Please wait, authorizing ...

Don't have an account? Register here today.


Microsegmentation contained Ransomware attack on banking institution

Microsegmentación contuvo ataque de ransomware en institución bancaria

Latin America. The rampant abuse of zero-day vulnerabilities over the past six months has led to a 143% growth in the number of victims, according to the company Akamai.

Geographically, Latin America and the Caribbean is one of the regions with the highest incidence of cyberattacks in the world; in 2023 it became the fourth most attacked region, according to IBM's X-Force Threat Intelligence Index 2024 report.

Sectors such as Finance, Insurance and Retail ranked first as the most attacked industries, with 25% each. Data from several cybersecurity firms highlights that the region receives more than 1,600 cyberattacks per second.

Oswaldo Palacios, Senior Account Executive at Akamai, said: "A ransomware attack begins when phishing emails manipulate users into downloading and executing a malicious attachment. The weakest link in a security system is not a hidden flaw in the computer code, but a person who does not check the origin of an email," he says.

- Publicidad -

Akamai's research, Ransomware on the Move, reveals that victims of various ransomware groups are nearly six times more likely to suffer a subsequent attack within three months of the initial attack. It's a race against time for organizations to close gaps in their environment due to the likelihood of being attacked by another group.

Hence the importance of implementing a cybersecurity strategy accompanied by a microsegmentation approach, highlights Oswaldo Palacios, who recalls that a well-known Latin American bank was the target of a cyberattack that it managed to contain.

According to the forensic analysis, it was a type of ransomware with which he apparently sought to extort some money from the financial institution. Therefore, in compliance with cybersecurity protocols and best banking practices, we proceeded preventively and responsibly to isolate the affected servers and disable all operating systems.

Its quick action allowed it to avoid affecting the data and resources of customers and the institution itself. Oswaldo Palacios explains that ransomware attacks are complex: infiltrating the system is just the beginning.

To maximize the damage, an attacker must also distribute their malicious payload across the network before beginning the encryption process. If only one computer is encrypted, the attacker will not have reached the impact needed to demand a ransom.

For the ransomware attack to bear fruit, the attacker must follow several steps: detect network assets, move laterally, among others; This process is often referred to as the ransomware kill chain.

"Each step gives security teams the opportunity to block and detect associated malicious activity. With the help of microsegmentation, security teams can use mitigation measures at every step of the ransomware kill chain to stop attackers and detect any anomalous behavior."

- Publicidad -

Effective Containment with Microsegmentation
The early and effective implementation of a cybersecurity strategy with the best cybersecurity solutions allowed the banking institution to have deep visibility into east-west traffic for critical banking applications and the ability to reduce risk by applying microsegmentation.

For banking and financial institutions, a new software-defined segmentation approach is essential to lessen threats and simplify ongoing policy management for critical applications and payment systems such as SWIFT.

"Microsegmentation provides deep visibility into applications and flows and implementation of policies at the network and individual process level to isolate and segment critical applications and infrastructure," says Oswaldo Palacios.

A microsegmentation solution monitors all network communications and has built-in detectors that identify and alert on such scans, helping to stop the spread of malware before it starts. It also blocks and detects attacks on local network protocols.

Oswaldo Palacios points out that if the ransomware attack on the Latin American bank had taken place, the consequences would have been regrettable, ranging from slowness, intermittency or complete lack of operation in critical applications, as well as the loss of customers, reputational damage, economic penalties and hard work to return to normal operation by having to reinstall and configure servers from scratch.

In addition, it is very likely that the account holders' data would have ended up for sale on the dark web.

- Publicidad -

Finally, the Akamai specialist reiterated that microsegmentation is becoming an increasingly important tool for IT security teams that face the challenge of keeping security policies and compliance in line with the rapid pace of change in today's dynamic data centers and cloud and hybrid cloud environments.

Álvaro León Pérez Sepúlveda
Author: Álvaro León Pérez Sepúlveda
Editor - Latin Press, Inc.
Comunicador Social Periodista egresado de la Universidad de Antioquia, con más de 14 años de experiencia en medios periodísticos y proyectos de comunicación digital. [email protected]

No thoughts on “Microsegmentation contained Ransomware attack on banking institution”

• If you're already registered, please log in first. Your email will not be published.

Leave your comment

In reply to Some User
Suscribase Gratis

Webinar: Inteligencia Artificial en NVR & Cámaras Enforcer Tema: Inteligencia Artificial en NVR & Cámaras Enforcer Por: Eduardo Cortés Coronado, Representante Comercial en México - SECO-LARM USA INC Fecha: Martes 28 de mayo, 2024 Hora: 10.00H (Colombia) 09:00H (México) Conozca cómo sacar ventaja de las funciones de inteligencia artificial en NVR´S 4K & cámaras IP enforcer, disuación activa, reconocimiento facial, reconocimiento de matriculas vehiculares, salidas alarma etc.

Webinar: NxWitness el VMS rápido fácil y ultra ligero

Webinar: Por qué elegir productos con certificaciones de calidad

Por: Eduardo Cortés Coronado, Representante Comercial - SECO-LARM USA INC La importancia de utilizar productos certificados por varias normas internacionales como UL , Ul294, CE , Rosh , Noms, hacen a tus instalciones mas seguras y confiables además de ser un herramienta más de venta que garantice nuestro trabajo, conociendo qué es lo que certifica cada norma para así dormir tranquilos sabiendo que van a durar muchos años con muy bajo mantenimiento.

Webinar: Anviz ONE - Solución integral para pymes

Por: Rogelio Stelzer, Gerente comercial LATAM - Anviz Presentación de la nueva plataforma Anviz ONE, en donde se integran todas nuestras soluciones de control de acceso y asistencia, video seguridad, cerraduras inteligentes y otros sensores. En Anviz ONE el usuario podrá personalizar las opciones según su necesidad, de forma sencilla y desde cualquier sitio que tenga internet.

Webinar: Aplicaciones del IoT y digitalización en la industria logística

Se presentarán los siguientes temas: • Aplicaciones del IoT y digitalización en la industria logística. • Claves para decidir el socio en telecomunicaciones. • La última milla. • Nuevas estrategias de logística y seguimiento de activos sostenibles
Load more...

Latest Newsletter