Over the past few years, cybersecurity for financial institutions has become increasingly relevant. In 2019, financial institutions are accounted for only 6.5% of all the cyberattacks recorded that year — however, 62% of the leaked data are attributed to the financial sector. Likewise, in 2020, cybercrimes in the sector surged to 238% as the COVID-19 pandemic reigned attacks against banks.
With the rapid rise of attacks directed at the financial sector, there must be a need to assess the cybersecurity threats mostly encountered by financial companies.
Digital Financial Services and Cybersecurity
Digital financial services are services brought by technological innovation in the finance industry. These services are not limited to applications and processes that have transformed the traditional way of banking and financial services.
Digital financial services have benefited companies and consumers by providing opportunities to lower operational costs and increase accessibility to banking services for all. Furthermore, they help financial institutions increase their reach and customer experience, often becoming critical to keep financial systems functioning.
During the COVID-19 pandemic, digital financial services give people a safe way to manage their finances with speed and transparency — in the forms of mobile banking, online payments, and online investment services. At the same time, consumers let financial institutions upkeep their operations.
Still, as the financial sector develops business models that proliferate digital financial services, potential risks call for careful design and implementation methods to keep users secure. Cybersecurity for financial institutions has never been more important.
The attack surface has expanded exponentially in this transformed financial services landscape, giving rise to cyberattacks and methods often unique to the financial industry.
What Cybersecurity Threats Are Unique to Financial Institutions?
While companies across the various industries are no strangers to cyberattacks, there are cybersecurity threats that are distinctive to the financial sector’s nature.
Third-Party Vendor Threats
With the advent of regulations allowing third-party vendors to access client data, another dangerous attack surface has emerged. Even when financial institutions have strong security measures implemented on their networks, they still have to account for possible cyber threats present in third-party vendors.
For example, financial institutions, banks especially, often use cloud providers to offload infrastructure and retain their ability to serve their clients swiftly. However, storing sensitive client data on the cloud adds another attack surface to the threat landscape. The overdependence of financial institutions on third-party service providers can be a gateway to data breaches.
How to prevent third-party vendor risks?
Always make sure any vendors you partner with have strong security policies and tools employed throughout their infrastructure. Also, check the security measures of the partners of your vendors. Employ third-party risk assessment and management to ensure effective and secure relationships with third-party service providers.
Being involved and assessing cybersecurity risk from all angles is critical to keep your assets and data safe.
Emerging Technology Threats
Internet of Things (IoT), blockchain, and artificial intelligence (AI) are the technologies offering a significant competitive advantage to financial institutions. IoT refers to the devices that are connected to the internet used to control or communicate information. The shift to the digital era gives rise to cybersecurity threats on a scale difficult to imagine.
Mobile banking users are projected to reach over 3.6 billion globally in 2024—bringing in millions of possibly insecure devices that connect to banking networks. Once connected to the internet, passageways are now open for cybercriminals to conduct information manipulation.
Even blockchain technology, an immutable system for recording transactions, which was once considered completely safe for banking, isn’t immune to vulnerabilities or other malicious actions.
Similarly, AI imposed a double-edged sword for the financial sector. While AI allows financial companies to strengthen their cybersecurity by identifying risks, it also gives opportunities for cybercriminals to nourish their attacks. AI can understand patterns of human behavior and can motivate users to disclose personal information.
What to do with the technology threats?
Although it’s impossible to eliminate risk originating from the technologies used by financial companies completely, there are mitigating actions you can take to decrease the likelihood of a data breach.
For example, multi-factor authentication, regular vulnerability patching across devices, and regular training or best practices keep employees and users aware of the risk and educated on how to stay safe.
Insider Threats
Insider threats, whether deliberate or not, account for 60% of cyberattacks in financial institutions. Such attacks can lead to data breaches, financial losses, fraud, and legal fines.
