M&T Bank Shores Up Defenses Against Malware - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Infrastructure

M&T Bank Shores Up Defenses Against Malware

Aggressive use of security software and strict data-management policies have helped the bank fight off online attacks.

Four days after signing a contract with Symantec Corp. in April, M&T Bank got hit with a phishing attack in which a barrage of 15 million E-mails got sent to customers with the purpose of tricking them into revealing their passwords. The upshot was that the bank received a total of seven phone calls related to the incident. The Symantec anti-fraud software had detected the fraudulent E-mails and alerted M&T's customers to disregard them.

M&T Bank, a $53-billion asset bank based in Buffalo, N.Y., takes seriously the threats posed by perpetrators of phishing and pharming attacks, as well as spam, spyware, and identity theft. It's gotten hit with two phishing attacks in the past six months as perpetrators have gone down-market: Where they used to target the largest banks, they're now going after mid-tier banks like M&T.

M&T has made Symantec's Online Fraud Management Solution the crux of its strategy for combating online fraud. The system blocks fraudulent E-mails from reaching consumers and alerts the bank that customers are under attack. It also provides education and tools for customers to conduct their own desktop security assessments. M&T is offering customers a 20% discount on additional Symantec products for eliminating spyware, viruses, and other forms of malware.

To guard against customer information being lost or stolen, M&T has adopted a policy of not allowing such data to be stored on laptops; instead, information is only stored at a central location where it can be monitored. The goal is to avoid joining the list of banks that have had to notify customers of a security breach, says Matt Speare, M&T's chief information security officer.

Thanks to an aggressive and proactive patch management policy, the bank has suffered little damage from Internet-based attacks such as the recent Zotob virus, which affected only about 20 of the bank's several thousand servers. However, the number and virulence of attacks are increasing, says Speare. The greatest risk is from "supervariants" that combine attack elements, such as distributed denial-of-service and the ability to steal information. "It is going to happen," Speare says. "Someone is going to figure out how to combine four or five attack vectors and start grabbing credit card and Social Security numbers."

Internally, M&T has built up its defenses inside the perimeter. An "application security firewall," using software from Teros Inc., prevents hackers from using techniques such as SQL injection to gain access to sensitive databases. The application security firewall sits right behind the network firewall; when it detects a string of unfamiliar characters in a message from an online app, it automatically terminates the session.

Speare's 50-person group is involved from the start with every technology project that gets generated by the bank's lines of business. The information security staff is "in lockstep" with the corporate security and compliance departments, he says.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Commentary
The Best Way to Get Started with Data Analytics
John Edwards, Technology Journalist & Author,  7/8/2020
Slideshows
10 Cyberattacks on the Rise During the Pandemic
Cynthia Harvey, Freelance Journalist, InformationWeek,  6/24/2020
News
IT Trade Shows Go Virtual: Your 2020 List of Events
Jessica Davis, Senior Editor, Enterprise Apps,  5/29/2020
White Papers
Register for InformationWeek Newsletters
The State of IT & Cybersecurity Operations 2020
The State of IT & Cybersecurity Operations 2020
Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!
Video
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
Slideshows
Flash Poll