As October is National Cybersecurity Awareness Month (ECSM), it is important that key decision-makers in the financial services sector know the best strategies to ensure the security of banks’ assets as well as how to efficiently and reliably defend their networks.
This is especially true and important in the age of digitalisation, where the surge in remote working (boosted by the Covid-19 emergency) and IT budget constraints, IT vulnerabilities have intensified.
The increase in the number of security breaches is because the number of potential targets has expanded, from laptops to smartphones to Internet of Things (IoT) devices, which pose a constant security risk to both individuals and financial institutions. These act as ideal "entry points" for cybercriminals.
Of course, security breaches lead to loss of revenue, reputation, and customers for banking institutions, as well as interruptions to operations. For the first half of 2020, banks endured a 238% spike in cyberattacks and for five consecutive years, financial services have been the most targeted sector. Let’s explore this in more detail:
What are the main attacks?There are different ways threat actors can gain access to your business network. Here are just some examples.
1. Phishing
It can be defined as the use of social engineering and technical subterfuge to defraud an online account holder of their financial personal information or login credentials by posing as a trusted identity.
Phishing attack can be executed through multiple means including phishing emails, phone calls, web link manipulation and website forgeries to convince users to divulge sensitive information or participate unknowingly in fraudulent transactions
2. DDoS attacks
They consist in launching an attack on a bank which can cause slow website response times and prevent customers from accessing their online banking and other financial applications.
This way attackers access sensitive customer data such as financial credentials and open fake accounts, access funds and continue their pattern of fraudulent activities. In 2020 a 30% increase in DDoS attacks was reportedly targeted at the financial services industry. Increases were seen in traffic volumes, attack duration and packets per second.
3. APTs
Advanced persistent threats are stealthy threat actors. They are typically a nation state or a state-sponsored group, which gain unauthorised access to a computer network and remains undetected for an extended period. The financial sector has been highly affected by APTs, and banks are particularly targeted.
These sophisticated threats combine advanced intrusion and spoofing techniques to allow hackers to gain access to account management applications, for example.
4. RaaS - Ransomware-as-a-Service
Ransomware has evolved into a ‘service offering’ known as Ransomware-as-a-Service (RaaS) that enables inexperienced cybercriminals to deploy an attack with relative ease.
Essentially, it is a subscription-based model that enables affiliates to use already-developed tools to carry out attacks and permits cybercriminals, that are unfamiliar with malware development, to outsource this skill and easily deploy an attack.
Cybersecurity for financial institutionsStandalone solutions are not enough to defend networks. Financial institutions need to consolidate a variety of protection mechanisms on a single platform such as application whitelisting, full encryption of all hard disks and media, file system integrity protection, hardware protection and a firewall to stop network attacks.
That said, organisations should also find innovative ways to use their existing resources more effectively. For instance:
- Automating more processes to identify and respond to issues in real-time before they impact business operations.
- Equalising workloads based on broader threat analysis with a particular focus on, for example, data leaks or introduced malware.
- Breaking down silos by introducing advanced self-service platforms.
- Consolidating activities such as combining effective cybersecurity strategy with proactive device monitoring to maintain service availability.
Overall, the pandemic and remote working drove a significant increase in cyberattacks and this appears to be a trend that is set to continue into the new year.
Cybersecurity is a long-term investment and organisations must teach customers and employees how to identify potential threats through training, education, and awareness programs. To circumvent such attacks, financial institutions must act now and enhance their operational resilience.