Over the past few years, cybersecurity for financial institutions has become increasingly relevant. And even though in 2019 attacks on financial institutions accounted only to 6.5% of all cyberattacks, they made up a whopping 62% of all leaked data in that year. In 2020, the COVID-19 pandemic reignited attacks against banks, causing a 238% surge in cybercrime in that sector. In this article, we take a closer look at the cybersecurity threats unique to the financial sector.
Digital Financial Services
Digital financial services and mobile banking are an opportunity to lower costs and increase accessibility to banking services for all. Furthermore, they help financial institutions increase their reach and customer experience, often becoming critical to keep financial systems functioning.
During the COVID-19 pandemic, digital financial services give people a safe way to manage their finances with speed and transparency. At the same time, they let financial institutions upkeep their operations.
Still, as financial institutions develop business models that proliferate the growth of digital financial services, potential risks amount that call for careful design and implementation methods to keep users secure. Cybersecurity for financial institutions has never been more important.
The attack surface has expanded exponentially in this transformed financial services landscape, giving rise to cyberattacks and methods often unique to the financial industry.
What Threats Are Unique to Financial Institutions?
Third-Party Vendor Threats
With the advent of regulations allowing third-party vendors to access client data, another dangerous attack surface has emerged. Even when financial institutions have strong security measures implemented on their networks, they still have to account for possible cyber threats present in third-party vendors.
For example, financial institutions, banks especially, often use cloud providers to offload infrastructure and retain their ability to swiftly serve their clients. However, storing sensitive client data on the cloud adds another attack surface to the threat landscape.
What to do?
Always make sure any vendors you partner with have strong security policies and tools employed throughout their infrastructure. Also, check the security measures of partners of your vendors. Assessing risk from all angles is critical to keep your assets and data safe.
Emerging Technology Threats
IoT and blockchain are two technologies offering a significant competitive advantage to financial institutions. But IoT alone gives rise to cyber threats on a scale difficult to imagine.
Mobile banking users are projected to reach over 3.6 billion globally in 2024—bringing in millions of possibly insecure devices that connect to banking networks.
What to do?
Although it’s impossible to completely eliminate risk originating from emerging technologies, there are mitigating actions you can take to decrease the likelihood of a data breach.
For example, multi-factor authentication, regular vulnerability patching across devices, and regular training or best practices that keep employees and users aware of the risk and educated on how to stay safe.
Insider threats, whether deliberate or not, account for 60% of cyberattacks in financial institutions. Furthermore, threats from within the financial institution can come either from employee negligence or intentional employee action. In fact, targeted attacks by employees make up as much as 75% of insider threats.
Unfortunately, human error causes 25% of the insider threats. However, with proper policies and training, employees can exercise vigilance.
What to do?
To protect financial institutions from insider threats, companies should take a multi-faceted approach. For example, employees should feel valued and remunerated adequately for their work. Employee satisfaction plays a great part in employee loyalty.
As for insider threats caused by human error, organize periodic workshops on security best practices. Engrain risk management into company culture.
Web Application Attacks
Web application attacks are a widespread attack vector among financial industries. In essence, malicious actors can obtain sensitive financial data from any website online.
SQL injections, unvalidated redirects, or DDoS attacks exploit flaws and bugs present in web applications, especially those relying on user input.
What to do?
Perform periodic audits of your databases and networks to identify any vulnerabilities. Implement smart firewalls to block cross-site scripting. Educate your customers on cybersecurity hygiene: clearing cookies, using HTTPS websites, and using antivirus software.
Cyberattacks Aimed at Financial Institutions
Bangladesh Bank Robbery
In February 2016, multiple payment instructions amounting to almost $1billion were issued from the Federal Reserve Bank of New York. Out of the thirty-five instructions, five totaling US$101 million went through.
Investigators suspected that the bank suffered from a malware attack. The malware was designed by someone who had technical details of the bank’s network, suggesting there was an insider involvement in the robbery.
Capital One Data Breach
Capital One suffered a cyberattack between March 22-23, 2019, when a hacker accessed credit card applications. The attack resulted in the exposure of 140,000 social security numbers, 80,000 linked bank account numbers, and approximately 1 million Canadian social insurance numbers.
This time at blame was the misconfigured web application firewall.
First American Financial Corp. Breach
Approximately 885 million personal and financial records were leaked from real estate title insurance First American Financial Corp. The leaked records included bank account numbers, Social Security numbers, mortgage and tax records, and drivers’ license images.
Investigators suspected a flaw in the back-end system of the company’s website as the attack’s entry point. The flaw enabled unauthorized access to customer data.
Cybersecurity and Risk Management Are Key to Resilience
As financial institutions increasingly rely on technology, they should perform a regular assessment of their security policies to keep all assets secure. Financial institutions should develop detailed and comprehensive risk management plans. For every new addition to IoT or infrastructure, there should be a new security program introduced or existing policies updated and expanded.
Convene can help boards of financial institutions stay safe with the highest security standards. Data protection is provided by Amazon Web Services, a reputable cloud hosting service vendor. At Convene, access to data is secured with multi-factor authentication, remote data wipe, and data back-up and recovery. Resilience strengthens cybersecurity for financial institutions.