Cyber terrorism is a persistent and global threat that PBI-FS must prepare for the inevitability of being targeted by a domestic or foreign cyber adversary. Since the world is connected through digital technology, you can no longer rely on local area or regional threat intelligence when planning security and countermeasure strategy against cyber-criminal activity and/or cyber terrorism. Moreover, PBI-FS is operating on foreign soil with past ties to criminal activities which puts them at even greater risk. There are several agencies, forums, and Cyber Threat Intelligence (CTI) communities such as Financial Services Information Sharing and Analysis Centers (FS-ISACs), Information Sharing and Analysis Organizations (ISAOs), and the Cybersecurity and Infrastructure Agency (CISA) for current Intel on cyber terrorism and emerging cyber threats. In addition, PBI should invest in becoming a member of one more of these organizations to stay ahead of all of the threats and additional risk factors that are common to the financial industry. Per CISA (2014), “Large-scale power outages, recent natural disasters, and an increase in the number and sophistication of cyberattacks demonstrate the wide range of potential risks facing the sector”. By collecting and analyzing the data from multiple sources, PBI-FS can strategically plan its cyber defense countermeasures against the threat of cyber terrorism.

With that being said, cyber terrorism is defined the act or “means to damage information, computer systems and data that result in harm against non-combatant targets which can be motivated or inspired by a religious, cultural, social, economic and political agenda” (Littlefield, 2017). It is closely related to “hactivism” but can be purely financially motivated with other factors aforementioned as added justification as in the case of North Korea and ISIS based hackers. More specifically, a recent Cyber Alert (AA20-106A) by CISA provides guidance on a real ongoing threat to the global financial sector by North Korea. PBI-FS is a prime candidate to exploit as it has the qualities or characteristics (US power/considered Infidels) that make it a justifiable target by the aforementioned cyber terrorist organizations.

The Democratic People’s Republic of Korea (DPRK) or North Korea poses several threats to US based interests abroad. Some of the threats that DPRK (cyber terrorism) poses to PBI-FS as reported in CTI briefs and forums is through the use of Malware, Denial of Service, Ransomware and other tactics to disrupt operations or steal data and funds. Moreover, “The DPRK’s malicious cyber activities threaten the United States and the broader international community and, in particular, pose a significant threat to the integrity and stability of the international financial system” (CISA, 2014). As the former IBS business was involved in money laundering involving cryptocurrencies it is important to note that DPRK is infamous for the use of “cryptojacking”, “cyber-enabled financial theft” and a “digital currency exchange hack” that stole over $250 million dollars (CISA, 2014) per the CISA Alert (AA20-106A).

PBI-FS must be aware of the tactics that the DPRK and other cyber terrorist use such as extortion campaigns, and Ransomware (WannaCry 2.0) as well as the other methods mentioned above. At a minimum, PBI-FS should invest heavily into a Security Information and Event Management (SIEM) solution and upgraded Firewall/IDS applications. Moreover, the PBI leadership should respond to the threat landscape by augmenting their security posture by standing up an Incident Response Team of Security operation Center (SOC) that deals with identifying, isolating, mitigation and recovering from cyber-attacks (Secureworks, 2017). These are only recommendations but based on reliable Intel, every effort should be made to stay ahead of the threat agents that are evolving daily.

In closing, PBI-FS must be vigilant in shoring up its defenses against the inevitable threats that it will face during its five year trial period as its own entity. The M&A team should fulfill its responsibilities and perform its due diligence in surveying the threat landscape in an effort to develop the best Cybersecurity Strategy to defend it Business/Project Goals & Objectives. Getting plugged in with the cyber intelligence sharing communities and other CTI organizations is a great way to harden their security posture and get prepared for the fight. Finally, operating on foreign soil also presents its challenges, but if the proper steps and best practices are applied, then PBI-FS will be ready to meet them.

CISA. (2014). Financial services sector. Retrieved from https://www.cisa.gov/financial-services-sector

Littlefield. (2017). Cyber Terrorism: understanding and preventing acts of terror within our cyber space. Retrieved from UMGC reference material CSIA 485.

Secureworks. (2017). Cyber threat basics, types of threats, intelligence & best practices. Retrieved from https://www.secureworks.com/blog/cyber-threat-basi…

Reply to Thread