Darktrace Reveals Six Months’ Data Breach in Financial Services by Hackers

Financial information has allegedly been breached, due to malware detected by Darktrace security firm. Fears of boldness in the actions of hackers increase, due to the recent attacks against Sony and found in business sites universally.

Security firm Darktrace has highlighted a recent revelation about financial data being breached for a period of six months, before the vulnerability was brought to light! Dave Palmer, who is the Director of Technology working for Darktrace, revealed an ongoing threat that was left unnoticed for half a year. This threat was noticed by Darktrace upon working with the specific financial institution. Up to that point, nobody had realized that the malware had been installed there and that it had been collecting sensitive data.

Dave Palmer explained how the blind trust in firewalls and antivirus software often leads to negligence in the security check, on behalf of many companies in the world. He expressed his discontent on the increasing phenomenon: “We’re seeing increasing [incidents] where data servers are getting compromised and pushing data out to the internet on a daily basis…People are so confident in firewalls that companies aren’t looking inside their networks. A lot of times with these attacks it’s not sneaky, it’s bold faced data extraction.”

According to Palmer, such attacks are not targeted; instead, the targets are chosen randomly and there is some sort of testing in what the hackers can actually do. They put their work to the test and they experiment, using various companies and their vulnerable sites to do so. However, once they come across something that they can see, they are most likely not to let that chance go to waste. In the form of an example, David Palmer used the recent attack against Sony with the sophisticated malware that collected data like banking information at a humongous scale.

Sony had better be an example for companies, in avoidance of similar mistakes. As a result, companies should apply more robust and sophisticated security software that would diminish the threats deriving from hackers everywhere. Intelligence-based systems can be the solution to the emerging problem.

Palmer commented on the need of companies to defend themselves against Internet threats: “[The idea is to create an] immune system that lets you know something is going on in your system and give you the tools to let you know if it’s legitimate, risky or malware … [For example, our system uses] self-learning mathematics and machine learning with systems absorbing activity from every machine and person and creating individual baselines about what is normal behavior.”

Businesses, on the bright side, are concerned about the current threats and are willing to invest more on security in 2015 (according to a recent report by Piper Jaffray). This will definitely promote the efforts of being kept safe and ensuring a secured environment for customers and Internet users as a whole.

Pierluigi Paganini Cyber Security Analyst; Member, European Union Agency for Network and Information Security Threat Landscape Stakeholder Group; Founder, Security Affairs Blog. Co-author of The Deep Dark Web: The Hidden World.
Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.