Despite the cloud computing trend, financial institutions still have significant capital investments in traditional IT infrastructure components within their existing data centers. These facilities typically contain essentially flat, open networks, as network segmentation for cybersecurity was not a consideration many years ago. However, malicious actors have recently found success in such open environments, where much of the lucrative data and systems are readily accessible after compromising a device elsewhere in the network. Certain legacy and mainframe applications may be unsuitable for migration to the cloud, and will continue to run in private data centers with traditional architectures. Consequently, this legacy infrastructure with its indigenous applications and their associated data also needs the protection afforded by network segmentation.
Download this use case to see how one of the largest financial institutions in the world created network segmentation with the Palo Alto Networks Next-Generation Security Platform to increase security and protect data in their traditional data centers with minimal business disruptio
Public cloud Infrastructure as a Service (IaaS) offerings, such as AWS, can quickly accommodate unexpected or temporary business computing workloads. However, proper alignment of security and resiliency to enterprise standards and policies is still required.
Significant concerns over the security of data, workload and infrastructure have slowed the adoption of public cloud services by the financial services industry. Regardless of where it resides, the financial institution’s data is, ultimately, the target of malicious entities. Consequently, measures to appropriately protect the data must be enacted for the public cloud as well.
Download our use case to learn how Palo Alto Networks can help your organization protect IaaS hybrid clouds in financial services.
Governments and businesses must continuously assess the use of new applications and services that improve processes and operations. As such, they must weigh the business benefits from the adoption of newly sanctioned applications against potential risk to the business, its data and other resources. Applications themselves, such as remote access, can represent undue risk. In addition, if applications are not appropriately secured in the business network, today’s attackers can hide communications within the very communication mechanisms the applications use. Adoption of security that appropriately identifies, granularly controls and secures enterprise applications can be slow if those charged with such controls don’t understand the necessity, value or ease with which appropriate controls can be adopted.
Download our use case "Secure the Network through Application Visibility" for the benefits of this approach, along with some common concerns over adoption, and read about the experiences of several customers across different industries who made this transition.
At Bank OCBC NISP, Palo Alto Networks PA-5060 next-generation firewall prevents threats and safely enables applications over the bank’s internet gateways across two data centers. In addition, the WF-500 appliance provides WildFire™ threat analysis service as an on-premise, private cloud to analyze suspicious files in a sandbox environment without the need to send them outside the bank’s network.
Advanced attacks have been able to evade traditional security measures, target specific users and vulnerable applications, steal sensitive information or commit outright fraud. One approach to preventing such advanced persistent threats (APTs) is to identify and protect against new exploits, malware and malicious URLs. This can be accomplished by “sandbox” analysis of unknown threats. Organizations such as financial institutions that are uncomfortable with cloud-based threat analysis may choose on-premise threat analysis solutions to address any data privacy concerns.
Download this whitepaper to read about how Financial Services organizations can use on-premise threat analysis solutions to mitigate compliance risks and maximize prevention against cyberattacks.
Establishing, maintaining and demonstrating compliance with the Payment Card Industry Data Security Standard (PCI DSS) is a necessity for all entities involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers, as well as all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD). For all system components included in or connected to the Cardholder Data Environment (CDE), organizations must comply with more than three hundred requirements. It is in every organization’s best interest, therefore, to take advantage of network segmentation provisions stated in the PCI DSS to effectively isolate their CDE and thereby decrease the amount of infrastructure that is considered in scope.
Download our use case "Simplify PCI Compliance With Network Segmentation" to learn how Palo Alto Networks Next-Generation Security Platform delivers maximum protection for an organization’s entire computing environment while greatly reducing the scope of PCI compliance.
Private cloud computing provides businesses with flexible, scalable, on-demand IT resources. However, security remains a significant challenge. The very principles that make cloud computing attractive run counter to cybersecurity best practices, such as separation and segmentation. Malicious actors seek these open environments where much of the lucrative data they desire can be found, and if a virtual environment, without proper security and segmentation in place, is compromised, the attacker has access to everything – critical data included.
Download the Network Segmentation use case to see how the Palo Alto Networks Next-Generation Security Platform applies segmentation to increase security and protect applications and data in a virtualized data center.
