Gaining access to a network is rarely a hacker's biggest challenge. Getting data out, without being detected, can be much more challenging. But the rise of sophisticated tunneling techniques has changed that. And the financial sector is most vulnerable.
Global financial services organizations are seeing a significant uptick in the rate of being actively targeted by sophisticated cyber-attackers using hidden-tunnel techniques for post-intrusion data exfiltration.
In an attempt to steal critical data and personally-identifiable information (PII), cybercriminals are building hidden tunnels into compromised systems to further break into networks and steal critical data and personal information, while remaining largely undetected. That’s because the traffic flowing through these tunnels looks and behaves just like normal web traffic, such as packets flowing to and from legitimate cloud apps that workers are using.
As a result, the technique allows the malicious traffic to camouflage itself alongside the high volume of traffic from web-based enterprise applications, effectively evading strong access controls, firewalls and intrusion detection systems.