Expert: Nation States, Crime Rings Pose Increasing Threat

Banks and the U.S. payments infrastructure are prime targets for international cyberattacks. And it’s not just money hackers are after, says Bill Wansley of Booz Allen Hamilton. What else is at risk?

Wansley, a financial fraud and risk consultant for Booz Allen, says hackers are increasingly targeting financial transactions and payments for information and intellectual property.

“There’s a broad range of threats on the Internet,” Wansley says. “There are certainly criminals out there that are after financial gain, but more and more we’re seeing other types of attacks.”

In fact, Wansley says political adversaries are using the Internet for cyberespionage to steal intellectual capital. And financial transactions are primary targets. That’s because payments and other bank transactions often provide clues about pending financial trades – major deals that could be of great interest to a nation state.

“There are a number of countries that have a deliberate process to take advantage of the Internet to increase their access to emerging technology and intellectual capital for building business,” Wansley says. “[They] want intellectual capital that will allow them to make smart investment decisions globally.”

Nation State Attacks

Wansley says federal authorities have noted many of these types of attacks stem from China and Russia, but the cyberwar against U.S. institutions is not isolated. Nor are the types of hackers who wage these attacks. Many can by traced back to organized cybercrime rings, which are working independently or are hired by nation states. Other times, the attacks are waged by individual hackers, who are often young and tech savvy, just out to gather information they can sell or trade.

International cyberthieves are exploiting payments-system weaknesses to gather sensitive information about individuals and companies that can be used later for more targeted attacks. That’s why the security of U.S. payments infrastructure is being viewed as critical to national security, Wansley says.

“Access to payments processes can get you access to other things, beyond financial,” he says. “Think about how much money the United States and companies in the United States spend on research and development to create cutting-edge technologies or products that are going to be desired by consumers.”

Accessing information about those technologies and products reaps big rewards for hackers, he says. And financial institutions are investing big bucks and time to ensure they are sealing gaps and protecting their assets and the financial information of consumers and business.

U.S. financial institutions take this threat seriously, Wansley says. “The financial services industry funds a group that shares information between major institutions, and this allows them to try to identify breaking criminal trends, to identify who’s coming after whom and what techniques they’re using and how to block them.”

During this interview, Wansley discusses:

  • How financial institutions are increasingly sharing information about emerging cyberthreats;
  • The role the government is playing in ensuring the payments infrastructure is secure; and
  • The impact cyberattacks waged for political and intellectual gain are having on other industries, such as healthcare.

Wansley leads multidisciplinary consulting teams at Booz Allen Hamilton, where he provides a full range of operational level management and technology consulting services, including advanced analytics of financial data, operational and technology risk management, compliance and regulatory risk assessments, and payment process redesign. He has 30 years of professional experience as an operational U.S. Army officer, a national security policy planner, and a management consultant for the U.S. intelligence community. Wansley’s operational military experience includes serving as a field commander, division level war planner, and national security strategist. For the past 13 years, he has supported U.S. Intelligence Community clients in solving national security risk-related challenges through strategic planning and advanced analytics.