With the tactics of cybercriminals getting ever more sophisticated, and with regulatory pressures also mounting, financial enterprises are up against increasing hurdles when it comes to future-proofing their ATMs, Point of Sale systems and Point of Service machines. To help these organisations, Kaspersky Lab has released a new generation of its Kaspersky Embedded Systems Security. This targeted enterprise-grade solution provides advanced protection for a variety of embedded systems involved in highly sensitive financial operations, while at the same time allowing these businesses to address pressing regulatory requirements.
Cybercriminals today are successfully adopting tactics and techniques of the APT groups involved in bank robberies, giving financial organisations increasing security problems. 2016 saw a rapid development in hi-tech attacks on financial organisations – such as the Metel, GCMAN and Carbanak 2.0 attacks. In 2017 Kaspersky Lab experts ran into even more examples. These included mysterious attacks where criminals used fileless in-memory malware to infect banking networks, as well as ATMitch, the traceless malware that cashed out ATMs via remote administration. All these APT-style attacks combined reconnaissance, social engineering, specialised malware, lateral movement tools and long-term persistence to steal money from financial institutions.
In response to the rise in these cyberthreats, financial organisations like SWIFT are introducing new mandatory regulations to protect themselves from cybercriminals. These establish security standards and guidelines for the financial sector, including the need for anti-malware protection, vulnerability assessment, security awareness. To support requirements and to boost the protection of financial companies, Kaspersky Lab is providing its enterprise-level customers with efficient security that meets major global compliance standards and gives them the visibility they need.
Multiple cutting-edge innovations within the Kaspersky Embedded Systems Security solution make the infrastructure more transparent, so if an incident or breach occurs, it can be audited or investigated easily. With the new File Integrity Monitor functionality, security specialists can track actions performed with specified files and folders and make sure no alteration of files goes unnoticed. The new version also enables Log Inspection for analysing activity within a protected system, identifying breaches or abnormal behavior and saving logs for further analysis. With added SIEM integration, the solution can now also export application logs to the corporate Security Operation Center. All these technologies provide security teams and external auditors with the tools they need to ensure that the infrastructure is compliant and secure.
Even while traditional and widely-used malware can make the low-end hardware and obsolete operating systems often found in embedded systems, an easy target, there are also more sophisticated threats – such as fileless malware that operates in memory. To address these threats, Kaspersky Embedded Systems Security ensures security at both file and memory level with real-time anti-malware protection, on-demand scan and Proccess Memory protection.
Additional security features include USB/CD/DVD access control and centralised firewall management along with Default Deny mode that blocks attempts to run any unauthorised executable code or drivers on ATMs and POS terminals.
“Enterprise-grade organizations, especially in the financial industry, will be under increasing regulatory pressure in the next year, considering the recent rise in incidents with critical embedded systems, like ATMs and POS terminals. Currently, they need to implement several protection tools to meet requirements. To help, we’re offering a dedicated single solution with complete functionality, including File Integrity Monitor and Log Inspector, to address the many protection and compliance concerns of our customers at once,” said Dmitry Zveginets, Solution Business Lead, Kaspersky Lab.