{"id":3894,"date":"2018-06-21T18:36:44","date_gmt":"2018-06-21T18:36:44","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/threatpost\/?p=132987"},"modified":"2018-06-21T18:36:44","modified_gmt":"2018-06-21T18:36:44","slug":"financial-services-sector-rife-with-hidden-tunnels","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/","title":{"rendered":"Financial Services Sector Rife with Hidden Tunnels"},"content":{"rendered":"<div class=\"media_block\"><\/div>\n<div><img decoding=\"async\" src=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2018\/06\/21143617\/Tunnel_Attack.jpg\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>Global financial services organizations are seeing a significant uptick in the rate of being actively targeted by sophisticated cyber-attackers using hidden-tunnel techniques for post-intrusion data exfiltration.<\/p>\n<p>In an attempt to steal critical data and personally-identifiable information (PII), cybercriminals are building hidden tunnels into compromised systems to further break into networks and steal critical data and personal information, while remaining largely undetected. That\u2019s because the traffic flowing through these tunnels looks and behaves just like normal web traffic, such as packets flowing to and from legitimate cloud apps that workers are using.<\/p>\n<p>As a result, the technique allows the malicious traffic to camouflage itself alongside the high volume of traffic from web-based enterprise applications, effectively evading strong access controls, firewalls and intrusion detection systems.<\/p>\n<p>While these types of attacks are not new, they have dramatically increased since hidden tunnels were used in the <a href=\"https:\/\/threatpost.com\/equi-facts-equifax-clarifies-the-numbers-for-its-massive-breach\/131797\/\" target=\"_blank\" rel=\"noopener\">2017 Equifax breach<\/a>, where over 147 million personal records were taken \u2014 one of the largest data breaches in history. Financial services firms are now seeing double the number of hidden-tunnel attacks in other verticals, according to an\u00a0analysis\u00a0of the technique from Vectra <a href=\"https:\/\/blog.vectra.ai\/blog\">released Wednesday<\/a>.<\/p>\n<p><strong>Targeted to Financial Services<\/strong><\/p>\n<p>According to the report, security breaches across multiple industries continue in an upward trajectory, and the financial services industry is no exception. However, cybercriminals are increasingly tailoring their attacks to their targeted vertical.<\/p>\n<p>The hidden-tunnel tactic for post-intrusion data exfiltration matches the financial-services environment perfectly, it added, and as a result more and more efforts using this tactic are being unleashed.<\/p>\n<p>The analysis, of anonymized metadata from more than 4.5 million devices and workloads from customer cloud, data center and enterprise environments, showed significantly more hidden command-and-control tunnels per 10,000 devices in financial services than all other industries combined, and twice as many hidden data-exfiltration tunnels.<\/p>\n<p>\u201cEvery industry has a profile of network and user behaviors that relate to specific business models, applications and users,\u201d said Chris Morales, head of security analytics at Vectra. \u201cAttackers will mimic and blend in with these behaviors, making them difficult to expose.\u201d<\/p>\n<p>For instance, in the education vertical, \u201cwe see much more suspicious HTTP traffic \u2013 which is a very traditional attack, where some kind of payload is delivered from a malicious website,\u201d explained Morales in an interview with Threatpost. \u201cThere\u2019s also a lot of cryptomining in higher ed. These kinds of attacks are more obvious, and financial organizations are good at detecting that, so criminals turn to different tactics when they go after a bank.\u201d<\/p>\n<p><strong>Hiding in Plain Sight<\/strong><\/p>\n<p>Financial services firms already use hidden tunnels for legitimate purposes, including stock-ticker feeds, internal financial management services, third-party financial analytics tools and other cloud-based financial applications. Hidden tunnels are typically used to circumvent security controls that would otherwise limit their ability to function, the report explained.<\/p>\n<p>This is the same reason attackers use hidden tunnels, which were employed in the <a href=\"https:\/\/threatpost.com\/vermont-librarian-wins-small-claims-suit-against-equifax\/132875\/\" target=\"_blank\" rel=\"noopener\">Equifax data breach<\/a>, Morales noted.<\/p>\n<p>\u201cUsing hidden tunnels from an attacker perspective is an advanced technique, a natural evolution of the way the internet works,\u201d Morales told Threatpost. \u201cFor instance, companies have a lot more granular control over their environments these days, and they rely heavily on apps and the cloud.\u201d<\/p>\n<p>He added that this has naturally evolved to the use of tunnels, where data is broken into chunks and carried through the network in encrypted pieces, similar to VPN traffic \u2013 which creates an unintended attack surface.<\/p>\n<p>As the report explained, hidden-tunnel communications are concealed within multiple connections that use normal, commonly allowed protocols. For example, communications can be embedded as text in HTTP-GET requests, as well as in headers, cookies and other fields. The requests and responses are hidden among messages within the allowed protocol.<\/p>\n<p>\u201cWith the rise of web applications, the use of SSL\/TLS encryption has become widespread, and HTTPS traffic is the norm; certificate pinning is also widely used to prevent network security systems from performing man-in-the-middle decryption to inspect packets for threats,\u201d the report noted.<\/p>\n<p>The bad guys employ the same techniques.<\/p>\n<p>Once inside the network, \u201cbad actors use tunnels to break up the data and exfiltrate it through firewalls in the same way, to avoid anomaly detection, mainly,\u201d Morales told Threatpost. \u201cAnd if legitimate apps are using these same techniques, then there\u2019s nothing to detect because it\u2019s not an anomaly.\u201d<\/p>\n<p>Also, while many attackers use SSL\/TLS for encryption, the most adept attackers will also create their own encryption schemes, he added: \u201cCustom encryption is especially difficult to detect, because the protocol might be unidentifiable and use any available port.\u201d<\/p>\n<p>Once attackers locate key assets to steal, the focus shifts to accumulating those assets and smuggling them out. In this exfiltration phase, attackers control the transmission of large data flows from the network and into the wild.<\/p>\n<p><strong>Mitigation<\/strong><\/p>\n<p>Unfortunately, the ability to detect this kind of activity remains rudimentary on the traditional tools front, but there are options.