TrapX, a deception-based cyber-security defense provider, recently released the world’s first deception-based security solution specifically designed to protect the Society for Worldwide Interbank Financial Telecommunication (SWIFT) financial networks.
Unlike other security solutions, TrapX is the only security company to include both traps (decoys) and tokens (lures) to capture today’s most proficient and persistent cyber attackers. The new capabilities imitate a variety of real SWIFT financial network computer terminals and web services. DeceptionGrid now includes emulation capabilities for SWIFT Alliance SAG, SWIFT Alliance SAA and SWIFT Alliance Web Platforms for Linux and Windows deployments and was specially designed to help financial institutions target and stop SWIFT financial network attackers.
In the past year, SWIFT has been under attack by persistent cyber-attacks, resulting in the theft of more than $100 million dollars from banks worldwide, said TrapX Security CEO Greg Enriquez. “These attacks demonstrate a broad knowledge of bank operations as attackers combine them with sophisticated tools and techniques to penetrate target bank networks,” he said.
“The recent expansion of our DeceptionGrid emulation to include SWIFT financial network assets allows institutions to protect their most valuable assets by implementing a powerful security layer of deception on top of SWIFT’s closed systems, which does not impede on the existing security structure,” Enriquez added. “This adds to our financial networks solution set that already includes protection for automated teller machines (ATM) networks, online banking application servers, and more.”
The SWIFT financial network, like many core financial applications, is a closed system with well integrated internal security. Sophisticated cyber attackers that are able to penetrate a targeted financial network, can establish a “backdoor” and observe and map network assets without being detected for long periods of time. Enough time in the network allows attackers to learn operating procedures for major financial applications and then compromise the targeted systems. Attackers then access and capture authentication traffic and, ultimately, escalate their permissions, often to the administrator level to compromise the SWIFT financial network transactions in a variety of potential ways.
To better detect and defeat attackers who have already penetrated the network, TrapX DeceptionGrid surrounds the actual SWIFT assets with a blanket of protective Traps and Tokens that leads attackers to attractive fake SWIFT decoys, which look relatively undefended. However, each Trap has the ability to capture, contain and analyze attackers, while alerting the financial institutions security operations center (SOC) teams.
Once the attacker is identified within the network, an in-depth report of the attack method is shared with SOC for assessment and remediation. This provides financial institutions with exceptional visibility situational awareness of activity within the internal networks.