-
Over the past year, banks have been bombarded with cyberattacks of all kinds: distributed denial of service, phishing, malware, and wire transfer fraud, to name a few. Whos attacking the banks and why? What defensive tactics are banks getting better at, and what work has yet to be done? This special report looks at how the cyberthreat landscape has changed.
October 7
Bankers have never been too keen on sharing secrets with one another. But as they struggle to
In support of that effort, Guardian Analytics announced Tuesday that it's been maintaining a secure online forum of sorts, FraudMAP Connect, for financial services companies looking to safeguard themselves against data breaches and distributed denial of service attacks.
"There is a big problem that has come to light, and [threat information sharing] is very much in demand," says Guardian's chief executive Terry Austin. "FraudMAP gives our network of banks the ability to work together way more effectively. It makes them more prepared, more efficient."
The platform already has 150 banks on board, according to a spokeswoman.
Indeed, bankers have become more willing to talk about best practices around how to hedge against cyber exploits.
There is an overall perception that the more industry players participate in group tests and discussions, the more secure the landscape will become.
For instance,
The Securities Industry and Financial Markets Association conducted the mock attacks, which were called the Quantum Dawn 2 tests. As the name suggests, they were the second such exercise the industry has undergone.
Other organizations, such as the Financial Services Information Sharing and Analysis Center, also facilitate such security data sharing among banks. The FS-ISAC collects information about attacks and threats from its 4,400 bank members, anonymizes the data, and sends it back out to the members at a level of detail commensurate with the fees they pay. The organization shares information such as malware signature information, new threat indicators, and how to defend against them. The organization also holds meetings at which members can compare notes in person.
FraudMAP Connect is taking a similar approach.
The service, Austin says, is an attempt to bring IT players together on new fraud threats, while also chatting with Guardian researchers.
"The members know they are in the same protected, and like-minded, environment," Austin says, adding that the website is tightly integrated with the vendor's tools. "So you can be looking at FraudMAP tools and sharing fraud cases with the forum getting investigation results."