Commercial and Cloud Cyber Security Shielding Credit Cards

Feb. 1, 2017
5 New Technologies to Thwart Hacks “Verizon’s 2016 Data Breach Investigations Report (DBIR) came out with a startling fact: “89% of cyber-attack breaches had a financial or espionage motive.” Enterprises […]

5 New Technologies to Thwart Hacks

"Verizon’s 2016 Data Breach Investigations Report (DBIR) came out with a startling fact: "89% of cyber-attack breaches had a financial or espionage motive."

Enterprises face millions of cyber attacks every day and the rise of these attacks is alarming. Exploits are mechanized with high-end bots leaving no trace of the hacker. This creates perpetual fear across business and its customers.

No industry or organization can deem itself invincible when it comes to data compromise. Without saying the business world is at fault, even the most reputed establishments like Apple, Oracle, J.P. Morgan, and Volkswagen, have recently felt the brunt of this rising problem.

What’s even more distressing is that these types of attacks have shaken the core of government as well as multinational’s safekeeping heads.

Verizon’s 2016 Data Breach Investigations Report (DBIR) came out with a startling fact: "89% of cyber-attack breaches had a financial or espionage motive."

This is indeed symbolic as the shift to online money transfers, net-banking, the use of plastic money and bitcoin are soaring exponentially.

In a report, Barclay stated that in 2015, the US accounted for 47% of the world’s card fraud. In 2014 nearly 31.8 million US consumers got their credit cards breached. And it has only gotten worse. 2016 will likely be a record year for Card-Not-Present (CNP) fraud. Javelin Research also predicts, CNP fraud is expected to grow to $19B in 2018.

The US is not alone. Financial Fraud Action UK reported that Internet banking fraud in Britain rose 64% to £133 million in the year 2015. In the first half of 2016, the same source shared that scams and online attacks increased by a quarter to a massive £399.5 million. It also revealed that card payment fraud zone was the highest compared to others in the country.

During the 2016 Rio Olympics in Brazil, there were multiple instances of credit card fraud, particularly for tourists. Approximately 3.2 million Indian debit cards in October 2016 were compromised, the National Payments Council of India stated.

Sighting the rise in fraud cases, a surge in technological security paraphernalia has also evolved.

Commercial Cyber Security
Given the rise of hackers’ audacity, we can see a shift from magnetic strip cards to EMV (Europay, MasterCard, and Visa) chip-technology cards. EMV cards contain a built-in chip that generates a new transaction code each time it is swiped. This makes it nearly impossible for duplication.

According to MasterCard, approximately 70% of US consumer credit cards are EMV (with built-in chips) at the moment, and 76% of the 200 major merchants in the US are accepting them. The EU shows more than 90% of credit cards possessing EMV cards currently.

However, security expert and CTO of Resilient, Bruce Schneier, states that "Forced Authorization Attacks" against Chip-and-Pin Credit card terminals can dilute the efficacy of EMV cards and easily create frauds.

Of late, 2 of France’s largest banking group, Banks Société Générale and Groupe BPCE, have deployed a dynamically changing CVV number card called the MotionCode. The company behind this technology is Oberthur Technologies, which is a French digital security establishment. The 3-digit CVV number on the back of this card will change, every hour, for 3 years after its issue. Even if a fraudster manages to steal the card, he or she will be left with useless numbers.

Another breakthrough in credit card security has to do with the removal of details during/after transaction. Using this tactic, the account number of the card holder will not remain during or after the processing and storing of a transaction’s details. Some think that removing card account numbers from the processing and storage of payments represents one of the most innovative and promising technologies we’ve seen in decades.

Infoholic Research recently published a report that predicts the commercial cyber security market to grow at a CAGR rate of 21.9% and reach $35.90 billion by 2022. The key players included in the report are Cisco System, Check Point Software Technology, McAfee, Symantec Corp., BAE Systems Intelligence & Security, Ixtel Technologies, Argus Cyber Security, and others. (For more information on this report, please visit https://www.infoholicresearch.com/report/worldwide-commercial-cyber-security-market-drivers-opportunities-trends-and-forecasts-2016-2022/.)

Cloud Firewall Security
Historically, cyber security focused on network firewalls security installations and antivirus solutions. Recently, however, the primary targets for attacks have shifted from the network layer to the application layer. This development came into picture as the operating systems and service interfaces jumped to cloud applications.

Also, wider adoption of cloud computing by enterprises has given the hackers the luxury to attack applications that’s leveraging on external hosting providers for infrastructure, platform, and software.

Technical experts would agree that access control, parameter validation, and session management, are a few key security challenges involved while developing web applications for the Cloud.

