Across the first portion of 2020, financial firms and financial services organizations experienced a 238% increase in cyber attacks. Nearly 75% of banks and insurance groups witnessed a spike in cyber crime since the start of the pandemic. Here’s what happened at a glance…
In September, the US Department of Treasury’s Financial Crimes Enforcement Network reported that over a billion dollars showed up as stolen from institutions each month. Extortion attacks gained traction and attention, more than 100 financial groups received distributed denial of service threats, exploits were used to better target victims, banking apps functioned as entry points for hackers, and new ATM hacks emerged. Economic stimulus checks, unemployment payments and an increase in poverty may have contributed to the uptick in financial services sector-focused cyber crime.
Within the financial services sector, the average cost of a data breach tops $5 million USD, which surpasses the average cost across all sectors (at $3.86 million USD). As attacks escalate, this level of expenditure could represent a crisis in the making. Why are costs so high?
Financial firms, data breach costs
Data breach costs for financial firms and financial services organizations remain burdensome for a variety of reasons. These include:
- Threat identification specialists
- Crisis management
- Legal counsel and fees
- Loss of clients
Across the past year, more than a third of financial institutions reduced the number of IT personnel in-house. With a skeleton staff and slashed budgets, institutions are now scrambling to defend against threats. What kinds of cyber attacks should financial firms prepare for?
Attack types: Financial firms
Which types of attacks most commonly target financial firms and financial services organizations? The exactitudes of the list change and evolve on a regular basis, but common attack types include:
- Business email compromise attacks
- Distributed Denial-of-Service (DDoS) attacks
- Phishing schemes
Financial groups that must halt business operations to contend with cyber attacks may miss out on revenue. In turn, this may undermine the profitability of the institution in the long-term. From derivatives, to credit lines, to loan losses, cyber crime can lead banks, their private investors or the government to experience significant, ongoing financial setbacks.
Will these concerns result in further pressure to prioritize new cyber security strategies, tactics, policies, protocols, technologies and methodologies?
Cyber risk reduction
Due to their robust monetary resources and their expansive collections of personal information, the financial services sector represents the most commonly breached sector of all. Nonetheless, financial firms and financial services organizations can measurably reduce cyber risk.
- Sophisticated cyber security solutions can remediate malware on endpoints.
- Remote secure access programs can save your organization from breaches.
- Mobile security solutions can protect against operating system threats.
- Phishing exercises can show gaps in prevention and defense mechanisms.
- Perimeter strengthening solutions can be applied so that threat actors cannot gain entry.
Many options are available. Once the coronavirus pandemic —which precipitated this wave of attacks on the financial sector, including one that hit the New Zealand Stock Exchange— subsides, organizations must continue to maintain cyber vigilance. Attacks on financial groups and financial fraud can occur anywhere, at any time.