TrapX™, The global leader in deception-based cyber security defense, today announced that it has released the world’s first deception-based security solution specifically designed to protect the Society for Worldwide Interbank Financial Telecommunication (SWIFT) financial networks. Unlike other security solutions, TrapX is the only security company to include both Traps (decoys) and Tokens (lures) to capture today’s most proficient and persistent cyber attackers. The new capabilities imitate a variety of real SWIFT financial network computer terminals and web services. DeceptionGrid™ now includes emulation capabilities for SWIFT Alliance SAG, SWIFT Alliance SAA and SWIFT Alliance Web Platforms for Linux and Windows deployments and was specially designed to help financial institutions target and stop SWIFT financial network attackers.
“In the past year, SWIFT has been under attack by persistent cyber attackers, which have resulted in the theft of more than $100 million dollars from banks worldwide,” said Greg Enriquez, CEO of TrapX Security. “These attacks demonstrate a broad knowledge of bank operations as attackers combine them with sophisticated tools and techniques to penetrate target bank networks. The recent expansion of our DeceptionGrid emulation to include SWIFT financial network assets allows institutions to protect their most valuable assets by implementing a powerful security layer of deception on top of SWIFT’s closed systems, which does not impede on the existing security structure. This adds to our financial networks solution set that already includes protection for automated teller machines (ATM) networks, online banking application servers and more.”
The SWIFT financial network, like many core financial applications, is a closed system with well integrated internal security. Sophisticated cyberattackers that are able to penetrate a targeted financial network, can establish a “backdoor” and observe and map network assets without being detected for long periods of time. Enough time in the network allows attackers to learn operating procedures for major financial applications and then compromise the targeted systems. Attackers then access and capture authentication traffic and, ultimately, escalate their permissions, often to the administrator level to compromise the SWIFT financial network transactions in a variety of potential ways.
To better detect and defeat attackers who have already penetrated the network, TrapX DeceptionGrid surrounds the actual SWIFT assets with a blanket of protective Traps and Tokens that leads attackers to attractive fake SWIFT decoys, which look relatively undefended. However, each Trap has the ability to capture, contain and analyze attackers, while alerting the financial institutions security operations center (SOC) teams. Once the attacker is identified within the network, an in-depth report of the attack method is shared with SOC for assessment and remediation. This provides financial institutions with exceptional visibility situational awareness of activity within the internal networks.
In support of this product release, TrapX Chief Marketing Officer Anthony James will host a live webinar that will cover:
- The latest attack methods used to break into the SWIFT financial network
- Techniques organizations can implement today to decrease the chances of being a target
- How deception technology effectively shuts down attacks before assets are compromised
The webinar will conclude with a brief demonstration of deception technology as well as examples of how organizations are leveraging deception strategies with their existing security infrastructure. To register, please visit: http://trapx.com/webinar-defeat-swift-cyber-attacks/