Over the past couple years, Business Email Compromise (BEC) attacks have wreaked havoc on businesses around the world. One of the most notable examples being the Bangladesh Bank heist. As cybercriminals evolve however, they are starting to advance these tactics to create a new, more nefarious type of attack. This session will describe this new attack method, Business Process Compromise (BPC), and explain how cybercriminals’ understanding of how major institutions process financial transactions is being used increase their payout. While a BEC attack might yield a hundred thousand pounds by luring an innocent employee to transfer money to a criminal’s account, hacking directly into a financial transaction system could result in far greater financial windfalls for criminals.
Attendees will hear several real-world examples highlighting how BPC works, such as the Antwerp Seaport shipping container system hack that allowed cybercriminals to reroute and smuggle drugs. They will also learn about a compromised cargo system controlled by the Australian Customs and Border Protection Service agency. These stories will help illustrate how enterprises with limited visibility of the risks associated with business processes can be easy targets.
Finally, the session will outline specific steps that organisations can take to recognize and defend against Business Process Compromise. The speaker will demonstrate how security technologies like application control can lock down access to mission-critical terminals while endpoint protection detects malicious lateral movement. He will also explain why strong policies and practices regarding social engineering must be part of an organisation’s defence plan.
5 benefits to the audience of attending your presentation
Dr Morton Swimmer
Senior Threat Researcher, Trend Micro FTR
How can Trend Micro help with designing a security blueprint for hybrid cloud infrastructure?
Book a meeting with – Bill McGee, Senior Vice President – Cloud & Data Centre Security, Trend Micro
What are the major threats I need to be aware of in 2017 and beyond?
Book a meeting with – Rik Ferguson, Vice President Security Research, Trend Micro
Where can Trend Micro help my business comply with the GDPR regulation?
Book a meeting with – James Walker, SE Manager UKI, Trend Micro
How can Trend Micro help me with automating security for workloads running in Azure and AWS?
Book a meeting with – Bharat Mistry, Cyber Security Consultant UKI, Trend Micro
What does business process compromise mean for my business and where can Trend Micro help?
Book a meeting with – Dr Morton Swimmer, Senior Threat Researcher, Trend Micro FTR (Forward Looking Threat Research)
How can Trend Micro help with ransomware mitigation and detection of advanced malware?
Book a meeting with – Simon Edwards, European Cyber Security Architect, Trend Micro
How can Trend Micro and VMware NSX help me improve security and compliance controls in the data centre?
Book a meeting with – Martin Tarala, Data Centre Architect, Trend Micro