How StackPath’s Intelligent Machine Learning Protects Financial Institutions Against Cyberattacks

In a Nutshell:  Cybercrime and the theft of sensitive user data is on the rise, with attacks becoming larger and more frequent in recent years. The perpetrators of these attacks are increasingly well-funded, organized groups that earn millions of dollars from their criminal enterprise. With the stakes so high, it requires increasingly more sophisticated cybersecurity measures to prevent these thefts. StackPath is a platform of inherently secure edge services—including CDN, web application firewall, and DDoS mitigation—that enterprises use to protect data and operations from threats and attacks. The intelligent StackPath platform is easy to install and use, and customers can be fully protected in seconds. //

Reports of cybercrime, ransomware, and the theft of personal data have been all over the news in recent years, with massive data breaches at companies like Equifax, Yahoo, eBay, Anthem, and Heartland Payment Systems, to name just a few. But if the image you have of such cyberattacks is that of individual hackers hunched over keyboards in a dark basement trying to crack passwords, that couldn’t be more out of date.

Today’s cyberattacks are generally conducted by well-organized groups, often state-sponsored, and certainly well-funded. These organizations are operated as criminal enterprises, with highly skilled programmers writing code to conduct targeted and specific attacks. And the preferred target of these cybercriminal organizations is financial institutions.

Banks and other financially lucrative entities that house our personally identifiable information are a treasure trove for anyone looking to commit identity theft, or increasingly, to sell our information on the dark web. Protecting our sensitive data, and keeping it out of the hands of these criminal organizations, requires a new and sophisticated strategy.

StackPath is a platform of inherently secure edge services—including CDN, web application firewall, and DDoS mitigation—that enterprises use to protect data and operations from threats and attacks. The intelligent StackPath platform is easy to install and use, and customers can be fully protected in seconds.

“Our focus is on user behavior and anti-automation,” explained Yaniv Parasol, Director of Product for StackPath. “Where traditional web security firewalls are focused on signatures and trying to identify attacks, our focus is on the behavioral approach.”

This behavioral approach to validating an access request is the sophisticated part of StackPath’s network security system. Think of it like this. Every time you attempt to login and access your bank or credit card account, a virtual request is sent to the servers at your financial institution. The servers then authenticate your request and grant access.

But how do they know it’s really you, and not a script or program trying to break in? That’s where StackPath’s comprehensive security platform can help.

The nature of cybercrime and the theft of sensitive data has evolved in recent years. Cybercriminals have identified vulnerabilities in operating systems and software of all types, and these potential exploits are commonly shared among groups of hackers. When new ones are discovered and published, the security teams scramble to build defenses that protect against the threats. They are frequently automated programs that crawl around the web looking for unprotected systems.

Network firewalls have been the traditional line of defense against cyberattacks, but there is a drawback to this method. For a firewall to detect an attack, the signature of the attack must be known, and a defense against it programmed into the firewall. The increasing automation and evolution of these attacks makes that a game of cat-and-mouse in many cases.

“More than 95% of malicious attacks are automated,” said Parasol. “By providing a good anti-automation and user behavior analysis, we can block most of the attacks without trying to focus on signatures and specific attack vectors. We’re trying to understand who is the user, and is the user good or bad—is the user human or automated.”

StackPath’s strategically placed “Points of Presence” provide customers the highest level of network security.

Intelligent threat detection like this is performed using a network of security devices that continuously aggregate and share information about potential attacks and threats. The type and method of these attempted hacks then become part of what the security devices keep watch for.

“In the past few years, when new vulnerabilities were discovered and attacks were identified, we went back and looked in our log files and found out that we blocked these vulnerabilities even before we knew they existed. That’s because of our ability to identify the user, and determine that this was a malicious user or an automated attack,” Parasol explained.

StackPath has designed and built a secure content delivery network (CDN) that does not rely on shared network equipment, but is fully owned and maintained by the company. This allows client servers and websites that reside on this network to perform better and respond to requests faster than on a shared network, while at the same time providing much stronger security protection.

Having a secure CDN means StackPath monitors all user requests and server responses in real time. This means any attacks are immediately known. These integrated safety measures protect and secure the StackPath network from the inside out. It also means greater security and much less latency.

“With regard to financial data and other sensitive information, we can also check the response from the servers,” said Parasol. “So, even if the site was hacked, we can identify if the site is sending sensitive information, like credit card numbers and Social Security numbers, and we can block this response. We’re not only checking for the request by the user, but also the response back from the website.”

Intelligent machine learning lets the security devices on StackPath’s CDN identify whether a user request is authentic based upon a range of factors. These include the number of attempts to access, the type of request, the IP address and whether it’s been spoofed, and even volume-based attacks. It can also check for the unauthorized use of ports, protocols, and services on the network, which may indicate an intrusion.

Even with its seeming complexity, the StackPath security platform installation and setup is surprisingly quick and easy. Companies that choose to move their services to the StackPath CDN can expect to be up and running in a matter of seconds — fully protected and secure.

“The benefits of security protection are immediate,” Parasol pointed out. “Even the deploying of new rules, when necessary, is a matter of a few seconds. In addition to our built-in security rules, companies can create their own security rules based on different parameters and scopes. These rules can be based on tasks, from simple to complex.”

StackPath support is also quick and easy, with 24/7 chat and phone response that averages less than one minute to get through. Ease of implementation, protection against the newest and most virulent cyberattacks, and a continuously evolving intelligent security network, all add up to the most advanced network protection available.

The biggest threat to enterprise computing today is cybercrime and being hacked. StackPath has built a secure CDN that gives financial institutions and other companies a better way to protect against such costly attacks. The unique platform of products and services combined under the StackPath suite of offerings can provide IT and security professionals with the peace of mind they’ve been looking for.