The Security Reference Blueprint for Financial Services IT enables institutions to augment the security of existing infrastructure, enable new applications, provide greater access to data, and prevent advanced threats without disrupting vital operations.
By taking a pragmatic approach to introduce network segmentation, financial institutions can minimize business disruption and reap benefits, such as limited exposure after an intrusion, and reductions in lost productivity, remediation costs, and reputational damage from actual loss of personally identifiable information (PII) or financial data. This white paper discusses how network segmentation enables financial institutions to survive intrusions and minimize or prevent data breaches.
In May 2016, Unit 42 observed targeted attacks primarily focused on financial institutions and technology organizations within Saudi Arabia. Artifacts identified within the malware samples related to these attacks also suggest the targeting of the defense industry in Saudi Arabia, which appears to be related to an earlier wave of attacks carried out in the
Hear Matthew McLimans, Sr. Network Security Engineer at Warren Rogers Associates discuss how the Palo Alto Networks Next-Generation Security Platform deployed in Amazon Web Services (AWS) segments network traffic coming from thousands of remote data collection devices, prevents malicious traffic from infiltrating fuel system diagnostics and reporting systems, white-lists applications and services, and segments cardholder data to ensure PCI compliance in the company’s cloud-based data center.
We recently discovered 22 Android apps that belong to a new Trojan family we’re calling “Xbot”. This Trojan, which is still under development and regularly updated, is already capable of multiple malicious behaviors. It tries to steal victims’ banking credentials and credit card information via phishing pages crafted to mimic Google Play’s payment interface as
The AUTR provides visibility into the real-world threat and application landscape, helping security teams to understand how adversaries are attempting to attack organizations around the world and build proactive, actionable controls. Built by the Unit 42 threat research team, the report correlates data from more than 7,000 enterprise organizations, providing broad visibility into critical trends.
After Brian Krebs reported the September arrests of alleged key figures in the cyber crime gang that developed and operated Dridex, Unit 42 observed a marked decrease in activity related to this banking Trojan – at least until today. Dridex re-entered the threat landscape with a major e-mail phishing campaign. Leveraging the Palo Alto Networks
Retefe is one of the most targeted banking Trojans currently in the wild. While other families such as Zeus and Citadel are widely adopted by attackers targeting banking websites around the world, Retefe is consistently used to target victims in Sweden, Switzerland and Japan. In the last two weeks we have detected a surge of
The volume of malware alerts received by security teams in Financial Services can now reach into the tens of thousands daily. Properly addressing these requires tools and security products that deliver a high degree of automation and eliminate many of the manual tasks that security teams still have to deal with when using traditional products.
During this webinar, we describe how an integrated and streamlined approach to security can not only detect the most aggressive threats before they cause any damage, but also block any further propagation of malware through an automated closed loop approach that minimize the reliance on manual intervention.
Critical datacenter assets are at the heart of financial services (and many other industries) enterprise networks. Unfortunately, it’s still too easy for attackers to get into the datacenter through an insider, a partner, a side server, virtualization, or even a development environment. A new frame of mind for security is needed to protect today’s and tomorrow’s data, application, networks, and systems
Session Traversal Utilities for NAT (STUN) is a network protocol with standardized methods that enables an internal network address space host employing Network Address Translation (NAT) to determine its Internet-facing/public IP address. STUN has several legitimate uses, including enablement of NAT traversal for voice over IP (VOIP), messaging, video, and other IP-based interactive communication. As
Exeter Finance works with thousands of franchised dealers nationwide to make car ownership possible for more people. The company works with its customers to become a trusted partner in car ownership – a partner who guides them along the way, provides tools to keep them informed, and helps them establish a payment history that can impact their credit score.
Western & Southern Financial Group is a nationally recognized leader in consumer and business financial services. "The Palo Alto Networks system holds a great deal of promise for simplifying security infrastructure. Strategically, that could translate to the ability to reduce the number of technologies we use and simplify our infrastructure - all while maintaining a very high level of security and resiliency."
In this edition of the threat review, we will follow the money with a dive into the world of banking malware and its growth into one of the most popular and lucrative avenues for professional hackers. We will take a closer look at Zeus, how it has evolved over time, and spawned a new generation of financial botnets that promise to cause even more damage. As always, we will cover the skills and intelligence you will need in order to protect your networks from these rapidly evolving threats.