Some solutions to these challenges include:
• Brocade has come-up with Virtual Web Application Firewall (Brocade vWAF). This scalable solution offers application-level security to off-the-shelf solutions, and custom applications including third-party frameworks.

How does it mask credit card data? It gazes the online traffic, inspects and prevents attacks such as SQL injection and cross-site scripting (XSS). While filtering outgoing traffic, it hides credit card data, and aids to compliance with PCI-DSS and HIPAA.

Virtual domain technology (VDOMs), is another effective solution to Cloud security. It offers separate network security policies. It also prepares separate configurations for routing and VPN services connected to each network in or out of an organization.

As an example, when credit card data packets enter a VDOM, it offers continuous security by confining it to that specific VDOM. It ensures that data is not shared or leaked other than with those interfaces VCOM shares firewall policies for connections. This technology is used by FortiGate-VM, a product by Fortinet Technologies.

• Cloud firewalls are another option to dissuade hackers. As early as 2015, Minnesota-based Dairy Queen (DQ), a fast food restaurant chain, joined hands with Netsurion, a Cloud-managed IT service provider, to strengthen its network security and payment cards. DQ has more than 6,500 restaurant chains in the US, and the whole IT infrastructure process is decentralized. A Cloud firewall suits their decentralized infrastructure.

As far as the market for Cloud firewall is concerned, Infoholic Research predicts a growth of 27.7% CAGR during the period 2016–2022 heading to $2,676.0 million by 2022. And a few of the key players will be Cisco, Palo Networks Inc., Check Point Technologies Ltd., Juniper Networks Inc., Barracuda Networks Inc., etc.

Cutting-Edge Technologies
In Q1 of 2016, the US Department of Homeland Security, came up with 8 radical technologies developed under federal grants that are up for commercial usage. Learn a bit about 5 of them below:

New Technology #1
Dynamic Flow Isolation (DFI)
DFI controls software-defined networking (SDN), and implements security policies on-demand for ongoing operational and/or business needs.

It functions in both an automated mode and a manual mode. The process enables, disables, or limits communication rates among network services and individual users.

The software integrates authentication servers and intrusion detection systems from where it gains network’s current operational state (whether the network is attacked or not). Its ability to implement a small policy enforcement kernel within SDN controller updates access rules for all switches in that network, enabling the network to quarantine individual or groups of machines, and to block active attacks, thus preventing them from grasping critical resources.

New Technology #2
Work FLOW AnalyzER (FLOWER)
Network FLOW AnalyzER, or FLOWER, detects threats and collects data in the network which can be used for forensic investigations into incidents and design attack signature.

FLOWER inspects IP packet headers for gathering bi-directional flow of data, and identifies normal and abnormal traffic. It also detects potential breaches and insider threats.

New Technology #3
PcapDB
PcapDB functions by leveraging a database system that stores a very long history, which helps to detect attacks. It uses a technology which compresses the data to help store huge volumes of it in a very tiny disk space, and enables quick retrieval for analysis.

The software captures packets to understand the network traffic by organizing packet traffic flows. Pcap permits reconstruction of malware transfers, exhibit downloads, command messages, and exfiltrated data.

New Technology #4
REnigma
As part of Johns Hopkins Applied Physics Laboratory’s virtual machine record and replay, REnigma shares same technology. REnigma offers a simulation of malwares, and its operating features determining its attack patterns and origin.

In the case of a malicious code, REnigma transforms the encrypted format to the plaintext data in memory and gets the encryption key used for exfiltration.

This technology saves time for researchers by not going for its reverse re-engineering.

New Technology #5
REDUCE
Similar to FLOWER, REDUCE unfolds a relationship between malware samples and designs a signature for identifying threats. This software can compare multiple samples together — unlike others.

REDUCE performs static analysis on collated malware samples to categorize similar code sections that are linked with similar malware groups detected earlier. This empowers analysts to understand technical characteristics of the malware and their genesis.

As you can see, this is a short list of the new technologies being created to thwart hackers. Others include Socrates, SilentAlarm, and TRACER, to name just a few.

As the swing from traditional currency to technological money continues, ICT providers, banks, corporations and others, are looking for the right way to protect customers’ hard-earned money. And while you may not work with these technologies, it’s important to keep abreast of that which is occurring around you. That’s the only way to keep one step ahead of the threat and safeguard your customers’ credit cards from hackers.

About the Author

Bhaskar Nath

Bhaskar Nath is Senior SEO Specialist and Content Writer, Infoholic Research LLP. He has more than 5 years of experience in Digital Marketing, Research and Technical Writing. For more information, please email [email protected] or visit www.infoholicresearch.com.