Summary of my blogs

Hai Pham - Week 12

Week 12 – Summary of my blog

The theme for my blog is Cybersecurity in Financial Service.  I chose this topic because I have been working for a financial services company and one of the top priority of the company is cybersecurity.  It is because the company keeps so much sensitive information such as customer personal information, proprietary information, monetary data, and these data so crucial to the company, to the customer that cannot be leak out.  If it does, the company would run into big problem such as damage reputation, financial lost, lawsuit and losing customers. 

All around my blog, all the topics were related to cybersecurity threats, data management, how to protect the data, most common threat to the financial security and the cybersecurity trend.

As it has been stated, financial institution hold both financial and personal confidential data and that was why it has been become one of the most targets for hackers to attack.  To prevent the attack or the loss of data, the companies have encrypted the data.  With encrypted data, the hackers have a very little chance to decrypt it and use it.

I have talked about different ways of data encryptions that financial institutions use the most.  The first technique that I mentioned was the Data Encryption Standard (DES) which used only 56 bit of key size to encrypted the data.  This method had some security holes so it has been implemented to have 168 bit, which is call Triple DES.  Then I talked about two other strong encryption methods, which were RSA and Blowfish that even have a strong encryption method that can secure the data more.

One of my blogs was talking about the most common way that hackers use to attack financial institution is Phishing.  Right after I talk about this, the WannaCry ransomware came out and it mainly use the Phishing method attack the PC’s users. 

Bottom line is financial institutions are the most victim for cyberattack.  Companies are fully aware of it but why there are still victims out there day after day?  Hackers are constantly finding the ways, smarter method to attack and so, financial companies need to keep their environment up-to-date with technology to protect themselves.

Blogging is a good way to share the thoughts to others.  When writing the blogs, it is required me to do some research to find out the facts and real examples about the topic that I am writing. This help me to broaden my knowledge.  Then I also have a chance to read other blogs and this definitely helps me with more useful information and thought that people share.

Cybersecurity Trend for 2017

Week 11 Blog – Hai Pham

Cybersecurity Trend for 2017 that company will focus to increase security for customers.

Target attack on entry point is one of the most popular attack nowadays.  As we can see now that many organization growing their services and businesses by using the third parties.  It is due to the time and cost saving, having larger resource network, gaining more expertise from third party, company can focus on their core products, having more flexibility and scalability.  However, beside those good and strong points of using third parties, the third party often have many security holes or week protections that so vulnerable and would very easy to become the victims for hackers to take advantage and attack.  With that, companies when working with third parties, they should also require much higher of security level before they should work with.

The current trend on security threat is less sophisticated malware and more on social engineering threat is happening now.  Cybercriminals are changing the method of attack by using the less simple and work but still affect more by using social engineering to attack.  The trend on the leading back show 75% incident on fraudulent with social engineering now and only 17% with malware.  Hackers switch to use a simple way with less effort and cost less but still making the same “profit”.  With that, financial institution will change accordingly to adapt with the threats on social engineering.

Compliance and Penetration testing are another key fields that financial institution should focus on.  Both compliance and Pen test increase the security and eliminate the risk of attack.

We might never have thought but insider operatives are actually the big threats.  Many employee can be exploited by criminals or even the third party.  Employee leak out data or information or sometime sell access to the criminals.   Once the hackers can get inside the network, they can steal or damage big things.

References:

Karpersky.  Cybersecurity in financial institutions 2016 — and what 2017 holds.  (2017).  Retrievd on 5/15/2017 from https://www.mitchellsny.com/blog/the-advantages-of-outsourcing-logistics-to-a-third-party/

WannaCry

Hai Pham - Week 10

Last week, I was written about the cyberattack upon the phishing and this week, on May 12, a huge cyberattack with WannaCry ransomware and mainly, bad guys used Phishing technique for an attack. 

As of Monday, May 15 2017, the attack affect about 230,000 computers in 150 countries.  The main business got affect badly were telecommunication in Spain, health services such as Britain’s National Health Service, shipping company such as FedEx and airline such as LATAM Airline.  There were four main countries got hit badly by WannaCry ransomware were Russia, Ukranine, India and Taiwan. 

WannaCry attacked thru phishing emails and on PC only, not MAC.  Once user click on the link, it will install the malware into the PC and then it uses EternalBlue Exploit and DoublePulsar Backdoor to spread through the local networks and all remote host that has no recent updates from Microsoft.  WannaCry will take the control over the host computer and it asked for the victim to pay ransom to get back the control.  If the victims do not pay for the ransom, WannaCry will delete all the encrypted files.

