Case Study: Cybersecurity Upgrades for Asian Bank

A prominent Asian retail bank with around 550 branches that provides comprehensive financial services to over 2.5 million customers was in need of security upgrades for its IT infrastructure.

Challenge

The bank required help in testing and upgrading its IT infrastructure’s existing security measures. The task required a team of experienced cyber security experts who could identify gaps in existing security measures and improve them. The bank required the following:

Vulnerability analysis and monitoring of the external network.
Vulnerability analysis and tracking of the external network. (Servers, firewalls, etc.).
Assess client digital channels (online banking, mobile banking, QR code payments, clients’ payments, and social media communication) for security risks.
Modeling of cyberattacks on employees’ emails to test their sensitivity to hacking.

Solution

TechPandas’ qualified cybersecurity professionals performed the following security testing services:

The team assessed sixty external IP addresses for vulnerabilities and penetration tests.
Conducted vulnerability assessment and penetration testing of internal networks.
The team assessed client digital channels (online banking, mobile banking, mPOS merchant service, QR code payments, clients’ payments, and social media communication) for security risks.
The team simulated attacks against social engineering.

After conducting tests on the existing security system, our team devised a list of recommendations to further strengthen the bank’s IT infrastructure.

Vulnerability analysis and monitoring of external network

TechPandas performed black box vulnerability scanning on the bank’s networks. This method involved using user login information but denying access to the entire network. The team found the Customer’s remote server vulnerable to external tampering during grey box penetration testing. We advised the bank to contact the server software provider to resolve the issue.

One of the improvements were to stop the leakage of private IP addresses from the DNS server to web links accessible to the customer’s clients.

Our team used grey box penetration testing to scan the customer’s internal network for vulnerabilities and exploit the ones found. They uncovered a server using the out-of-date HTTPS protocol, which was essential for storing client data in the banking environment.

Furthermore, our team used a remote operation to access the files of all networking groups on the customer’s firewall, which a third-party vendor configured. As a result, potential attackers could exploit this vulnerability to gain user privileges and take control of the customer’s server. The following are some of the recommendations for resolving the internal network issues:

The HTTPS protocol update
Firewall software to be updated or changed.

Client digital channels assessment for security risks

The team looked at the security threats associated with the following customer digital channels: online banking, mobile banking, QR code payments, customer payments, and social media engagement. The team discovered many hazards in the customer’s clients’ revenue and communication service:

Using clients’ contacts to carry out harmful operations (e.g., fund transfers).
Creating harmful conversations with the contacts of the clients.

Our team suggested the following changes:

Adding authentication features for payment and communication service users to prevent malicious communications.
Adding payment and other fund transfer confirmation features.

Simulation of social engineering

Security experts simulated phishing assaults on bank employees’ email accounts. The cybersecurity professionals persuaded 65 percent of the employees targeted to transmit personal information via email, allowing intruders to steal user credentials.

To counter this, the bank was advised to perform social engineering and email phishing training sessions for their staff and disseminate current cybersecurity concerns.

Results

The bank received complete reports on the system vulnerability assessment, network monitoring, and security risk evaluation of the client’s digital channels and mitigation recommendations for the vulnerabilities detected. After addressing the vulnerabilities according to the suggested solution, the bank conducted a retest, which revealed an elevated security level of the network’s external perimeter and internal environment.

After TechPandas’ recommendations were implemented, the bank conducted further cybersecurity tests. These tests revealed a noticeable improvement in the bank’s overall cybersecurity.