Thinking Like the Enemy: Banks Conduct “Self-Hacks” to Strengthen Defense Against Cyberattacks

  • By Elizabeth Radziul
  • in
  • on March 19, 2020

Sometimes you have to think like the enemy in order to stay one step ahead of them, at least according to the American Bankers Association. As cybersecurity experts strengthen their defense against increasing security breaches, cybercriminals continue to improve their own capabilities. The solution? “Self-hack” their own systems to determine key vulnerabilities in order to find a way to eliminate them. 

“I could compare it to an arms race,” says Nicholas Antill, Senior Vice President and Senior Security Manager at PNC Bank. Antill draws this comparison based on the constant skill and technology improvement on both ends, which results in a continuous power struggle between hacker groups and cybersecurity teams. Many of the 300 banks hacked in December of 2019 by the Russia-based hacker group Evil Corp are conducting their own hacks to prevent future breaches. Many are relying on in-house teams and contracting third-party vendors to act like hackers and test their systems for weak points. Some, however, are taking more extreme measures an enlisting real, non-criminal hacker groups called “white hat hackers” for a more realistic simulation. Regardless of the approach, each self-hack method aims to achieve the same thing: to get inside the mind of a cybercriminal.

Another factor to consider, in addition to who will be conducting the test, is which kind of test will be conducted. There are several types of testing, each with different factors used to produce different results.

Penetration Testing

Penetration testing, otherwise known as “pentesting” is the most common type of self-hack. Pentesting involves hacking an individual network or application to detect any vulnerabilities not covered by other security measures. Caroline Wong, chief strategy officer at the security testing firm recommends starting with this method to find where weaknesses lie, such as in mobile apps or cloud infrastructure. 

Under the umbrella of penetration testing, there are three different types to consider.

Black-Box Testing

In a black-box test, the hacker has no knowledge of the system it is attacking. This approach more realistically simulates an actual attack, as the average malicious hacker would not have inside knowledge of the system’s operations.

White-Box Testing

White-box testing is conducted by someone with a comprehensive understanding of the system. White-box testing is very thorough because the tester is familiar with the nuances of the system’s security, and therefore knows where to look for vulnerabilities.

Gray-Box Testing

Gray-box testing is conducted by someone who has some understanding of the system’s inner workings, but not extensive knowledge. This method combines the benefits of black-box and white-box testing and may emulate a hacker who may have been able to obtain some knowledge of the system prior to the attack.

Red Team Testing

Red team testing is a more formal, experiment-like, test in which the “red team” acts like actual hackers and launches an attack on the company’s “blue team”. Red-team tests are conducted on a wider scale and often use specific tactics used by known security threats. The target and objective of a red team test are specific and narrowly focused compared to those of a penetrative test. Wong recommends starting with pentesting for a more broad overview of the security system and a general understanding of where vulnerabilities lie. Red team testing is typically conducted by companies with a higher security level that are looking to fine-tune specific weaknesses. Red team testing aims to accurately simulate a real attack, so they typically last two to six months. The tests target both software and human-related weaknesses and threats. 

The benefit of carrying out a “self-hack” rather than simply using scanning software to detect vulnerabilities is the human element involved. “If we were bad guys, you know, what would we use to get in?”, says Aaron Shilts, president, and COO of vulnerability assessment firm NetSPI. Once weaknesses are detected, it’s up to leadership to reevaluate security across all channels and personnel. 

As more and more companies around the world are hiring hackers to test their defenses, questions of standardization are raised. The European Central Bank has released the European Framework for Threat Intelligence-based Ethical Teaming, or TIBER-EU, which lays out standardized practices for institutions that execute self-hacks. Tyler Leet, Director of Risk, Information Security, and Compliance Services at core banking and cybersecurity provider CSI, warns to only use these tests to “actively look to learn from the results” and to avoid pointing blame at employees. 

When done right, self-hacks prove to be very helpful for banks and financial institutions looking to find gaps in their network security. The best way to beat hackers and their rapidly improving capabilities is to stay one step ahead of them, which means thinking like them and constantly hunting for weaknesses they could exploit. 

Cybersecurity Innovation Starts HereCISO WEST AUGUST

Digital Transformation involves ongoing exploration by today’s leaders, and our best advice is to not trek the journey alone. Our Transformational CISO West Assembly coming this August in Las Vegas is set to be an inspiring event featuring some of cybersecurity’s top C-Suite executives.

