With so much banking being done online, financial service providers are no stranger to cyberthreats. However, the recent COVID-19 pandemic is being blamed for a 238% increase in cyberattacks against banks and other financial institutions, according to the latest cybersecurity statistics. These entities must be prepared for these attacks and know how to quickly respond to minimize harm to their institution and customers’ private data.
By Ben Hartwig, Web Operations Director at InfoTracer
According to one survey of IT executives, approximately two-thirds of financial organizations experienced at least one cyberattack in 2016. Here are some of the biggest cybersecurity threats financial service providers are facing today.
1. State-Sponsored Attacks
While many people think of a cybercriminal as a one-man operation or a group of criminals in for financial gain, some cyberattacks are actually encouraged and launched by foreign governments. The increasing frequency of such attacks led to NATO officially defining cyberspace as the fifth domain of warfare, in which it recognized the critical role that a country’s infrastructure plays in its stability. Foreign factions may try to attack banks, stock exchanges, and other financial institutions to destabilize a country and make citizens concerned about their economy.
In some instances, governments may hire their own hackers to attack the financial industry in other countries. In others, they may spread fake news about the market to influence trade volume. Researchers from the MIT Sloan School of Management and the Yale School of Management found that the past impact of article writers had a large impact on abnormal trading behavior and that a fake article was more likely to cause greater market disruption than a real article.
2. Regulatory Inaction
While many banks may feel overregulated, others believe there are not enough regulations or consumer protection laws in an age of rapidly-evolving technology. Regulatory action is often short-sighted and reactionary, so banks must consider more effective and timely methods to protect their institutions and customers.
3. Credential Theft and Identity Theft
A particularly dangerous type of cybersecurity threat to customers is account takeover, in which a criminal gains access to a customer’s account and then changes information on it so that the real owner does not have access to it nor receives updates about the account. This attack is often a result of credential stuffing, in which hackers use computers to keep inserting various credentials until they break into an account. Some criminals go a step further by using that login information to access other accounts owned by the customer since many people use the same username and password combinations across multiple platforms. They may also use the gathered information to commit identity theft.
Account takeover statistics show that rates of account takeover have steadily increased over the last few years. Losses rose 122% from 2016 to 2017, and then another 164% in 2018. The number of these attacks nearly doubled from 2017 to 2018.
4. Employee Errors
While banks are very careful about hiring employees, who will not steal from them, a major cybersecurity risk occurs from employee errors, not due to intentional wrongdoing. For example, employees may open a phishing email that installs viruses on the bank’s network. This was the most common type of cyberattack in 2016. Given the COVID-19 pandemic and that many banking employees are working from home, simple employee errors and technological vulnerabilities may subject financial institutions to additional cybersecurity threats.
5. Data Theft and Manipulation
In some types of cyberattacks, criminals make slight changes to data, which may not be immediately detectable. Because nothing is stolen at the time, employees may not recognize the attack. However, once the criminals gain access to this data, they can manipulate algorithms in the system for their own financial gain.
6. Phishing Attacks
The last four Verizon Data Breach Investigations Reports have identified the use of stolen credentials as the number one method hackers use to gain unauthorized access to accounts. Many of these cyberattacks occur when bank customers or employees click on an email or link or download an attachment in an email. The email may state that their account has been compromised and they need to log in with new information, which is then used by the criminal to access the account. Alternatively, this strategy may be used to install malware on the computer system.
Ransomware is a particularly dangerous type of malware that takes over a victim’s computer system by encrypting data and making it impossible for the owner to access it unless they pay a large fee. Many of these attacks target banks because the criminals are after large payouts.
8. Cloud Providers
Many banks store information on the cloud to avoid expenses related to data storage. However, if these servers are not secure, the banks can still lose important data if destructive malware is installed and erases information. Unsecured cloud providers may also be the cause of a massive data breach that exposes customers to identity theft and other privacy concerns.
9. Third-Party Vendors
Even if banks have secure systems, if they use third-party vendors to deliver certain services, they may have a greater risk of being breached. With more system entry points, there are more ways hackers can enter your system.
10. Complex Technologies
As technology continues to evolve, criminals find new security vulnerabilities and methods to exploit financial institutions, such as using AI and IoT to increase cyberattacks. A recent report by VMware Carbon Black said that 82% of surveyed CIOs said that cyberattack methods are becoming more sophisticated. Social engineering was one example the report pointed to, regarding the exploitation of human weakness.
Ways Banks Can Protect Themselves from These Cyberthreats
Banks can harness the same technology that is used against them to protect themselves, including:
- Adopting AI that can more quickly identify threats
- Encrypting data so that it is not compromised even if a breach occurs
- Monitoring cloud security
- Limiting access to cloud security
- Making frequent updates
- Devising a recovery plan if an attack occurs
- Instructing employees and customers to only access bank data in a secure location
- Updating security frequently
- Increasing budgets for IT resources
- Updating security systems and protocol
- Using multi-factor authentication
- Training employees on cybersecurity risks
Implementing the strategies above and being conscious of the potential threats to your financial institution can help you prevent an attack.
About the Author
Views expressed in this article are personal. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.