The financial sector has long been heavily targeted by cybercriminals. Over the years, the number of Cyberthreats and attacks that involved extortion, social engineering, and credential-stealing malware has surged rapidly. This means that financial institutions should strive to familiarise themselves with the threats and the agents behind them. Here are seven new threats and tactics, techniques, and procedures that security professionals should know about. Extortion Distributed denial of service (DDoS) attacks, which are typically delivered from massive botnets of zombie computers or internet of things (IoT) devices, have been used to bring down banking networks. This occurs when a targeted server or system is overwhelmed by multiple compromised networks. It’s essentially like a traffic jam clogging up the highway, preventing regular traffic from arriving at its intended destination. Some cybercriminals are relentless with DDoS attacks and follow them up with cyberextortion, demanding payment in return for release from costly downtime. Banks cannot defend against these attacks alone, so they rapidly share information among themselves through organisations such as FS-ISAC4 and rely upon the ability of their internet service provider to handle and redirect massive quantities of traffic. Social media attacks This happens when fraudsters use fake profiles to gather information for social engineering purposes. Thankfully, with new regulations such as the General Data Protection Regulation (GDPR), big companies like Facebook and Twitter have significantly enhanced their security and privacy policy with regards to their data handling practices. The unprecedented reach of social media is something companies cannot afford to ignore because of the possible implications a data breach can have on businesses. Cybercriminals and Spear phishing Spear phishing is an attack where cybercriminals send out targeted emails ostensibly from a known or trusted sender in order to trick the recipient into giving out confidential information. Over the years, hackers have upped their game and cast a bigger net, targeting unwitting employees to wire money. This attack is called business email compromise (BEC), where a fraudster will purport to be a CEO or CFO and request for large money transfers to bogus accounts. Point-of-sale (PoS) malware PoS malware targets PoS terminals to steal customer payment (especially credit card) data from retail checkout systems. Cybercriminals use a memory scraper that operates by instantly detecting unencrypted type 2 credit card data, which is then sent to the attacker’s computer to be sold on underground sites. ATM malware GreenDispenser is an ATM-specific malware that infects ATMs and allows criminals to extract large sums of money while avoiding detection. Recently, reverse ATM attacks have also emerged. Here, PoS terminals are compromised and money mules reverse transactions after money is withdrawn or sent to another bank account. In October 2015, issuers were mandated to shift to EMV or Chip-and-PIN system to address the weakness of the previous payment system. Credential theft malware Dridex, a well-known credential-stealing software, is a banking Trojan that is generally distributed through phishing emails. It infects computers, steal credentials, and obtain money from victims’ bank accounts. Other sophisticated threats Various data breach methods can be combined to extract data on a bigger scale. Targeting multiple geographies and sectors at once, this method normally involves an organised crime syndicate or someone with a highly sophisticated setup. For example, the group Carbanak primarily targeted financial institutions by infiltrating internal networks and installing software that would drain ATMs of cash. Additionally, with the rise of cryptocurrency, cybercriminals are utilising cryptojacking, a method that involves the secret use of devices to mine cryptocurrency. The creation of defensive measures requires extensive knowledge of the lurking threats, and our team of experts is up to date on the latest security information. If you have any questions, feel free to contact Multi IT today or give us a call on 011 435 0400 to find out more about TTPs and other weapons in the hacker’s toolbox.

Many internet users still do not understand what the padlock icon in their web browser’s address bar is for. It represents HTTPS ( Hypertext transfer protocol secure ), a security feature that authenticates websites and protects the information users submit to them. This is an important feature that lets users know whether the website they are visiting is secure or not. HTTPS Encryption When you visit a website that doesn’t use HTTPS, which is common with older websites that have been left on its domain with minimal intervention, everything you type or click on that website is sent across the network in plain text. So, if your bank’s website doesn’t use the latest protocols, your login information can be decrypted by anyone with even the most basic tools. HTTPS Certificates The other thing outdated web browsing lacks is publisher certificates. When you enter a web address into your browser, your computer uses an online directory to translate that text into numerical addresses then saves that information on your computer so it doesn’t need to check the online directory every time you visit a known website. The problem is that if your computer is hacked, it could be tricked into directing www.google.com to the address 8.8.8.255, for example, even if that’s a malicious website. Oftentimes, this strategy is implemented to send users to sites that look exactly like what they expected, but are actually false-front sites designed to trick you into providing your credentials. HTTPS (Hypertext transfer protocol secure) creates a new ecosystem of certificates that are issued by the online directories mentioned earlier. These certificates make it impossible for you to be redirected to a fraudulent website. What this means for daily browsing Most people hop from site to site too quickly to check each one for padlocks and certificates. Unfortunately, HTTPS (Hypertext transfer protocol secure) is way too important to ignore. Here are a few things to consider when browsing: If your browser marks a website as “unsafe”, it is always best to err on the side of caution; do not click “proceed anyway” unless you are absolutely certain nothing private will be transmitted.There are web browser extensions that create encrypted connections to unencrypted websites (HTTPS Everywhere is a reliable Firefox, Chrome, and Opera extension that encrypts your communications with websites).HTTPS certificates don’t mean anything if you don’t recognise the company’s name. For example, goog1e.com (with the “l” replaced with a one) could have a certificate, but that doesn’t mean it’s a trustworthy site. Many unscrupulous cyber-criminals utilise similar spellings of legitimate websites to fool people into thinking that they are in a secure site. Always be vigilant.Avoid sites that don’t use the HTTPS protocol — it can be as simple as that. When you’re ready for IT support that handles the finer points of cyber security like safe web browsing, contact Multi IT today or give us a call on 011 435 0400.

While most Office 365 apps serve a unique purpose, tools like Outlook, Teams and Groups and Yammer can all be used for office communication and collaboration. However, there are small differences in the way they can be used. Let us break it down for you. Outlook Groups With Outlook Groups, every member gets a shared inbox, calendar, project planner, notebook, and document library. You also get the ability to connect to third-party apps such as Twitter, Trello, and Mailchimp, so notifications are sent directly to your shared inbox. This means all relevant messages and information are contained in one place, so if a majority of your conversations occur via email, Outlook Groups is ideal. What’s more, HR and sales departments that communicate with external parties will also find plenty of uses for its email features. A big drawback with Outlook Groups, however, is email overload. Because all messages and notifications are sent to one inbox, users may become overwhelmed by the number of emails they have to sort through every day. Microsoft Teams Microsoft Teams, a chat-based collaboration platform similar to Slack, works with Skype for Business so you can text, call, video chat, and share files with colleagues. Thanks to its seamless integrations with other Office 365 programs, you can even work on shared files without having to leave the app. Unlike Groups, Microsoft Teams is designed for high-velocity collaboration, making it the best of the three for completing projects with tight deadlines or other tasks where employees need immediate feedback. Yammer Much like Groups and Teams, Yammer works well with other Office 365 tools like Outlook and OneDrive. However, Yammer is a professional social media app designed to foster open communication and break down barriers between teams. With Yammer, important files and announcements can be shared with the entire company like an office bulletin board. Users can see the most popular post on their feeds, follow it, and even provide their input by leaving a comment. Yammer also takes design elements and features from popular social media apps like Facebook, making it a popular choice for companies with millennials in their workforce. Although we’ve discussed the fundamental differences between Groups, Teams, and Yammer, we’ve barely scratched the surface of what each app can do. To figure out which apps you need, you must understand how your employees work, how they prefer to collaborate, and what you want to achieve. But there’s another way to find the right app for your business. Whether it be Teams and Groups or anything contact Multi IT today or give us a call on 011 435 0400 for an IT assessment!