We know what you’re thinking…

This isn’t Your Run-of-the-Mill Conference or Summit.

Our Founders, like many C-Suite executives today, became disillusioned by the slew of retail conferences, summits and events on the market today that promised “world class networking” opportunities with leading industry decision-makers. In reality, they found that these events had antiquated discussion topics presented in an impersonal format, and quite frankly, it seemed like just about anyone could attend the event.

What Makes a Millennium Assembly Different? 

We’re dedicated to creating the greatest think tank of today’s executives from some of the most prominent companies today. Our invite-only events consist of 55 carefully selected leaders holding C-Suite, EVP, and SVP positions from Fortune 500 companies.

These attendees are provided the opportunity to intimately connect in workshops & roundtables with fewer than 25 people, with interactive networking opportunities at our cocktail hour and Gala Keynote Dinner and personalized 1:1 meetings. This is an experience like no other, all taking place at some of the most beautiful hotel and resort venues in the country.

We’re serious about executive education. Our Assembly Agendas are data-driven and curated from our industry-expert Advisory Board, a group of 26 industry movers and shakers with a proven record of digitally transforming organizations from the ground-up. The prevailing topics and trends discussed at this assembly will cover the most poignant challenges affecting leaders today.

The Millennium Alliance’s goal is to change the way leaders look at executive education, and you won’t find this level of content, discussion, and networking anywhere else. We’re on the journey to digitally transform the marketing industry with you.

Join the Assembly

Want to find out if you qualify? Millennium Membership >>

Are you a Solution Provider interested in Sponsorship Opportunities? Learn More >>

Leave a Reply

PUBLISHED BY Elizabeth Radziul

View all posts by Elizabeth Radziul

Related Posts


Older Adults Can Use Tech, But What Happens When the Tech is Ineffective?

As originally published by David Sable on Linkedin. Subscribe to the newsletter! The digital divide seems to be getting bigger and bigger. Worse, it has created so many worrying faults that it’s starting to look like one of those disaster movies starring The Rock. First, we have the digital economic divide. Then there is the digital […]

CISO , News

Flavio Aggio of WHO to Keynote our CISO Assembly!

All the way from Switzerland, Flavio Aggio, CISO of the World Health Organization will keynote our Transformational CISO Virtual Assembly on April 27, 2021. In the midst of such a turbulent and critical year for cybersecurity, Aggio is a wealth of knowledge on digital innovation, enterprise architecture, and the execution of strategies that improve information […]

CMO , Retail

Finding Retail Marketing Efficiency in 2021

Last year, we saw the COVID-19 pandemic alter buyer behavior as consumers migrated to digital purchase channels. In 2020, McKinsey uncovered that 40 percent of consumers reported switching brands or retailers. Gartner noted that “Marketing organizations are ill-prepared for COVID-19’s impact on the global economy and consumer sentiment, and this crisis will only exacerbate the […]

#MillenniumLive , CISO , Interview

#MillenniumLive with Darktrace on Recent Cyber Attacks & Enterprise Defense

It’s definitely a historic time for cyber, with challenges of remote work, greater risk, and finding the right solutions for your enterprise security posture. #MillenniumLive​ is thankful to have Justin Fier, Director of Threat Intel & Analytics at Darktrace, to help our members understand these challenges. In this episode, we discuss the recent attacks targeted […]

Lovin’ Digital Diary?

Premium content to our readers interested in all things business.

Check Us Out!

Millennium Membership offers Fortune 1000 C-Level executives, leading public sector/government officials, and thought leaders across a variety of disciplines unique and exclusive opportunities to meet their peers, understand industry developments, and receive introductions to new technology and service advancements to help grow their career and overall company value.

About Millenium Alliance Next

About Digital Diary

Created to provide premium content to our readers interested in all things business.

Launched in 2017, Digital Diary was created to provide premium content to our readers interested in all things business. With our blogs catered to deliver the top news stories, trends, and interviews from across all industries.

Read all story Next

Millennium Alliance Membership

Learn More Next

What does it mean to be a Millennium Member? In the midst of disruption across all industries, our members are given the tools they need to digitally transform their organizations. Members are provided the exclusive opportunity to network 1-1 with C-Suite leaders from Fortune 500 companies in virtual assemblies and intimate roundtable discussions. They are also provided access to industry research from thought leaders and academics year-round from our newsletter, magazine, Digital Diary content platform & the #MillenniumLive podcast series.