LogRhythm comment on bank breach

“In 2019, cyberattacks hit financial services firms 300 times more than other companies in the past year, according to a 2019 report from Boston Consulting Group (BCG)”, says James Carder, CSO and vice president of LogRhythms Labs (www.logrythm.com).  “Financial institutions continue to be a very attractive target for cyber criminals due to the large amounts of sensitive customer data collected and stored.  Banks, such as P&N, must be aware of the evolving types of threats and the vulnerabilities that exist across their networks in order to protect customers’ data.

The attack at Australian P&N Bank occurred around December 12, when the bank was performing a server upgrade.  Hackers likely targeted a third-party company that was providing hosting services.  Upon becoming aware of the attack, the bank reportedly immediately shut down the source of the vulnerability.
 
“Security visibility and monitoring of systems, even those hosted outside of a network, are critically important,” continues Carder.  “ As with the case of this breach, P&N Bank relied on an outside party to host systems with sensitive data without having the visibility necessary to ensure that the third party had the proper security controls and processes in place to protect the data.  Even if the breach was caused by the third party, the financial institutions’ brand image and accountability are still directly associated with their customers.”
 
“Organizations must include security controls and protections within contracts when partnering with third parties,” stresses Carder.  “This will not only limit a company’s liability if a breach were to occur, but it will also test the third party’s adherence to those controls and enable a company to monitor the controls themselves.”