Protecting Banks’ Sensitive Information
Cyberattacks are a constant threat to authorities as they handle a great deal of sensitive information. For banks, this is also an important threat as they manage many vital assets and sensitive information.
Cyberattacks against Banks
It can become very expensive not to protect information properly. The Development Bank of Seychelles experienced a ransomware attack on their network in September 2020. During a ransomware attack, the attacker encrypts the victim’s files and demands a ransom to make them accessible to the victim again. This means that gaining access to the files again after an attack can become far more expensive than to pay for secure protection and thereby avoid such risks.
Hungarian banking services were also affected by a critical cyberattack during 2020 – a so called distributed-denial-of-service (DDoS) attack. This was considered to be one of the biggest DDoS attacks in Hungary. During a DDoS attack, the system is flooded with data traffic by the attackers with the aim to paralyse the system. During the incident mentioned some banks’ services were interrupted. This kind of attack can also mean great costs, as in the ransomware attack towards the Development Bank of Seychelles, in terms of the organisation not being able to run in its normal speed, meaning that employees and potential customers cannot access the system.
Protect your information with classification and network segmentation
It is vital to classify all kinds of information in order for the organisation to be able to handle it correctly. To do the classification, you must evaluate aspects such as the value and sensitivity of the information, legal requirements and the importance of the information for the business. A good way to determine how the classification should be done is to use a risk and security analysis. It helps you to map your current information security as well as your future needs.
An excellent method for mitigating security risks and protecting critical information and critical systems is network segmentation through a combination of physical and logical separation. Physical separation means that safety zones are defined and distributed on different physical hardware. Logical separation means that different zones or network traffic are allowed to coexist on the same hardware or in the same network cable, which makes it less apparent – and thus leads to lower confidence in the strength of the separation mechanism than that of physical separation.
Read more about how you can use network segmentation to protect your information here!