Impact of Information Security Trends on Banks, Part 2 : Shift Towards Application Level Attacks
Omar Herrera (omar.herrera@oissg.org)
See Also: Stepping up Fight Against Omnichannel Financial Fraud
Many attacks in the past decade have focused on vulnerabilities at the network and operating systems level. Nowadays, hackers seem to be more closely focusing on application level attacks. There are several reasons for this.
- Too many network protocol suits are being used by organizations
- Organizations tend to use too many different operating systems within standard network services
- Too many different applications are used within each PC
Â
There are a lot of applications, so many, that it is much more difficult to keep track of vulnerabilities and patches at this level. This is also reflected within security controls, as there are many robust controls for networks and operating systems, and fewer for application level attacks. Additionally, most controls concentrate on standard services and protocols (e.g. they can detect and block HTTP protocol anomalies, but are unable to protect against more specific application attacks that use those protocols).
Hackers with bad intentions know that identifying vulnerabilities on non-standard applications is difficult, but they also know that existent security controls can't protect them adequately. This is especially true if those applications are custom made by the organizations. Hackers are aware that custom made applications do not have robust source code checking and appropriate vulnerability patching cycles. Therefore, a skilled hacker knows that targeting organizational systems at this level allows a high probability of success, and that these penetrations may remain undetected for a long time.
While this kind of attack requires more skills and resources, as we already know, cyber criminals tend to gather together. With spammer, mafias and other groups supporting their activities, gathering these types of resources are rarely a problem.
Â