We utilize artificial intelligence for site translations, and while we strive for accuracy, they may not always be 100% precise. Your understanding is appreciated.
Home/
Blog
/
OPSWAT Eliminates a File Upload Security Risk for…
Financial Services | Customer Stories
OPSWAT Eliminates a File Upload Security Risk for Major European Bank
See How LLB overcame the Challenge of Sanitizing Thousands of Files Daily With OPSWAT MetaDefender ICAP Server
Share this Post
About Liechtensteinische Landesbank AG (LLB): Liechtensteinische Landesbank AG (LLB) is the longest established financial institute in the Principality of Liechtenstein. The majority of the company’s share capital is held by the Principality of Liechtenstein. LLB’s shares are listed on the SIX Swiss Exchange (symbol: LLBN).
The LLB Group offers its clients comprehensive wealth management services as a universal bank, in private banking, asset management and fund services. With 1,213 employees (full-time equivalent positions), LLB is represented in Liechtenstein, Switzerland, Austria, Germany and the United Arab Emirates.
As per 31 December 2023, the business volume of the LLB Group stood at CHF 102.2 billion.
What's the story? In 2023, new channels for customer and prospect interactions were being designed and required a reimagined file-upload-security solution. After vetting several cybersecurity providers, they chose OPSWAT because it was the only provider that supported both the REST interface and ICAP. In addition, finding solutions that would grow with the bank as the organization expands and compliance regulations evolve was a top priority.
Cybercrimes are becoming more lucrative with ransoms worth hundreds of millions of dollars being paid by organizations to retrieve their data. As Head of IT Network and Security for LLB, Alexander Soller, recently explained, with so much money to be gained, “cyber-threat actors are becoming more and more professional, organized, and skilled.” Recent posts on the dark web now advertise "ransomware-as-a-service" offerings.
Not surprisingly, banks are a prime target with financial criminals constantly probing bank defenses to find ways into their networks. Sneaking malware past security measures in files presumably sent by customers is a favorite strategy.
Like many banks today, LLB needed to put a robust file-security system in place that would guarantee file uploads, which come primarily from customers and corporate clients via email, were properly sanitized. Satisfying compliance regulations for uploading files was also a key concern.
In 2023, new channels for customer and prospect interactions were being designed by LLB. In evaluating ways to upgrade their system, LLB’s primary goal was to reimagine their file-upload-security measures. At the same time, the bank wanted to build a system that would accommodate the rising complexity of LLB's infrastructure. Finding solutions that would grow with the bank as the organization expands and compliance regulations evolve was a top priority.
Skeptics might ask why firewalls aren’t enough to prevent data breaches, but as Mr. Soller was quick to point out, while firewalls serve an important purpose and are an important piece of a holistic cyber defense, “having an exclusively perimeter-centric security approach has been outdated for a while now. While still important, identity- and data-centric security models have become increasingly the norm as they offer better protection, especially when using, for example, cloud services.”
After vetting a number of cybersecurity solutions, LLB ultimately chose OPSWAT as their strategic cybersecurity partner because their solutions supported both the REST interface and ICAP, while meeting stringent compliance and certification requirements.
We found out at the beginning of the evaluation that there was no provider that supported both the REST interface and ICAP. We then carried out a POC and ultimately found that OPSWAT was the right choice.
Cihan Bal
Software Engineer, LLB
The Challenge of Securing File Uploads
Because the bank takes in thousands of queries from customers and corporate clients every day, dealing with both the email load and the inherent risks of malware hiding in attachments was a big concern.
In a recent interview, LLB’s Software Engineer, Cihan Bal, described their previous workflow this way:
Inbound emails with attachments were received.
Any attachments to be uploaded were packed into an email then sent through an alternative solution and a virus check using a single antivirus engine for malware detection.
Files were then uploaded for actioning.
This system was not only cumbersome and time-consuming, but the odds of the single antivirus engine missing key threats and potentially allowing malware to enter LLB’s network were increased.
LLB needed a solution that could ingest vast quantities of files, sanitize them thoroughly, then send them through - quickly and seamlessly - with the assurance that both emails and their attached files were malware-free.
File Upload Security Made Easy With OPSWAT
A recent study found that the primary concern of enterprises is data breaches as a consequence of unsecure file uploads. However, only 63% of companies scan all files for malware with multiple anti-malware engines and only 32% disarm files to remove embedded threats.
