/

WannaCry

Hai Pham - Week 10

Last week, I was written about the cyberattack upon the phishing and this week, on May 12, a huge cyberattack with WannaCry ransomware and mainly, bad guys used Phishing technique for an attack. 

As of Monday, May 15 2017, the attack affect about 230,000 computers in 150 countries.  The main business got affect badly were telecommunication in Spain, health services such as Britain’s National Health Service, shipping company such as FedEx and airline such as LATAM Airline.  There were four main countries got hit badly by WannaCry ransomware were Russia, Ukranine, India and Taiwan. 

WannaCry attacked thru phishing emails and on PC only, not MAC.  Once user click on the link, it will install the malware into the PC and then it uses EternalBlue Exploit and DoublePulsar Backdoor to spread through the local networks and all remote host that has no recent updates from Microsoft.  WannaCry will take the control over the host computer and it asked for the victim to pay ransom to get back the control.  If the victims do not pay for the ransom, WannaCry will delete all the encrypted files.

Did WannaCry give Financial Institution a big concern?  I think it really did.  Financial Institutions often have many confidential data and they often encrypted it.  Just think about the case of the banks got infected by WannaCry virus and all the customer information such as name, address, SSN, bank account numbers, debt info, credit card numbers, and mortgages data are affected and the banks lost the control over to those data or those data got delete?  I think it is very bad.

The key thing I see here is: it is very important for every single company to think and look the cyber threat is a real critical problem and it needs to be handle with serious matter.  Focusing on other kind of business and neglect about the cyber security is a huge mistake in our current life and business nowadays.  Again, I think the idea of “prevention is better than cure” works perfectly for cyber security.

Reference:

Wikipedia.  WannaCry ransomware attack.  Retried on 5/16/2017 from https://en.wikipedia.org/wiki/WannaCry_ransomware_attack

Epstein, Zach.  WannaCry: Everything you need to know about the global ransomware attack.  Retried on 5/16/2017 from  http://bgr.com/2017/05/15/wanna-cry-ransomware-virus-windows-wannacry-explainer

Phishing

With our current digital era, pretty much all businesses operate more and more business online.  It’s because the online service is fast, convenient, and we can reach out to do business with companies throughout the world.  However, beside the huge advantage of digital realm, it makes each of the business so vulnerable for cyberattack.

Phishing is one of the most popular attack for financial institutions.  Base on the 2016 Global Trend from Kaspersky Lab, “In 2016, the share of financial phishing increased 13.14 percentage points to 47.48% of all phishing detections”.  We can see the huge threats increase in 2016 and I think it will continue to grow more.

Phishing is a criminal act of using electronic communication to obtain the confidential information from people such as login id, password, credit card information, SSN, address, etc.  The most popular example that we often see from Phishing is email spoofing, which guide users open the email and start following the link and enter the personal information on the fake website that looks almost the same as the trusted bank or any trusted financial institutions.  Another example of phishing is the email contain the link to the website that has malware.

There is no way to stop or control Phishing and the only way that users can protect themselves is everybody should have some basic training and prepare for ourselves with some basic security awareness so when dealing or seeing Phishing attack, we know and stay away from it.

Reference:

Kaspersky Team.  Cybersecurity in financial institutions 2016 — and what 2017 holds.  (Mar 27, 2017).  Retrieved at 9:25am on May 9, 2017 from https://business.kaspersky.com/from-the-perils-to-strategies/6682/

Wikepedia.  Phishing.  (2017).  Retrieved at 9:25am on 5/9/2017 from https://en.wikipedia.org/wiki/Phishing

Week 8 Blog - Blowfish - Data Encryption

This week, I am going to talk about another popular and powerful way that financial institution often uses to encrypt the cyber data.  Blowfish is a method that designed to replace the Data Encryption Standard (DES).  It was developed by Bruce Schneier in 1993.  Blowfish has a 64-bit block size and a variable key length from 32 bits up to 448 bits.  It has a 16-round block cipher and uses the large symmetric key algorithms.

Blowfish used the idea of splitting the data into many blocks of 64 bits and encrypting each of them separately.  This algorithm would make Blowfish more secure and this has been one of the best data encryptions that has no effective cryptanalysis until now.

