Thinking Like the Enemy: Banks Conduct “Self-Hacks” to Strengthen Defense Against Cyberattacks

  • By Elizabeth Radziul
  • in
  • on March 19, 2020

Sometimes you have to think like the enemy in order to stay one step ahead of them, at least according to the American Bankers Association. As cybersecurity experts strengthen their defense against increasing security breaches, cybercriminals continue to improve their own capabilities. The solution? “Self-hack” their own systems to determine key vulnerabilities in order to find a way to eliminate them. 

“I could compare it to an arms race,” says Nicholas Antill, Senior Vice President and Senior Security Manager at PNC Bank. Antill draws this comparison based on the constant skill and technology improvement on both ends, which results in a continuous power struggle between hacker groups and cybersecurity teams. Many of the 300 banks hacked in December of 2019 by the Russia-based hacker group Evil Corp are conducting their own hacks to prevent future breaches. Many are relying on in-house teams and contracting third-party vendors to act like hackers and test their systems for weak points. Some, however, are taking more extreme measures an enlisting real, non-criminal hacker groups called “white hat hackers” for a more realistic simulation. Regardless of the approach, each self-hack method aims to achieve the same thing: to get inside the mind of a cybercriminal.

Another factor to consider, in addition to who will be conducting the test, is which kind of test will be conducted. There are several types of testing, each with different factors used to produce different results.

Penetration Testing

Penetration testing, otherwise known as “pentesting” is the most common type of self-hack. Pentesting involves hacking an individual network or application to detect any vulnerabilities not covered by other security measures. Caroline Wong, chief strategy officer at the security testing firm recommends starting with this method to find where weaknesses lie, such as in mobile apps or cloud infrastructure. 

Under the umbrella of penetration testing, there are three different types to consider.

Black-Box Testing

In a black-box test, the hacker has no knowledge of the system it is attacking. This approach more realistically simulates an actual attack, as the average malicious hacker would not have inside knowledge of the system’s operations.

White-Box Testing

White-box testing is conducted by someone with a comprehensive understanding of the system. White-box testing is very thorough because the tester is familiar with the nuances of the system’s security, and therefore knows where to look for vulnerabilities.

Gray-Box Testing

Gray-box testing is conducted by someone who has some understanding of the system’s inner workings, but not extensive knowledge. This method combines the benefits of black-box and white-box testing and may emulate a hacker who may have been able to obtain some knowledge of the system prior to the attack.

Red Team Testing

Red team testing is a more formal, experiment-like, test in which the “red team” acts like actual hackers and launches an attack on the company’s “blue team”. Red-team tests are conducted on a wider scale and often use specific tactics used by known security threats. The target and objective of a red team test are specific and narrowly focused compared to those of a penetrative test. Wong recommends starting with pentesting for a more broad overview of the security system and a general understanding of where vulnerabilities lie. Red team testing is typically conducted by companies with a higher security level that are looking to fine-tune specific weaknesses. Red team testing aims to accurately simulate a real attack, so they typically last two to six months. The tests target both software and human-related weaknesses and threats. 

The benefit of carrying out a “self-hack” rather than simply using scanning software to detect vulnerabilities is the human element involved. “If we were bad guys, you know, what would we use to get in?”, says Aaron Shilts, president, and COO of vulnerability assessment firm NetSPI. Once weaknesses are detected, it’s up to leadership to reevaluate security across all channels and personnel. 

As more and more companies around the world are hiring hackers to test their defenses, questions of standardization are raised. The European Central Bank has released the European Framework for Threat Intelligence-based Ethical Teaming, or TIBER-EU, which lays out standardized practices for institutions that execute self-hacks. Tyler Leet, Director of Risk, Information Security, and Compliance Services at core banking and cybersecurity provider CSI, warns to only use these tests to “actively look to learn from the results” and to avoid pointing blame at employees. 

When done right, self-hacks prove to be very helpful for banks and financial institutions looking to find gaps in their network security. The best way to beat hackers and their rapidly improving capabilities is to stay one step ahead of them, which means thinking like them and constantly hunting for weaknesses they could exploit. 

Cybersecurity Innovation Starts HereCISO WEST AUGUST

Digital Transformation involves ongoing exploration by today’s leaders, and our best advice is to not trek the journey alone. Our Transformational CISO West Assembly coming this August in Las Vegas is set to be an inspiring event featuring some of cybersecurity’s top C-Suite executives.

