responds to discussion post below half page je

/in /by

Introduction

Financial services businesses have become a prime target for cyber-related crime in recent years. As one report states, “cyber threats are 300 times as likely to target the broader financial services industry as companies in other sectors” (Ungarino, 2019, para. 5). A prime example of this threat has occurred recently in Australia where the financial sector has come under threat in a extensive plot to extort money under threat of a distributed denial-of-service (DDoS). With this in mind, Pagette Beale Financial Services (PBI-FS) must develop a strategy and implement recommendations to best prepare and protect itself from similar crimes.

Australians Targeted

The incidents in Australia, which occurred in February 2020, are a part of a global campaign threatening DDoS attacks on financial institutions if a ransom is not paid (Cimpanu, 2020, para. 5). This campaign has been ongoing across the globe for months. The perpetrator of these crimes in unknown, though they have changed their name several times, now claiming to be the Silence hacking group, but even claiming at times to be part of several notorious hacking groups such as Anonymous, fancy Bear, and Cozy Bear amongst others (Cimpanu, 2020, para. 11-15). The recent threats in Australia have been received over email at the various institutions. Often the recipients have received an email that threatens to knock those services offline unless paid that ransom with cryptocurrency (Tung, 2020, para, 2).

The consequences if the threat were to occur could be quite damaging. A DDoS attack would cripple network communications at the targeted company. Shutting down online financial services to the affected companies would also be very costly. However, while the group has followed through in some cases, very few of these threats have actually come to fruition (Cimpanu, 2020, para. 9). To date, there no prosecution for these crimes in Australia have occurred.

Recommendations to Protect PBI-FS

PBI-FS must develop strategies and implement best practices to prepare itself for cyber threats that may impact business operations. To protect against this particular type of threat several safeguards should be put in place. Primarily, moving some services to a distributed architecture or a content distribution network, or purchasing a service that protects from DDoS attacks (Tung, 2020, para. 3). In general, good cybersecurity practices would be effective in protecting against many of the threats that exist. Many best practices are often integrated into frameworks like NIST’s Cybersecurity Framework to develop a wholistic plan to address cybersecurity concerns. Taking the proper precautions are necessary to protect PBI-FS from similar threats.

References

Cimpanu, C. (2020, February 25). Australian banks targeted by DDoS extortionists. Retrieved from https://www.zdnet.com/article/australian-banks-targeted-by-ddos-extortionists/

Tung, L. (2020, February 25). ASD warning: DDoS extortion attacks threaten Aussie banks. Retrieved from https://www.csoonline.com/article/3529468/asd-warning-ddos-extortion-attacks-threaten-aussie-banks.html

Ungarino, R. (2019, June 20). Cyberattacks are 300 times as likely to hit financial firms than other companies. A Sweeping new report find they’re not prepared. Retrieved from https://markets.businessinsider.com/news/stocks/cyberattacks-impact-major-threats-to-financial-firms-not-prepared-2019-6-1028296130