Financial Services Cybersecurity

Heavy competition is forcing the rapid assimilation of new technologies in the finance and banking sector. However, where the implementation of the necessary cybersecurity measures fails to keep up, financial institutions face elevated risks – in an industry where consumer trust is paramount. Exposure to attacks through vendors, partners and customers also increases banking and finance institutions’ vulnerability to cyber attacks. Furthermore, heightened regulatory and enhanced privacy requirements may increase the incidence of extortion attacks, exploiting financial institutions’ fears that the exposure of noncompliance and data breaches will result in fines and lost business.

Since the outbreak of the Covid-19 pandemic, in the first portion of 2020 alone, 75% of banks and insurance groups experiencing a rise in cybercrime (Cyber Talk). The number of recorded cyber attacks directed against financial firms and financial services organizations in this period increased by 238% (Fintech News). The US Department of Treasury’s Financial Crimes Enforcement Network reported in September 2020 that more than $1 billion dollars showed up as stolen from institutions each month.

According to Accenture, the financial industry suffers the highest cost from cybercrime – an average of $18.3 per company surveyed. The average cost of a data breach in the financial services sector is $5.85 million – about 30% higher than the average in all sectors (Cyber Talk, citing a Varonis report from 2021). Moreover, a breach in financial services businesses is only detected and contained an average of 233 days after it occurred (Varonis, 2021).

A Deloitte Touche survey cited by American Banker revealed that cyber-related spending grew by 15% in 2020, translating into approximately $1 billion for each of the largest US banks.

In early 2021, a zero-day vulnerability in Accellion software led to breaches in a number of its financial sector companies, including the Reserve Bank of New Zealand, the Australian Securities and Investments Commission (ASIC) and Flagstar Bank (USA).

In March 2021, CNA Financial, one of the largest insurance firms in the USA, was the victim of a ransomware attack that affected its customer and employee services for three days.

Two months later, in May 2021, AXA, the European insurance giant, was the victim of a ransomware attack, ironically, shortly after it announced in France that it would no longer cover damage from this type of attack.

The previous year, Diebold Nixdorf, which controls around 35% of the global ATM market, admitted to having incurred a ransomware attack in April, adding that it refused to pay the ransom.

At the beginning of 2020, the London-based foreign exchange company Travelex suffered a ransomware attack as well. The company operates more than 1,000 stores and 1,000 ATMs in 26 countries. The attack led to the suspension of its travel money services, and also affected several UK banks, which were forced to shut down their currency exchange services. It took the company a month to get its money transfer systems back online, and longer to make its main website accessible, after paying a ransom of $2.3 million.

Attackers aiming to access confidential transactional data, user account information and gain control over transactional systems in order to steal funds or disrupt operations favor data exfiltration, malware, phishing and DDoS attacks (Blackfog).

ACID Intelligence and DIP cost-effectively confront the increased risks faced by finance and banking institutions. Advance detection in the early stages of cyber attack planning, and continuous tracking to collect more information, are critical to foiling the attacks or mitigating their impact.

ACID Intelligence and DIP are well-equipped to detect numerous types of cyber attacks targeting the finance and banking sector while in the planning stage, including, but not limited to:

  • Phishing
  • DDoS
  • SQL injection (SQLi)
  • Local file inclusion (LFI)
  • Cross-site scripting (XSS)
  • OGNL Java Injection
  • Ransomware
  • Credential stuffing
  • Theft of BINs (Bank Identification Number), SWIFT codes

These are aimed at committing, among others:

  • Financial scams
  • Fraud
  • Opening fake accounts and lines of credit
  • Direct theft
  • Data theft
  • Extortion

ACID Intelligence allows financial institutions to avoid heavy financial losses and significant harm to their reputation.

Is financial services cybersecurity really necessary?

Financial Services CybersecurityThe finance and banking sector is undergoing rapid digitization and assimilation of new technologies. However, where the implementation of the necessary cybersecurity measures fails to keep up, financial institutions face elevated risks – in an industry where consumer trust is paramount. Exposure to attacks through vendors, partners and customers also increases banking and finance institutions’ vulnerability to cyberattacks. Furthermore, heightened regulatory and enhanced privacy requirements may increase the incidence of extortion attacks, exploiting financial institutions’ fears that the exposure of noncompliance and data breaches will result in fines and lost business.

According to the global cybersecurity company BlackFog, the financial sector is the hardest hit – experiencing approximately 300 times as many cyberattacks than other industries.

A Varonis report from 2021 indicates that the average cost of a data breach in the financial services sector is $5.85 million – about 30% higher than the average in all sectors. Importantly, it adds that a breach in financial services businesses is only detected and contained an average of 233 days after it had occurred – leaving the targeted organization exposed and vulnerable for many months.

This data highlights the importance of financial services cybersecurity in helping financial institutions avoid the cost of cybercrime. Cyberattacks are extremely costly not on in direct and financial losses. Any harm to the financial institution’s image and loss of client trust will impact on its client base and cause heavy indirect financial losses as well.

What is the extent of cyberattacks, which justifies financial services cybersecurity?

