How to Tackle Cybersecurity Challenges in Flexible Work Settings
As flexible work environments become the new norm, safeguarding company data against advanced cyber threats is critical. You can learn how to...
2 min read
Michael Markulec
:
Apr 2, 2021 4:00:00 PM
Recently, there has been an increase in cybercrime against financial services companies in New York. The New York Department of Financial Services has sent an alert about the threat to NY-based organizations, but one can only assume this threat also impacts companies outside of New York.
The attackers are targeting their public-facing websites of financial services companies to harvest Nonpublic Information (NPI). The NPI includes consumers' names, dates of birth, addresses, driver's license numbers, the vehicle makes and models, vehicle identification numbers, and household members' data. But the question is, what are these attackers doing with this information, and what can the target companies do to protect their consumers' data?
Once a consumer's NPI has been stolen, an attacker can then use that information to fraudulently claim benefits, such as unemployment, in the victim's name. The threat actors in this fraud campaign use the following methods to obtain a victims' NPI:
Fortunately, the New York State Department of Financial Services (DFS) has provided companies with some suggestions to protect themselves from becoming the attackers' next victim. In general, the DFS recommends that financial service companies check to see if they have implemented all access controls detailed in DFS' cybersecurity regulation 23 NYCRR 500. If they have not, they urge these companies to implement them as soon as possible.
In addition to implementing the controls outlined in DFS's regulation, organizations can;
Although intended for financial services firms, these recommendations are also recommended for any organization with Internet-facing systems containing NPI, PII, etc.
As flexible work environments become the new norm, safeguarding company data against advanced cyber threats is critical. You can learn how to...
In an increasingly digital world, safeguarding manufacturing environments from cyber threats is more critical than ever.
Discover how Microsoft Sentinel can be a game-changer for your small business's cybersecurity strategy.