FinTech: Finastra Checkmates Hackers By Going Offline

April 10, 2020 | FinTech
https://dailyalts.com/wp-content/uploads/2020/04/attack-3073180_640-finastra.jpg

The fintech took the extreme step rather than cave into the bad actors.

Finastra, a maker of banking software used by 90 of the world’s 100 largest banks, fell victim to a hacking attack in mid-March. The cybercriminals timed their attack when the fintech had its hands full with the COVID-19 pandemic and most of its employees were working from home. By stealing employee passwords they gained access to critical Finastra servers and installed backdoors in them. (Bloomberg Businessweek)

How Finastra thwarted the hackers

The story of the attack, and how Finastra countered it, has been pieced together by Bloomberg.

Finastra did not detect the attack for three days. Fortunately, the hackers unwittingly set off an alarm while inside one of Finastra’s cloud servers.

Realizing that the company was onto them, the bad actors set off a ransomware attack known as Ryuk.

The attack started to proliferate through Finastra’s network, quickly infecting servers so that they would be inaccessible to Finastra. This is the typical modus operandi of ransomware attackers.

Finastra’s information security team then took the unprecedented step of bringing down all its servers. They took the step regardless of the effect of the action on the company and its customers.

Finastra made the attack public

Finastra did make the attack public around the time it happened. It said:

“During the period immediately before March 20th, 2020, the Finastra IT security and risk teams actively detected, through our monitoring, that a bad-actor was attempting to introduce malware into our network in what appears to have been a common ransomware attack. Unfortunately, this type of malware and criminal activity is increasingly common in today’s environment and is targeted at companies across many sectors, not only those involved in technology.”

In a notice to customers, Finastra described the incident as a “potential security breach.”

Further, the company cautioned that it was “anticipating some disruption to certain services, particularly in North America.”

“We believe the attack came deliberately whilst we focused on moving the majority of our global workforce, including several thousands of our colleagues in the Americas, to safer work from home processes in light of COVID-19,” Chief Executive Officer Simon Paris said in a March 23 statement.

Via a spokesperson Finastra did comment to Bloomberg that by taking their servers offline they retained control of their network and were, therefore, able to resume operations in a short time.

Cybersecurity hygiene

Finastra’s systems quickly sounded the alert on the intrusion, and the firm quickly thwarted the attack. However, according to Bloomberg, it “suffered from poor cybersecurity hygiene in basic areas, including failures to fix known software security issues.”

These issues made the hackers’ job easier once they were inside Finastra’s network.

About ransomware

According to Bloomberg, ransomware attacks have been growing in number and sophistication. These attacks target government agencies and businesses, including school districts, doctors’ offices, and multinational corporations.

A Russian organized crime ring notoriously known as the “Wizard Spider” created the Ryuk ransomware.

Even the period between attackers gaining access to a network and deploying ransomware has dropped from weeks or months to a few days.

This has made it more difficult for victims to detect the intrusion and to take remedial steps.

On the other hand, the work-from-home compulsions arising from COVID-19 have made it extremely easy for these criminals to break into companies’ systems.

Bloomberg described it as a “once-in-a-generation” opportunity for these nefarious actors.

Related Story:   Digital Assets: Gear Up for New Threats From “Financially Motivated” Bad Actors, Says Kaspersky

Free Industry News

Subscribe to our free newsletter for updates and news about alternatives investments.

  • This field is for validation purposes and should be left unchanged.


Shape

Latest Alternative Investment News

https://dailyalts.com/wp-content/uploads/2023/12/AMD_headquarters_santa_clara.624da707519a6.jpg
Artificial Intelligence: AMD Takes On Rivals In The AI Chip Sweepstakes
December 7, 2023     Artificial Intelligence, News

Chipmaker AMD (NASDAQ: AMD) has unveiled a range of innovative AI solutions spanning from data centers to personal computers. The AMD Instinct MI300 Series features data center AI accelerators, while…

https://dailyalts.com/wp-content/uploads/2023/12/RHCEU-Inline.jpg
Digital Assets: Robinhood Debuts Crypto Trading On Its App In The EU
December 7, 2023     Digital Assets, FinTech, News

Robinhood (NASDAQ: HOOD) has launched its Crypto app in the European Union (EU), allowing eligible customers to engage in crypto trading with the added incentive of earning Bitcoin rewards. Customers…

https://dailyalts.com/wp-content/uploads/2023/12/Samsung_UK_Samsung_Pay_Lifestyle_0552-revised-Pictogram-23.11.30-1024x744-1.png
FinTech: Samsung Electronics Ties With Mastercard’s Wallet Express
December 7, 2023     FinTech, News

Samsung Electronics (KRX: 005930) and Mastercard (NYSE: MA) have partnered to launch the Wallet Express program, offering banks and card issuers a cost-effective way to expand digital wallet offerings. Through…

https://dailyalts.com/wp-content/uploads/2023/12/Revaia-founders.jpg
Venture Capital: Revaia, Europe’s Biggest Female-Led VC Firm, Racks Up $160M For Second Fund
December 7, 2023     ESG and Sustainability, News, Venture Capital

Revaia, Europe’s largest female-founded venture capital firm, has successfully raised €150 million ($160 million) for its second fund, Revaia Growth II. The funding was secured from sovereign wealth funds, family…