Business Process Compromise: The Next Step in Advanced Targeted Attacks

APTFilter AVGNews CERT-LatestNews FSecureNews KasperskyNews Malware McAfeeNews Security News SocialEngineering SophosNews SymantecNews ThreatsActivists ThreatsCybercrime ThreatsEconomic ThreatsStrategic TrendMicroNews Uncategorized VulnerabilitiesAdobe VulnerabilitiesAll VulnerabilitiesApple VulnerabilitiesApplications VulnerabilitiesCisco VulnerabilitiesCrypto VulnerabilitiesDBMS VulnerabilitiesFirmware VulnerabilitiesGoogle VulnerabilitiesHardware VulnerabilitiesLinux VulnerabilitiesMicrosoft VulnerabilitiesMozilla VulnerabilitiesNetwork VulnerabilitiesOS VulnerabilitiesVMWare VulnerabilitiesVOIP

While it sounds similar to Business Email Compromise, Business Process Compromise is an entirely new beast.

Targeted attacks have come a long way in recent years, leveraging increasingly advanced techniques aimed at specific individuals. Often, these hackers pinpoint a single person within an enterprise, steal their credentials, log into an account, and leverage this position to find sensitive information. Business email compromise, supported by extensive research and tailored messages, is one example of the ways in which hackers are propelling their malicious capabilities to ever-increasing heights.

Now, however, a new threat has come to light: Business Process Compromise. While it sounds similar to BEC, BPC is an entirely new beast.

How BPC works

As this video from Trend Micro points out, as opposed to targeting a specific individual within a victim organization, BPC sees hackers focusing on a certain process the enterprise uses to complete important daily tasks. Once inside the system, hackers seek out activities, loopholes or entire systems ripe for compromise, and use this to their advantage in the attack.

[embedded content]

The purpose of this style of attack is to learn as much about an organization’s processes as possible, including all of the activities and systems leveraged for business. From here, hackers are able to pinpoint vulnerabilities within these processes and platforms, which can be subtly adjusted or manipulated. In this way, systems continue to function as usual from the company’s standpoint. However, the cybercriminal is working in the background to steal data, siphon profits or even steal physical items.

Has BPC been successful?

While a considerably new style of hacking, several high-profile attacks have succeeded thanks to BPC. This includes attacks on the Bangladesh Bank, where hackers compromised processes to the point that they were able to steal authentication credentials enabling bank transfers. This BPC-supported activity resulted in multiple fraudulent transfer requests for more than $100 million.

Not long afterward, Vietnam’s Tien Phong Bank was targeted by hackers in a BPC attack. Thankfully, the organization was able to recognize hackers’ fraudulent transfer requests, and the theft of more than $1 million was blocked.

Guarding against BPC

Because this style of attack is so new, the first step in protection is simply ensuring awareness of BPC, especially within the IT team. Security managers with knowledge of this type of malicious activity can be in a better position to monitor for suspicious system manipulations and cease wrongful activity in its tracks.

In addition, Trend Micro security experts recommend having a robust view of the network and all of its connected components, as well as ongoing audit policies. This can help IT personnel pinpoint any system adjustments that could point to BPC.

To find out more about this threat and the kinds of cybersecurity solutions that can help guard against it, check out Trend Micro’s new interactive BPC online resource here.