Malware — particularly banking Trojans — can paralyze a financial institution’s network and gain illegitimate access to sensitive financial data. This malicious software is continuously adapting to and keeping pace with technological advances in network security and data protection. With its constant and rapid evolution, financial firms are finding it difficult to stay ahead and combat this cyber threat.
To stop banking Trojans in their tracks, it’s essential for financial institutions to implement cybersecurity best practices and employ industry-leading software. Combining vigilant action with technological safeguards can help organizations overcome the challenges that banking Trojans present.
Here’s what financial institutions can expect with banking Trojans and how firms can protect themselves against this ever-evolving threat.
Banking Trojans continue to expand not only their targets but also their reach, taking aim at different devices and organizations of all sizes. Here are upcoming trends that financial firms should look out for when it comes to banking Trojans:
- Banking Trojans will keep on growing and evolving.
Banking Trojans won’t be going away anytime soon, and cyber attacks using this type of malware will continue to rise. In the last quarter of 2017, the number of new malware samples grew to 32 percent, according to a threat report released by McAfee Labs.
The report also noted new tactics such as fileless malware, a type of script-based malware leveraging Microsoft PowerShell to implant malicious software. Last year saw a boost in script-based attacks, which surged to over 400 percent. Cyber criminals are also adding ransomware to traditional banking Trojans with a goal of extorting money and disrupting corporate networks. An example of this is the TrickBot Trojan, a banking trojan that emerged in 2016 but has been recently upgraded with a new module using a lockscreen similar to what’s seen in ransomware attacks. This locking system is mainly used to target unpatched corporate networks and extort money from victims.
- Email will continue to be a potent form of delivering and distributing banking Trojans.
Attackers will continue using malicious email campaigns — spam, phishing, and email fraud — as a predominant point of entry for banking Trojans. Along with ransomware, banking Trojans accounted for over 80 percent of malicious emails sent in 2017, making them the most widely distributed malware types, according to Proofpoint’s 2018 Human Factor report. Moreover, the reach of banking Trojans is global, appearing in more than 30 percent of malicious email messages in Australia, Europe, and Japan.
Commercial banking was also one of the industries with the highest click rates for malicious emails based on Proofpoint’s findings. This shows that bad actors are counting on the human factor of opening a message, clicking on a link, or downloading an attached file to achieve their goal of spreading malware and banking Trojans.
- Banking Trojans will continue to exploit mobile devices.
As mobile banking adoption rises, so do threats targeting this specific channel in the form of mobile malware. Mobile malware attacks will increase in number and grow in complexity. In the third quarter of 2017 alone, McAfee Labs detected more than 16 million mobile malware attacks based on its mobile threat report.
Last year also saw a rise in mobile banking Trojans, according to McAfee Labs’ mobile threat report. These mobile banking Trojans were delivered in the form of fake updates or email or SMS phishing. They also targeted both small regional banks and large multinational banks through specifically crafted mobile apps or phishing campaigns.
- Banking Trojans will use sophisticated evasion techniques to avoid detection.
Detecting banking Trojans will become more difficult as they find new ways to bypass security defenses and hide behind encrypted traffic and typical application functionalities. Exploit kits, a type of evasive malware targeting security holes and vulnerabilities in software and systems, were one of the most effective attack vectors in 2017 based on research conducted by Minerva Labs. Over 60 percent of exploit kits applied evasive techniques to avoid detection, and according to Minerva Labs, this threat will likely persist.
These trends provide a glimpse into the future of banking Trojans. This threat’s persistence highlights the importance of establishing an effective strategy to safeguard your financial institution from banking Trojans.
Data Protection and Banking Trojans: Best Practices for Financial Institutions
To keep your organization’s network and data safe from banking Trojans, you’ll need to combine cybersecurity practices and best-of-breed software. Bringing these two elements together can ward off cyber threats and prevent them from infecting your network and stealing critical financial information.
Here are best practices that financial firms can apply to control the threat posed by banking Trojans:
- Education and awareness is the best defense. Educating your employees on safe email practices can reduce your organization’s risk of infection from malware and banking Trojans. Conducting periodic security awareness training keeps data security top of mind for your staff.
Incorporate phishing simulations that employ real-world tactics into your security awareness training programs. These simulations can be done on platforms used by your firm, including cloud applications, email, mobile devices, and the web. This helps your employees recognize attacks that specifically target them on different channels.
- Keep your software and systems updated. Establish routine procedures for applying system updates and security patches to fix any vulnerabilities that banking Trojans are designed to exploit. Implementing a patch management system can automate the deployment and maintenance of updates and security patches and ensure that they’re delivered in a timely manner. Firms that successfully avoid banking Trojans also have a process for upgrading or replacing old systems that are no longer supported.
- Implement a strong firewall solution. Forward-thinking firms are enabling anti-spoof filtering for their firewalls, and they’re enforcing restrictions on compromised ports. For instance, the WannaCry ransomware and its successor, UIWIX, used TCP port 445 as their point of entry, so make sure that particular port is blocked.
- Apply advanced endpoint protection. Sophisticated threats need equally sophisticated defenses like advanced endpoint protection. This element of cybersecurity software ensures the security of your organization’s endpoint systems by blocking the methods used to distribute malware, escape detection, and steal credentials. It weeds out evasive attacks and stops existing and zero-day malware.
Intercept X from Sophos is an advanced endpoint protection solution that uses a deep learning neural network to detect both known and unknown malware without relying on signatures. This makes Intercept X more flexible and responsive than traditional endpoint protection solutions that use signature-based detection. Intercept X’s detection and response technology also provides complete visibility into the root causes of attacks and prescribes actions to further bolster your defenses.
- Bring in the experts. An experienced third-party organization can provide expert guidance on protecting your financial institution’s network and data from banking Trojans. They can assist you in implementing safeguards and recommend solutions tailored to your firm’s security needs.
Cybersecurity best practices coupled with stellar software solutions can fortify your organization’s defenses against banking Trojans. This ensures that your financial institution is protected from cyber threats now and in the future.
Trust DataComm to provide you with the protection you need to keep your network and data safe from malware and banking Trojans. Our suite of network security solutions provides threat detection and prevention, while our proven team of experts can help your financial institution proactively respond to threats. Get in touch with us today to learn more about how we can help you.