With Blowfish method, it gains couple strong key features below:

1   1.   More secure

     2.  Performance

3   3.  Free

With those three main features above, Blowfish is widely used in e-commerce for securing payments and password management.  However, there are some cons about Blowfish.  As mentioned above, Blowfish is fast block cipher but when we must change the keys for the encryption, each key requires some pre-processing that slow down the process.  Also, Blowfish has a memory footprint of 4KB of RAM.  Even though this is a very small memory but it might affect some small embedded system.  Last, Blowfish use only 64-bit block size, which is still relatively short that would have some security holes.  Therefore, a Twofish algorithm had come out, which used 128 bits with a key size up to 256 bit that really made Twofish secure.

Reference:

StorageCraft Technology Corporation. (2017).  5 Common Encryption Algorithms and the Unbreakables of the Future.  Retrieved from https://www.storagecraft.com/blog/5-common-encryption-algorithms

Wikipedia. Blowfish (cipher).  Retrieved from https://en.wikipedia.org/wiki/Blowfish_%28cipher%29

Wikipedia. Twofish.  Retrieved from https://en.wikipedia.org/wiki/Twofish

Hai Pham - Week 7 - RSA Data Encryption for Financial Institution.


Data encryption is just a process of scrambling the data so it is not readable by unintended people.  For a normal conversation, we don’t need to encrypt the data.  However, if banks, government or military groups don’t have any data encryption apply for their daily business, they would be in a very bad shape.

Having said that, this week, I am talking about the second common encryption that is used widely by financial institution, which is RSA which was made of the name of three people that invented this algorithm.  They are Ron Rivest, Adi Shamir and Leonard Adleman.

RSA is one of the most popular data encryption methods that is use for encrypting data over the internet.  With RSA, the encryption key is public and the decryption key is kept secret.  The encryption is based on the factoring of the two large prime numbers which makes it very hard for bad guys to decode it.  Again, it “only” can be decoded when a person has both public and private key.

The idea of RSA is: the public key can be sent to regular route, no need to be secret route (bad guys still can still the public key and encrypted message) but the private key will not be sent out, this would make RSA very strong encryption because without private key, it is extremely hard for anyone to decode it without a private key.

Reference:
StorageCraft Technology Corporation. (2017).  Retrieved from https://www.storagecraft.com/blog/5-common-encryption-algorithms/

Hai Pham - Week 6

One best common way for data encryption for now and future

For all financial institution, data encryption for both online transaction and data at rest would be extremely critical and important.  Without proper way of protect sensitive the data that is transfer or at rest, companies will run into the big problems such as damaging reputation, losing the trust from customer and paying for penalties. 

With that concern, let see what would be the best way to do data encryption to protect the enterprises.  This week, I am going to talk about one of the best way to do the data encryption to protect the data.

DES is stand for Data Encryption Standard.  DES was developed back in 1970 at IBM and it was considered to be one of the most secure options at that time.  However, it had some security holes due to the use of 56-bit key size, it was a bit short and hacker took the advantage on this and exploited it.  To improve the DES, a Triple DES came out to fix the issue of DES.  It uses three key with 56 bit each and this helped strengthen the encryption with the total of 168 bit in length, that was sufficient for data encryption.

Even though Triple DES has been out there for different organization and business to use (published in 1998) but it is still one of the top five data encryptions for financial institution for the current time and future. 

 

Reference:

StorageCraft Technology Corporation. (2017).  Retrieved from https://www.storagecraft.com/blog/5-common-encryption-algorithms/

Week 5 - “Cyber security is the most prevalent IT risk for banks”

KPMG had shown on their recent survey that the cyber security has the highest among other threats and risks, especially for the bank.

There were three major cyber security breach in 2015 and 2016 on 3 foreign banks that caused a huge financial lost about $100 millions.  The breaches were focus mainly on exploiting the weaknesses of the digital infrastructure of the bank that connect the banks to the global SWIFT network.

The first bank was the the Ecuadorian Banco del Austro.  It lost about $12 millions.  The second bank was the Vietnam’s Tien Phong Bank.  In this case, the hackers used fraudulent SWIFT messages to transfer more than EUR 1 million from TP Bank.  The third bank had the biggest financial lost, which was the Bangladesh Central Bank, the hacker was trying to transfer $850 million and then SWIFT detected a spelling error on the recipient name but $101 million were already transferred to the hacker account successfully.

The incidents had raised my concern and question that the foreign banks might not follow the same national security standards?  Why the security system did not raise any alert when a big amount of money was transferred?  The system should check for three main things such as:

1.    Is it during business hours?

2.    Is it under the money limitation for wired transfer?

3.    Who and where is the recipience?

 

What I was thinking is either the banks did not follow the international security standard and their security system has security holes or their security team was weak and short of knowledge on setup security issue. 

