It’s becoming common knowledge that cyber-crime is on the rise. According to the Annual Cost Of Cybercrime Study by the Ponemon Institute and Accenture, in the last 5 years we have seen 67% increase in the number of reported data breaches.
The banking sector continues to be the #1 target for cyber-criminals with the average annual cost of cybercrime estimated to be over $18 million. Financial institutions are spending more on cyber-security than ever before, with spending almost tripling in the last 3 years. Some institutions pay as much as $3,000 per employee. When you think that HSBC hires around 235,000 employees, you can see how the costs start to add up.
What Are the Threats?
More than 25% of malware attacks target the financial sector – more than any other industry vertical. We’ve seen a significant increase in the number of compromised credit cards (up 200%) and leaked credentials, according to recent article by Forbes.
We’ve also seen a large increase in the number of Trojans – a type of malware that is disguised as legitimate banking applications – with Ursnif being one of the most common types of Windows banking trojan.
At the start of the year, the UK’s Metro Bank fell victim to an SS7 attack, which was the first publicly reported case of a UK bank falling victim to such an attack. SS7 (Signaling System 7) is a protocol used by telecommunication companies. Were a hacker able to exploit vulnerabilities in the SS7 protocol they can intercept messages between the banks and the consumers – which often contain verification codes and other important information.
SS7 attacks have become more popular because they enable hackers to circumvent authentication protocols, such as 2FA, which not only requires a password, but also some other information, such as a verification code. Hackers have been known to use these codes to empty the victims’ bank accounts. Of course, hackers will still attempt more traditional attack vectors such as DDoS, phishing and social engineering.
What Are the Causes?
Given the sheer number of cyber-criminals out there, and the constantly evolving attack vectors, it’s not a question of if, but when, a security incident will occur. For a cyber-criminal, a failed attempt is negligible. Yet, were they to succeed, they can regain their losses several times over. And it’s very difficult to catch cyber-criminals.
Using botnets, they can easily mask their device and location, or hijack another device to carry out malicious activities. And let’s not forget about insider threats. After all, insiders already have access to the company’s ‘crown jewels’, which they can use for many fraudulent activities.
It’s not just malicious employees that we need to worry about. According to an article by Techrepublic, 54% of IT professionals believe that careless workers were “the root cause of cybersecurity incidents”, which is especially concerning due to the rise in the number of ransomware attacks. Employees unwittingly share sensitive data and credentials, access websites or download email attachments containing malware.
However, unlike an SS7 attack, which may require a dedicated SS7 firewall in order to identify suspicious traffic, monitoring user behavior is relatively straight forward, especially given the number of affordable solutions that have come on the market in recent years.
What Can You Do?
With so many different attack vectors, coming from so many different sources, financial institutions must face the sobering truth that they will need to constantly improve their defense strategy and keep abreast of the latest tools and technologies, if they are stand any chance of keeping their data secure.
Fortunately, there are many easy and affordable things you can do to immediately improve your chances of detecting and responding to a threat. One such step is to implement a Data Security Platform that can monitor user behavior with your most sensitive data and alert you when anomalies are spotted.