It’s a well-known fact that fintech is one of the most innovative fields at the moment, with some serious investment from banks/private equity/VC and government.įinastra is the third largest fintech in the world, with 8,500 financial institutions as clients. What is Finastra doing now?įinastra quickly recovered after the incident and, in 2021, became one of the partners that help make the 2021 edition possible. Meanwhile, the US Department of Homeland Security warned organizations that as they transfer to remote work because of COVID-19, they should heighten their attention to cybersecurity and take particular care of the VPNs their employees use. FortiGuard Security Advisory FG-IR-18-384.Palo Alto Security Advisory PAN-SA-2019-0020.Recently, CISA referred administrators to the following upgrades: The National Security Agency provides details on relevant updates and on how to mitigate recent VPN vulnerabilities. Assuming the use of client certificates or two-factor authentication (2FA) can prevent CVE-2019-11510 RCE pre-auth vulnerability is less than a misfortunate course of action and an undesired one, to say the least. Other than applying the patch and updates provided by the vendor there is no viable workaround. ![]() Cybersecurity and Infrastructure Security Agency (CISA) provided a list of outdated software patches with vulnerabilities and warned users: New kid on the block – RaaS – Ransomware as a Service They admitted to having as a priority ensuring the integrity of their servers before bringing them back online and protecting their customers and data. Statement here as we continue to investigate: Finastra’s Course of Actionįinastra has used an ‘isolation, investigation and containment approach in which the company disconnected its affected servers while it contained the breach and at the same time managed to conduct a rigorous review of their servers, before restoring them on Monday morning.Īs announced earlier, Finastra teams learned of potentially anomalous activity on our systems. We have also informed and are cooperating with the relevant authorities and we are in touch directly with any customers who may be impacted as a result of disrupted service.īad Packets, a threat intelligence company, said that its Internet-Wide scans discovered that the fintech company was running unpatched servers for a long time, therefore, leaving its systems exposed to attacks.įinastra seems to have run outdated Pulse Secure VPN servers, and also ran outdated Citrix servers before being attacked, with both technologies facing severe vulnerabilities mass-exploited by hackers. ![]() While we have an industry-standard security program in place, we are conducting a rigorous review of our systems to ensure that our customer and employee data continues to be safe and secure. We are working to resolve the issue as quickly and diligently as possible and to bring our systems back online, as appropriate. ![]() Out of an abundance of caution and to safeguard our systems, we immediately acted to voluntarily take a number of our servers offline while we continue to investigate.Īt this time, we strongly believe that the incident was the result of a ransomware attack and do not have any evidence that customer or employee data was accessed or exfiltrated, nor do we believe our clients’ networks were impacted. ![]() Upon learning of the situation, we engaged an independent, leading forensic firm to investigate the scope of the incident. This is where they revealed the fact they have suffered a serious ransomware attack as a result of the incident.Įarlier today, our teams learned of potentially anomalous activity on our systems. The note it was mentioned that they should be expecting an “outage” that will imminently disrupt key services of the fintech company, moreover for the North American clients, whilst pointing out that the cause of the outage could be the result of a “potential security breach,” Finastra investigating the issue.Ī few hours after communicating this message to its clients passed and Finastra issued another statement where they provided further details regarding the nature of the breach. On March 20 th, 2020, sources from two United States financial institutions alerted a cybersecurity writer saying they received a notice from Finastra. and, since June 2017, provides a wide range of software and services across the financial services ecosystem, ranging from retail and investment banking systems through to treasury, payments or cash management, trade and supply chain finance just to name a few offerings.įinastra’s has 9,000 customers including 90 of the top 100 banks globally and it employs over 10,000 whilst having an annual revenue of close to $2 billion. The Finastra ransomware attack was aimed at the world’s third-largest financial services software provider in March 2020.įinastra was formed through the merger of Misys and DH Corp.
0 Comments
Leave a Reply. |