We know what you’re thinking…

This isn’t Your Run-of-the-Mill Conference or Summit.

Our Founders, like many C-Suite executives today, became disillusioned by the slew of retail conferences, summits and events on the market today that promised “world class networking” opportunities with leading industry decision-makers. In reality, they found that these events had antiquated discussion topics presented in an impersonal format, and quite frankly, it seemed like just about anyone could attend the event.

What Makes a Millennium Assembly Different? 

We’re dedicated to creating the greatest think tank of today’s executives from some of the most prominent companies today. Our invite-only events consist of 55 carefully selected leaders holding C-Suite, EVP, and SVP positions from Fortune 500 companies.

These attendees are provided the opportunity to intimately connect in workshops & roundtables with fewer than 25 people, with interactive networking opportunities at our cocktail hour and Gala Keynote Dinner and personalized 1:1 meetings. This is an experience like no other, all taking place at some of the most beautiful hotel and resort venues in the country.

We’re serious about executive education. Our Assembly Agendas are data-driven and curated from our industry-expert Advisory Board, a group of 26 industry movers and shakers with a proven record of digitally transforming organizations from the ground-up. The prevailing topics and trends discussed at this assembly will cover the most poignant challenges affecting leaders today.

The Millennium Alliance’s goal is to change the way leaders look at executive education, and you won’t find this level of content, discussion, and networking anywhere else. We’re on the journey to digitally transform the marketing industry with you.

Join the Assembly

Want to find out if you qualify? Millennium Membership >>

Are you a Solution Provider interested in Sponsorship Opportunities? Learn More >>

Leave a Reply

PUBLISHED BY Elizabeth Radziul

View all posts by Elizabeth Radziul

Related Posts


Sujeet Bambawale, CISO of 7-Eleven, Returns to Keynote Our Upcoming CISO Assembly!

After an excellent keynote address in 2021, The Millennium Alliance is proud to announce Sujeet Bambawale is back by popular demand and will return as keynote speaker for the upcoming Transformational CISO Virtual Assembly taking place on March 8-9, 2022. Bambawale has proven himself to be a cybersecurity trailblazer as CISO of the iconic 7-Eleven brand. […]

#MillenniumLive , Healthcare , Interview , Podcast

#MillenniumLive on Automation in Healthcare RCM with AKASA

#MillenniumLive welcomes Benjamin Beadle-Ryby, Co-Founder and Vice President at AKASA. Ben joins us to chat about the challenges of healthcare RCM, the growing importance of resource optimization, and how AKASA’s unique technology is using automation to drive the future of high-quality patient care. Watch the video interview below, or listen on Spotify, Apple, Amazon Music, Google Podcasts, or SoundCloud. About […]

#MillenniumLive , CISO , Interview , Podcast

#MillenniumLive on Assessing Digital Risk with CybelAngel

#MillenniumLive welcomes Todd Carroll, CISO and Vice President of Cyber Operations at CybelAngel. We take a look at assessing digital risk and how best to manage it, how ransomware continues to be a major threat to many companies, and the ways CybelAngel protects clients from ransomware and supply chain attacks. Watch the video interview below, […]

#MillenniumLive , CIO , Interview , Podcast

#MillenniumLive on The Technology That’s Leading Innovation with Gerri Martin-Flickinger

Gerri Martin-Flickinger, Executive Vice President & Chief Technology Officer at Starbucks sits down with Millennium to discuss what’s happening at Starbucks, the technology that’s leading innovation, and goals for next year. As CTO, Gerri is responsible for technology strategies and teams that enable Starbucks to connect with its customers worldwide. Listen on Spotify, Apple, Amazon Music, Google Podcasts, […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Millennium Alliance Membership

Learn More Next

What does it mean to be a Millennium Member? In the midst of the constant disruption across all industries, our members are given the tools they need to digitally transform their organizations and become the best leaders they can be. Millennium Members are provided the exclusive opportunity to attend our 40+ intimate in person and virtual Assemblies, take part in industry-leading Executive Education sessions conducted by the nation’s leading academic institutions, business leaders, and technology providers and receive industry leading content through our Digital Diary Platform as well as the rapidly growing #MillenniumLive Podcast Series.