Furthermore, threats from within the financial institution can come either from employee negligence or intentional employee action. In fact, targeted attacks by employees make up as much as 75% of insider threats. Human error causes 25% of these insider threats. A few of the primary motives of insider threats are:
- Intentional insider threats — like employees that pursue financial gain
- Accidental insider threats — such as employees who have mishandled information and put the business at risk
- Credential theft — occurs when an outsider steals an insider’s credentials to attack the company.
How to prevent insider threats?
To protect financial institutions from insider threats, companies should take a multi-faceted approach. For example, employees should feel valued and remunerated adequately for their work. Employee satisfaction plays a substantial part in loyalty.
As for insider threats caused by human error, organize periodic workshops on security best practices. Ingrain risk management into the company culture. With proper policies and training, employees can exercise vigilance.
Web Application Attacks
Web application attacks are a widespread attack vector among financial companies. In essence, malicious actors can obtain sensitive financial data from any website online. SQL injections, invalidated redirects, or DDoS attacks exploit flaws and bugs present in web applications, especially those relying on user input.
In infiltrating financial institutions, hackers often conduct DDoS attacks first as a diversion to get their hands on the customer accounts and the payment ecosystem. From there, they can create fake accounts and access funds.
What to do?
Perform periodic audits of your databases and networks to identify any vulnerabilities. Implement smart firewalls to block cross-site scripting. Educate your customers on cybersecurity hygiene: clearing cookies, using HTTPS websites, and using antivirus software.
Read more on the digital threats companies can encounter and how they can mitigate these risks.
Cyberattacks Aimed at Financial Institutions
Bangladesh Bank Robbery
In February 2016, multiple payment instructions, amounting to almost $1 billion were issued from the Federal Reserve Bank of New York. Out of the thirty-five instructions, five totaling US$101 million went through.
Investigators suspected the bank suffered from a malware attack. The malware was designed by someone who had technical details of the bank’s network, suggesting an insider involved in the robbery.
Capital One Data Breach
Capital One suffered a cyberattack between March 22-23, 2019, when a hacker accessed credit card applications. The attack exposed 140,000 social security numbers, 80,000 linked bank account numbers, and approximately 1 million Canadian social insurance numbers.
This time at blame was the misconfigured web application firewall exploited by the hacker who has worked previously at the third-party vendor of Capital One.
First American Financial Corp. Breach
Approximately 885 million personal and financial records were leaked from real estate title insurance, First American Financial Corp. The leaked records included bank account numbers, social security numbers, mortgage and tax records, and drivers’ license images.
Investigators suspected a flaw in the back-end system of the company’s website as the attack’s entry point. The flaw enabled unauthorized access to customer data.
South Africa’s Postbank Internal Security Breach
The state-owned bank suffered an internal security breach attack, resulting in $3.25 million damages from 25,000 fraudulent transactions. Postbank was forced to replace 12 million bank cards of account holders and social grant beneficiaries because of this large-scale fraud.
According to the investigation, it was an insider attack wherein a group of employees had copied the encrypted master key. This gave them access to the bank system, customer accounts, and even card resets. Apart from the insider threat, the outdated security systems of the bank have contributed to the breach.
Cybersecurity for Financial Institutions Is
When financial firms became victims of security breaches, this has a cascading negative impact on the other banks and the economy. As financial institutions increasingly rely on technology, they should regularly assess their security policies to keep all assets secure. Financial institutions should develop detailed and comprehensive risk management plans. There should be a new security program introduced or existing policies updated and expanded for every new addition to IoT or infrastructure.
Resilience strengthens cybersecurity for financial institutions. Board portals can help boards of financial institutions stay safe with the highest security standards. Data protection is provided by reputable cloud hosting service providers, such as Amazon Web Services. Security measures are readily implemented on board portal solutions, such as multi-factor authentication, remote data wipe, and data back-up and recovery — ensuring that corporate data of financial companies are fortified.
Find out how secure board management software can protect your data from these financial sector cybersecurity threats.
Ahmed is a cybersecurity analyst at Convene. He is well-versed and has experience creating information security and contingency plans to protect against attacks. Ahmed also provides useful vulnerability and threat analysis, while recommending viable software solutions.
- Connect:
-
