As I read through the article I couldn’t help wonder how each method the writer described could have been complicated for the attacker if there was a Geo IP Layer as the first and last inspection.
Attacks are not limited just to theft and can take the form of denial of service assaults on a bank’s online operations to prevent customers from accessing their accounts. Last year, HSBC became the victim of one of the largest attacks of this kind yet recorded, causing the failure of its online banking services. Stuart Gulliver, chief executive of HSBC, and other senior managers at Britain’s largest bank, believe cyber threats are one of the biggest dangers to the industry.
Because of the distribution of the attack this could have been watered-down to a non event if these banks employed an additional Geo IP layer to limit their network port exposure to the world. The Geo IP layer would have absorbed the blunt of the traffic to before it entering the environment, or the touching the attacked service.
One of the biggest areas of weakness is lax security among employees. In particular, the use of unauthorised applications.
Again, the Geo IP filter in this case would have prevented unknown outbound connections to high risk networks in the app. The Geo IP layer is your first and last line in defense for these rogue applications to enter or escape. For instance: Bad user downloads Facebook widget X, which is coded to siphon and collect data to send it to country Y, using some common port X. which tricks IDS using your very own internal web filter/proxy. Unfortunately for the hacker application, the Geo IP filter isn’t fooled by the apps stealth or program trickery, it only cares where its going.
Ernst & Young, says the use of outside technology, as well as social networks, such as Facebook and LinkedIn, have proved a boon for those looking to circumvent banks’ online defences.
Criminals have also begun targeting the physical hardware underpinning banks’….