External Website Monitoring Provides Early Cyber Attack Threat Warnings
In addition to the internal system security and protections a bank uses, external website monitoring aids in quickly recognizing and dealing with potential security threats. In many cases external monitoring provides the earliest warning and helps to pinpoint what is going wrong during a cyber attack.
Banks urged to “ensure constant diligence in monitoring”
In response to recent DDoS attacks on banks, the Financial Services Information Sharing and Analysis Center (FS-ISAC) has urged banks to “ensure constant diligence in monitoring and quick response to any malicious events.” A solution like Dotcom-Monitor can help by continually monitoring a bank’s website and login portals and alerting a bank’s IT, or cyber security staff the moment an issue is detected.
Dotcom-Monitor uses real browsers to proactively test banking and other professional industry websites for performance, uptime and functionality. Monitoring agents are located outside the bank’s firewall, and monitor the banking website, or web application, from Tier-1 data centers around the world. Dotcom-Monitor employs non-cached monitoring with high frequency testing, propagating domain name server (DNS) queries to the root name servers with each monitoring instance. When a website is monitored using a non-cache method, an error is identified more quickly than a cached monitoring approach, so a designated workaround, like active fail-over, can be implemented.
When unexpected website performance issues occur, from page load problems to small element delays, it might be an early indicator of server loading, or system stress that is typical for a DDoS cyber attack, or other cyber attack. Unexpected changes in performance results in an instant alert from the monitoring service (via Phone/Voice, SMS text message, Numeric Pager, Email, Wireless Email, and/or SNMP Console), notifying the organization that the users are not experiencing online services as expected. If the performance issues are caused by a bank cyber attack, the early warning gives the bank an opportunity to deal with the threat early, before websites and business critical applications are down, or user services become unavailable.
Early Warning Alerting – Detecting Cyber Attacks
Earlier this year, when a large financial institution’s website went down due to a DDoS attack, Dotcom-Monitor detected intermittent issues in page render time from monitoring agents located worldwide. The performance of those agent locations was impacted, but the page uptime remained consistent. Dotcom-Monitor UserView technology saw the improperly rendering elements, recorded the instances, and alerted monitoring clients to the issues.
User-experience monitoring coupled with external website monitoring should be a part of every bank and financial institution’s managed IT service protocol. In addition to 24/7 monitoring, detection, and diagnosis of banking website problems, accurately monitoring a banking industry website can aid in quickly recognizing and dealing with potential security threats.
For more on how external website monitoring can be an effective tool in your cyber security portfolio, see our post: Proactive Cyber Security Monitoring – Preventing Phishing Attacks.