To protect against these risks and remain compliant with government regulations, organizations need a powerful, multi-layered cybersecurity system to prevent harmful, offensive, or inappropriate content from infecting their networks.
To handle this task, LLB’s cybersecurity consultants recommended OPSWAT’s MetaDefender Core and MetaDefender ICAP Server solutions. These technologies completely streamlined the bank’s file-uploading process while ensuring the security of LLB’s network. Here’s how it works.
MetaDefender Core enables organizations to integrate advanced malware prevention and detection capabilities into their existing IT solutions and infrastructure for better handling of common attack vectors: securing web portals from malicious file upload attacks, augmenting cybersecurity products, and developing their own malware analysis systems.
MetaDefender Core has a number of features to help streamline workflows including the ability to:
Quickly scan all files with 30+ antivirus engines to detect over 99% of known malware.
Recursively sanitize 150+ file types with market-leading Deep CDR technology to remove 100% of potential threats.
Detect zero-day malware and more indicators of compromise (IOCs) with adaptive threat analysis technology.
Identify file origins and manage access to restricted locations and vendors instantly for regulatory compliance and data protection.
MetaDefender ICAP Server is a plug-and-play solution that protects networks against malicious Internet content. This solution provides an ICAP interface on top of MetaDefender Core’s advanced threat prevention solution.
Any content routed through the ICAP interface is scanned and processed before entering your network and reaching end users. MetaDefender ICAP Server can seamlessly integrate with any ICAP-enabled network appliances, so it complements existing antivirus solutions including reverse proxies, web application firewalls, load balancers, forward proxies, web gateways, and SSL inspectors.
Key features include:
Real-time, comprehensive threat detection and prevention for your network
Protection from malicious file uploads and transfers at the gateway of your network
Defense against zero-day and advanced targeted attacks
Detection of file-based vulnerabilities before they are installed
The collaboration between LLB and OPSWAT began with an initial testing phase in which one ICAP Server instance and one MetaDefender Core instance equipped with multiple antivirus engines were deployed.
This testing evolved into a redundant strategy for LLB, where critical components were duplicated to enhance security. Eventually, many more antivirus engines were implemented to protect LLB’s network.
This redundant setup added an extra layer of resilience, ensuring uninterrupted security even in the face of potential system failures, to significantly reduce the risk of malware infiltrations.
Integrating MetaDefender ICAP Server with Web Application Firewalls (WAFs) adds an additional security layer that detects malicious activities and prevents advanced threats from reaching your web application.
MetaDefender Core and MetaDefender ICAP Server also integrated easily with LLB’s existing system, and with MetaDefender ICAP Server, the workflow is much more streamlined with OPSWAT providing a holistic solution for file security.
When I told them [our consultants] about our requirements they said OPSWAT would be the right solution for you.
Cihan Bal
Software Engineer, LLB
Today, LLB’s streamlined workflow looks like this:
The Value of Onboarding OPSWAT Technology
Integrating OPSWAT technology into their workflow has delivered a number of key benefits for LLB:
LLB’s entire file upload workflow is now streamlined - all file sanitization is done through MetaDefender Core and MetaDefender ICAP Server before files enter their system - eliminating the extra step of running files through their I-report solution.
Multiscanning allows you to scan files with over 30 anti-malware engines to achieve detection rates greater than 99%. Only safe files are now uploaded to the organization.
Easy integration of OPSWAT solutions into LLB’s system.
Ability to import files from a variety of formats.
Customers get an alert if one of their files is rejected after scanning.
OPSWAT has ensured the safe delivery of files.
Compliance issues have been greatly reduced.
Operational efficiency has greatly improved.
Looking Ahead
The strategic integration of OPSWAT’s advanced technologies not only addressed immediate concerns for LLB but also positioned the bank to be able to handle future threats and remain compliant.
Based on the success of this initial partnership with OPSWAT, LLB is drawing on the adaptability and scalability of OPSWAT's technologies to stay one step ahead in the ever-changing cybersecurity landscape.
“No one tool can handle any job in cyber defense,” Mr. Soller concluded, “but by having the required technology for each capability – OPSWAT for malware scanning – a holistic cyber defense is created.”
To see how OPSWAT solutions can up level your organization’s cyber defenses, click here.
