Manchester-based cyber security firm, NCC Group, has received CBEST accreditation to provide threat intelligence for financial firms. CBEST is the Bank of England’s shared framework for testing the vulnerability of major financial firms to cyber attacks. According to CBEST guidelines, financial firms hire threat intelligence providers to gather and analyse information on potential threats and vulnerabilities in the client firm. They then help draft a penetration test plan in cooperation with penetration testers, helping provide intelligence-guided penetration testing. Ollie Whitehouse, technical director at NCC Group, said that the accreditation was the logical next step after NCC’s acquisition of FOX-IT last year, which allowed the group to expand its threat intelligence and analysis capabilities. Threat intelligence is an increasingly important part of proactive cyber security as attacks on financial institutions grow in sophistication and frequency. According to a report published by Kaspersky Lab, a provider of cyber security services, attacks against financial firms have grown by 15.6% in Q2 compared to the previous quarter. Kapersky Labs attributes the rise in malicious attacks against banks to recent collaboration between the authors of the two leading bank trojans, the Gozi and Nymaim Trojan. A banking trojan is a type of malware that is spread through emails or malicious websites. It redirects infected users to fraudulent websites that looks like the original. Usernames, bank account details, and passwords are stolen when the unsuspecting user enters them into the dummy site. According to the report, 35.4% of malware infections originated from the US, topping the list, followed by Russia (10.3%) and Germany (8.9%). Turkish banks were the most targeted, accounting for 3.45% of malware infections.
DORA test coming as EU watchdogs want to see ICT contracts
April 19, 2024
