New service to fight cybersecurity threats to African banks

April 2019 Cyber Security

Foregenix is launching a service to combat the new and growing breed of cyber-attacks on African banks. The global cybersecurity firm, which specialises in the financial services and has a regional hub in Johannesburg, is introducing the Foregenix Threat Sweep.

Based on Foregenix’s established Serengeti technology, the service cuts the dwell-time of attackers within an organisation to hours from an industry average of around 100 days.

The new service cuts through the noise and identifies latent threats in a matter of minutes. Threat Sweep is backed-up by a threat intelligence team and senior digital forensics and incident response analysts performing threat hunts on specific issues experienced within the sector. The combination of technical innovation and human elements mean threats are detected quickly and mitigated efficiently.

Among the rapidly emerging attacks Threat Sweep is aiming to combat is the surge in ATM cashout type attacks (FASTCash). These attacks on issuing banks or payment card processors exploit weak ­internal system architecture and security controls of processing switches (servers) and then use a small subset of cloned payment cards at ATMs to fraudulently withdraw large amounts of money in untraceable hard currency.

The CEO of Foregenix, Andrew Henwood explains: “ATM cashouts allow hackers to extract vast sums of money in less than 30 minutes by compromising the backend and eliminating the removal limits on these accounts. This is all done in an almost risk free manner. So it is essential to be extra vigilant and perform additional checks within the payment environment, even if there is no obvious breach as attackers typically lie dormant for months.”

Henwood adds: “As a PCI Forensic Investigator, we are seeing regular requests for assistance from organisations experiencing ATM cashout attacks. Previously, these were on the periphery but are now becoming a weekly phenomenon on some parts of the continent.”

The Threat Sweep service offers immediate response to this type of critical situation. It is offered for a fixed-time and cost for 30-days and most clients opt to extend into the Foregenix MDR service.

Henwood comments: ‘Unfortunately, in most of our forensic ­investigations, banks and organisations are failing to detect when their systems were initially compromised. From analysis of our casework we see 135 days elapsing before an alert is raised and by that point the hacker typically knows and understands the environment better than the IT administrators, they are well-established and have already harvested large amounts of valuable personal and financial data.

“Many organisations rely on the traditional security systems – firewalls, antivirus, patch management – but they are still being breached. With new threats emerging, our rapid response service meets an increasing need for the sector to accurately establish their threat and risk level and take appropriate action.”

For more information go to

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Patient critical – healthcare’s cybersecurity pulse
August 2019, Wolfpack Information Risk , News, Cyber Security, Healthcare (Industry)
The healthcare industry has become one of the leading cybersecurity attack vectors worldwide for several reasons.

Building a Human Firewall
August 2019, Kaspersky Lab , Cyber Security, Training & Education
Riaan Badenhorst, general manager of Kaspersky in Africa answers some questions on the role of people in cybersecurity risks.

Inundated with cyberattacks from all directions
August 2019 , Editor's Choice, Cyber Security, Security Services & Risk Management
IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up-to-date technology.

Under cyberattack
August 2019, Kaspersky Lab , Cyber Security, Residential Estate (Industry)
Cybersecurity is not something one usually associates with residential estates, but the threats from cybercriminals apply equally to estates as they do to businesses and the individual homeowner.

Cyber tools and solutions
August 2019, Technews Publishing , Editor's Choice, Cyber Security, IT infrastructure, Residential Estate (Industry)
Hi-Tech Security Solutions looks at the various options we have when it comes to protecting yourself from the ever-growing scourge of cybercrime?

Understanding the data protection requirements and how to comply for POPI or GDPR
July 2019 , Cyber Security, Security Services & Risk Management
For many companies that must comply with these legislations, the best way to prepare is to implement a solid data protection strategy that guards against loss of data.

Going safely into the brave new world of 4IR
July 2019 , Industrial (Industry), Cyber Security
Put cybersecurity at the heart of industrial digitisation on the journey to 4IR.

It’s not wise to go SIEMless
August 2019 , Cyber Security, Security Services & Risk Management
As with every other aspect of security today, information security, while the popular child in a dysfunctional family, is no longer enough.

A one-size-fits-all approach won’t secure the IoT
August 2019 , News, Cyber Security
Securing the Internet of Things (IoT) is something which cannot be done with a one-size-fits-all approach, and every kind of connected object must be assessed individually.

Cloud advantage or cost?
August 2019 , Cyber Security, IT infrastructure
No matter how you look at it, security in the cloud is as important as security in traditional data centres.