<\/p>\n<p>\u201cCISOs typically have a lot of tools around access control and the perimeter,\u201d said Mike Banic, vice president at Vectra, in an interview. \u201cThey usually don\u2019t have the tools to determine whether hidden tunnels exist on their networks. Machine learning is evolving to help them do that, however.\u201d<\/p>\n<p>Will LaSala, director of security solutions at OneSpan (formerly VASCO), told Threatpost via email that another aspect of the hidden-tunnel threat is that attackers can make use of those already in place for legitimate applications. However, these can be defanged by app developers so that malefactors can\u2019t use them.<\/p>\n<p>\u201cMany app developers put holes through firewalls to make services easier to access from their apps, but these same holes can be exploited by hackers,\u201d he said. \u201cUsing the proper development tools, app developers can properly encrypt and shape the data being passed through these holes. Sometimes developers are at a rush to implement a new feature to maintain customers or to increase business, and this often leads to situations where a hidden tunnel is created and not secured. By leveraging development tools that create an end to end secure communications whenever a hidden tunnel is needed, developers can start with a solid foundation of security before hackers attack.\u201d<\/p>\n<p>He added that secure communication APIs allow for a developer to encrypt their data within their application before the network layer is applied, which often protects apps from the injection of a malicious backdoor.<\/p>\n<p>\u201cApplying further application shielding techniques can often harden the application from attack even further,\u201d he said. \u201cTaking a layered security approach to applications can not only stop current attacks, such as the malicious hidden tunnel, but can often prevent new ones from being attempted against a protected app.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/threatpost.com\/financial-services-sector-rife-with-hidden-tunnels\/132987\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Attackers use the approach to look like legitimate traffic and hide data exfiltration in plain sight. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":3895,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[3],"tags":[1476,1477,1478,1479,18,1480,1481,19,69],"class_list":["post-3894","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threatpost","tag-attack-technique","tag-data-exfiltration","tag-equifax-breach","tag-financial-services","tag-hacks","tag-hidden-tunnels","tag-uptick","tag-vulnerabilities","tag-web-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Financial Services Sector Rife with Hidden Tunnels 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Financial Services Sector Rife with Hidden Tunnels 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-21T18:36:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/financial-services-sector-rife-with-hidden-tunnels.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"700\" \/>\n\t<meta property=\"og:image:height\" content=\"471\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Financial Services Sector Rife with Hidden Tunnels\",\"datePublished\":\"2018-06-21T18:36:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/\"},\"wordCount\":1110,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/financial-services-sector-rife-with-hidden-tunnels.jpg\",\"keywords\":[\"attack technique\",\"data exfiltration\",\"Equifax breach\",\"financial services\",\"Hacks\",\"hidden tunnels\",\"uptick\",\"Vulnerabilities\",\"Web Security\"],\"articleSection\":[\"Threatpost\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/\",\"name\":\"Financial Services Sector Rife with Hidden Tunnels 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/financial-services-sector-rife-with-hidden-tunnels.jpg\",\"datePublished\":\"2018-06-21T18:36:44+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/financial-services-sector-rife-with-hidden-tunnels.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/financial-services-sector-rife-with-hidden-tunnels.jpg\",\"width\":700,\"height\":471},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"attack technique\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/attack-technique\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Financial Services Sector Rife with Hidden Tunnels\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Financial Services Sector Rife with Hidden Tunnels 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/","og_locale":"en_US","og_type":"article","og_title":"Financial Services Sector Rife with Hidden Tunnels 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-06-21T18:36:44+00:00","og_image":[{"width":700,"height":471,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/financial-services-sector-rife-with-hidden-tunnels.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Financial Services Sector Rife with Hidden Tunnels","datePublished":"2018-06-21T18:36:44+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/"},"wordCount":1110,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/financial-services-sector-rife-with-hidden-tunnels.jpg","keywords":["attack technique","data exfiltration","Equifax breach","financial services","Hacks","hidden tunnels","uptick","Vulnerabilities","Web Security"],"articleSection":["Threatpost"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/","url":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/","name":"Financial Services Sector Rife with Hidden Tunnels 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/financial-services-sector-rife-with-hidden-tunnels.jpg","datePublished":"2018-06-21T18:36:44+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/financial-services-sector-rife-with-hidden-tunnels.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/financial-services-sector-rife-with-hidden-tunnels.jpg","width":700,"height":471},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/financial-services-sector-rife-with-hidden-tunnels\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"attack technique","item":"https:\/\/www.threatshub.org\/blog\/tag\/attack-technique\/"},{"@type":"ListItem","position":3,"name":"Financial Services Sector Rife with Hidden Tunnels"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/3894","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=3894"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/3894\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/3895"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=3894"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=3894"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=3894"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}