Since the outbreak of the Covid-19 pandemic, in the first part of 2020 alone, 75% of banks and insurance groups experienced a rise in cybercrime (Cyber Talk). The number of recorded cyberattacks directed against financial firms and financial services organizations in this period increased by 238% (Fintech News). The US Department of Treasury’s Financial Crimes Enforcement Network reported in September 2020 that more than $1 billion dollars showed up as stolen from institutions each month.

Attacks on the financial sector, including banks, credit card companies, investment firms, etc., have not ended with the resumption of routine activity in the financial sector; on the contrary, this sector continues to be targeted relentlessly.

Major attacks that took place against companies operating in the financial sector in 2021 include:

  • In Germany, a DoS attack on an IT firm working with local cooperative banks disrupted the operation of 800 financial institutions in this country.
  • Cyren Inc., an Internet security technology company, reported a rise of 300% in phishing attacks against Chase Bank customers in the three-month period from May to August 2021.
  • In a cyberattack on the American stock trading platform Robinhood, the hacker gained access to the personal data of about 7 million customers.
  • AXA, the European insurance giant, was the victim of a ransomware attack, ironically, shortly after it announced in France that it would no longer cover damage from this type of attack.
  • CNA Financial’s operation was disrupted for three days due to a ransomware attack.

Additionally, attacks on cryptocurrency companies are becoming more common:

  • Bitmart, a crypto trading platform, sustained a crypto cyberattack that caused it to lose $200 million in assets.
  • In what seems to be one of the largest cryptocurrency thefts ever, hackers exploited a vulnerability in Poly Network (a platform aiming to connect different blockchains to enable them to work together) and stole more than $600 million.

What are the most frequent types of attacks launched against the financial sector, that financial services cybersecurity can protect from?

Banking CybersecurityCommon types of attacks against the financial sector include:

  1. Social engineering

Social engineering includes phishing attacks through emails, text messages or online ads; fraudware; and ‘favor for favor’ – a social engineering trick in which victims are encouraged to share confidential information in exchange for a service.

According to a Deloitte survey, social engineering is considered the greatest threat for financial sector companies. Furthermore, research conducted by Cisco reveals the 43% of employees have make mistakes that could potentially leave an organization exposed to a cyber threat.

  1. Malware

Malware was widely used to attack financial organizations in 2021, with new malware samples being continuously developed, making this threat particularly challenging. It should be noted that malware is also often used in unison with phishing emails, and is spread through mobile devices.

Some of the common features of malware targeting the financial sector are:

  • Supply chain attacks that entice a user to install a fake, malware-infected software patch.
  • Trojans relying on malicious Google Adsense campaigns, which target the banking sector.
  1. Advanced Persistent Threat (APT) attacks

In APT attacks, cybercriminals exploit the vulnerabilities of a targeted organization to establish a long-term presence in its network. They often infiltrate the financial organization’s internal system through spear phishing, then utilize backdoor malware to gain remote access and subsequently collect data on internal procedures and banking applications in preparation for exfiltration. The attacks typically result in the theft and encryption of data for ransom, or theft of funds, as well as in harm to the organization’s reputation.

  1. Island hopping

‘Island hopping’ is an attack which exploits vulnerabilities in the networks of an organization’s partner/s, instead of directly attacking the organization itself, in order to gain access to sensitive data.

The FS-ISAC’s (Financial Services Information Sharing and Analysis Center), in its Global Intelligence Office report titled Navigating Cyber 2022, predicted that in 2022 third-party risk, zero-day vulnerabilities, and ransomware groups will adapt to the changing cyber environment and continue to increase.  

Is it cost-effective to engage a financial services cybersecurity company?

As shown above, cybercriminals can employ many methods to attack financial institutions, and when successful, can cause potentially disastrous financial and reputational harm. Given the predicted increase of such attacks, and the many attack vectors available to cybercriminals, the answer is a definite YES.

The cost of cybersecurity services, such as those offered by ACID, when weighed against the potential risk and harm, leave no doubt.

ACID Intelligence and DIP cost-effectively confront the increased risks faced by finance and banking institutions. Advance detection in the early stages of cyberattack planning, and continuous tracking to collect more information to enable implementing targeted countermeasures, are critical to foiling the attacks or mitigating their impact.

ACID Technologies offers a solution to the threats against the financial and banking sector. It implements AI algorithms and deploys clusters of bots that scan the clear, deep web and dark web 24/7/365, using client-specific keywords in several languages, to detect the earliest signs of an impending attack.

The detection of the types of attacks listed above, as well as others, help financial organizations protect themselves from financial scams, fraud, direct theft, data theft, extortion and the opening of fake accounts and lines of credit.

A report titled ‘Modern Bank Heists 5.0’ published by the cloud computing and software provide VMware, based on a survey of conducted among 130 Chief Information Security Officers, states that 7 of 10 of the financial institutions spend up to 12% of their overall IT budget on security; however, the majority intended to increase their budget by 20% to 30% in 2022.

Subscribing to the cybersecurity services offered by ACID Technologies can spare your organization the potentially disastrous effects of cyberattacks at a fraction of their cost, and enable you to put your resources to good use where they are most needed.