Did WannaCry give Financial Institution a big concern?  I think it really did.  Financial Institutions often have many confidential data and they often encrypted it.  Just think about the case of the banks got infected by WannaCry virus and all the customer information such as name, address, SSN, bank account numbers, debt info, credit card numbers, and mortgages data are affected and the banks lost the control over to those data or those data got delete?  I think it is very bad.

The key thing I see here is: it is very important for every single company to think and look the cyber threat is a real critical problem and it needs to be handle with serious matter.  Focusing on other kind of business and neglect about the cyber security is a huge mistake in our current life and business nowadays.  Again, I think the idea of “prevention is better than cure” works perfectly for cyber security.

Reference:

Wikipedia.  WannaCry ransomware attack.  Retried on 5/16/2017 from https://en.wikipedia.org/wiki/WannaCry_ransomware_attack

Epstein, Zach.  WannaCry: Everything you need to know about the global ransomware attack.  Retried on 5/16/2017 from  http://bgr.com/2017/05/15/wanna-cry-ransomware-virus-windows-wannacry-explainer

Phishing

With our current digital era, pretty much all businesses operate more and more business online.  It’s because the online service is fast, convenient, and we can reach out to do business with companies throughout the world.  However, beside the huge advantage of digital realm, it makes each of the business so vulnerable for cyberattack.

Phishing is one of the most popular attack for financial institutions.  Base on the 2016 Global Trend from Kaspersky Lab, “In 2016, the share of financial phishing increased 13.14 percentage points to 47.48% of all phishing detections”.  We can see the huge threats increase in 2016 and I think it will continue to grow more.

Phishing is a criminal act of using electronic communication to obtain the confidential information from people such as login id, password, credit card information, SSN, address, etc.  The most popular example that we often see from Phishing is email spoofing, which guide users open the email and start following the link and enter the personal information on the fake website that looks almost the same as the trusted bank or any trusted financial institutions.  Another example of phishing is the email contain the link to the website that has malware.

There is no way to stop or control Phishing and the only way that users can protect themselves is everybody should have some basic training and prepare for ourselves with some basic security awareness so when dealing or seeing Phishing attack, we know and stay away from it.

Reference:

Kaspersky Team.  Cybersecurity in financial institutions 2016 — and what 2017 holds.  (Mar 27, 2017).  Retrieved at 9:25am on May 9, 2017 from https://business.kaspersky.com/from-the-perils-to-strategies/6682/

Wikepedia.  Phishing.  (2017).  Retrieved at 9:25am on 5/9/2017 from https://en.wikipedia.org/wiki/Phishing

Week 8 Blog - Blowfish - Data Encryption

This week, I am going to talk about another popular and powerful way that financial institution often uses to encrypt the cyber data.  Blowfish is a method that designed to replace the Data Encryption Standard (DES).  It was developed by Bruce Schneier in 1993.  Blowfish has a 64-bit block size and a variable key length from 32 bits up to 448 bits.  It has a 16-round block cipher and uses the large symmetric key algorithms.

Blowfish used the idea of splitting the data into many blocks of 64 bits and encrypting each of them separately.  This algorithm would make Blowfish more secure and this has been one of the best data encryptions that has no effective cryptanalysis until now.

With Blowfish method, it gains couple strong key features below:

1   1.   More secure

     2.  Performance

3   3.  Free

With those three main features above, Blowfish is widely used in e-commerce for securing payments and password management.  However, there are some cons about Blowfish.  As mentioned above, Blowfish is fast block cipher but when we must change the keys for the encryption, each key requires some pre-processing that slow down the process.  Also, Blowfish has a memory footprint of 4KB of RAM.  Even though this is a very small memory but it might affect some small embedded system.  Last, Blowfish use only 64-bit block size, which is still relatively short that would have some security holes.  Therefore, a Twofish algorithm had come out, which used 128 bits with a key size up to 256 bit that really made Twofish secure.

Reference:

StorageCraft Technology Corporation. (2017).  5 Common Encryption Algorithms and the Unbreakables of the Future.  Retrieved from https://www.storagecraft.com/blog/5-common-encryption-algorithms

Wikipedia. Blowfish (cipher).  Retrieved from https://en.wikipedia.org/wiki/Blowfish_%28cipher%29

Wikipedia. Twofish.  Retrieved from https://en.wikipedia.org/wiki/Twofish