Orange Cyberdefense works with a large European bank, which provides a full range of services to private retail and corporate clients. They have a robust security infrastructure in place but found it inadequate to shield against the growing challenge of advanced persistent threats (APTs). These threats use advanced tactics that continue over an extended period of time and can remain unnoticed.
The bank's IT team had identified threat management services as the answer to this security challenge. Because the bank took a holistic approach to security, it needed services that could integrate and work seamlessly together to fill any vulnerability gaps. At the same time, it did not have the in-house skill set or resources to cover every corner of the threat management ecosystem. This was especially true in terms of visibility on rogue websites and monitoring DNS traffic for potential attacks, along with advanced persistent threats and phishing.
Although the bank looked at several vendors to enhance its threat management capability, it already had a good working relationship with Lexsi. This European cybersecurity company, which specialized in threat intelligence services, was acquired by Orange Cyberdefense in 2016. Because of the service quality and responsiveness received from Lexsi, the bank was happy to put its trust in Orange.
DNS and phishing website monitoring
After discussing its requirements with the Orange Cyberdefense team, including a deep dive with its technical teams, the bank chose the Orange DNS and website monitoring services – both being part of an extensive threat management portfolio on offer. The real-time (DNS) monitoring solution detects deviations in, for example, registered domain names or DNS usage, which can indicate a security breach via malware.
The website monitoring service proactively monitors for phishing websites, which are taken down when detected. The bank, like all financial services companies, has a high level of intimacy with its customers. Phishing in this sector is accelerating, and the bank wanted to quickly address this to give customers confidence in the financial services it provides.
The bank has been extremely happy with the performance of the services. Over a 6-month period, more than 100 phishing websites that were actively attempting to defraud the bank’s customers were identified.
The bank has noted that the solutions have added real value to its security estate, giving it access to add services as required, without integration headaches.
Following the success of these solutions, the bank is looking to broaden its cybersecurity and enhance its mobile security strategy with a rogue application monitoring solution that will monitor app stores and websites for malicious apps.
Find out the six steps you need to take to get on top of cyber threats.
Peter Franken has been working in IT security for over 30 years. As security researcher and consultant, he worked for the Dutch government, developed the architecture of a NATO military project, participated in European security studies and helped to secure commercial organizations. He was one of the original authors of product evaluation criteria (the Common Criteria) and provided master classes on IT security (post graduate).