 

I would think the foreign banks should spend $1 million or even more to consult security experts from other countries to help them setting up a strong security policies and security systems or losing $100 million. 

 

Preference:

KPMG’s European Central Bank Office.  Cyber security is the most prevalent IT risk for banks.  (September 6, 2016).  Retrieved from https://home.kpmg.com/bh/en/home/insights/2016/09/cyber-security-most-prevalent-it-risk-fs.html

Week 4 Blog - Data Management

Week 4 Blog

Data Management

Nowadays, all businesses create and store more and more data than ever before.  Financial Institutions are the type of businesses that create a vast data for their daily business.  With a huge amount of data that include many sensitive data and intellectual data, they better need to manage the data very well.  This is not just for their duty, benefit, operation, but also for complying with different regulations.

So the questions are how they manage and protect the data?  What would be the tools they use? How financial institutions deal with different regulations? What human effort that they need to dedicate for data management?  Bad data management would cause data lost and lead to many terrible issues such as lost in revenue, lost customers’ trust, damage business reputation and also involving with penalties and fine.

Depending on each business type, I believe that company can purchase existing well known tool out there to do data management.  Each tool also should have the flexibility for each enterprise to custom their uses and needs.  Why doing some quick research on the web, I see that the InfoTrellis provide one of the powerful tool for data management.  MDM is the service and solution that would help financial institutions not only manage well data but also all the regulations.

Reference:

Infotrellis.  (August 8, 2016).  Retrieved from http://www.infotrellis.com/mdm-regulatory-compliance-banking-industry/

Week 3 Blog

Major cybersecurity Threats for Financial Institutions

Unencrypted Data would be the first one that financial institution has a great concern. All sensitive data that is in house or transferred thru the cyber space could be breached.  If they are all encrypted, then all the stolen data should be fine since the hackers have a very little chance to decrypt it and use it.

New technologies that the financial institutions adopt would be the second cyber threats.  To adapt with the new technology, to make the business more productive, to attract the customers with new services, man financial institutions willing to spend big money for having new technology for the daily services and operations.  However, new technologies might not have enough time to test throughout all the functions and lead some security holes that give the hackers a chance to break into the system.

Using third-party service might lead the financial institution into cyberattack since many third-party services don’t have a strong security protection or their employee lack of experiences on security or they just lazy to act on all security protections that lead the company into security data breach.

Mobile banking has been increased tremendously and as it is now, mobile devices do not have a strong security protection.  For example, many customers have micro memory card in their phone and they download and store sensitive company information there.  If the phone is stolen, the sensitive data can be opened and viewed easily. 

Reference:

Cybersecurity Association of Maryland, Inc, (Mar 2, 2016).  Retrieved from https://www.mdcyber.com/blog/top-10-cybersecurity-threats-financial-institutions/

Week 2 Blog

Financial Institution and Cypersecurity

I would say, cybersecurity would be one of the most important aspects of any financial institutions.  It is because the companies store and perform their daily business with two critical information.  They are financial data (money) and customer data (customer personal information), which are the two very sensitive and confidential information that has a huge impact on their business.

Nowadays, we have seen that the technology has been improved so much that all financial companies are moving forward to use online banking and services.  For example, when I refinance my house couple weeks ago, I could submit the application online.   Then other forms, the bank email to me, I could just fill it out, e-sign it and then submit them thru the bank’s security website.  I did not have to be at the bank office until the closing day.  Online services are the great ways to help both companies and customers do save time when doing business but it also leaves many security holes that would leave the bank with many vulnerable ways.  Bad guys exploit on those security holes to steal the money and customers’ personal information.  “When the financial services sector is disrupted, it can quickly cause instability for banking institutions and weaken public and consumer confidence overnight.”

Financial information and customers’ information is the crucial data for financial institutions.  Therefore, the task for IS Security team is to protect them by all mean became so vital.  Maintaining and keeping the financial institutions away from security threats are not an easy task but it is required that financial companies stay on top of security technology to protect themselves and their customers in term of readiness to defend and response all threats. 

Reference:

Schober, Scott (JULY 22, 2016).  How fraud and breaches of cybersecurity impact financial institutions.  Retrieved from http://www.ibmbigdatahub.com/blog/howfraud-andbreaches-cybersecurity-impact-financial-institutions