As we move towards developing a digital society, the threat of cybercrime increases as well. Leveraging techniques and practices that are designed to protect our data is paramount to cybersecurity in banks. Whether it is an accidental breach or a well-planned cyberattack, the strength of our cybersecurity practices determines the safety of our Personally Identifiable Information (PII), and by extension, ourselves.
State of Cybersecurity in Banks
According to the S&P Global study on the share of reported cyber incidents across the industries in the past five years (2016-2021), financial institutions have topped the list and experienced more than a quarter of these cybersecurity issues. To draw a comparison BFS industry faced 26% of these cyber security incidents in comparison to Healthcare (11%) and Software and Technology Services (7%) and Retail (6%).
The rapid rise in the volume of cyber threats implies how important cybersecurity in banks is today. Cyber-attacks can be extremely expensive to endure, especially for small financial institutions and credit unions that don’t have sufficient resources to get through. Also, reputational damage for such financial institutions can prove to be catastrophic.
Financial institutions face significant and varied cyber threats which can be handled well with effective cybersecurity strategies. In this article, we will discuss such threats, strategies that can help to deal with them and tools that financial institutions can leverage to strengthen their cybersecurity practices. Let’s begin.
Cybersecurity Threats Faced by Financial Institutions
Credential stuffing is a cyberattack in which lists of email ids, usernames and passwords are stolen to gain unauthorized access to user accounts by using large-scale login requests. In financial institutions, credential stuffing is targeted towards gaining unauthorized access to personal identifiable data of banking customers. The stolen information can be used to hack websites and servers to gain access to critical IT infrastructure.
Often obtained via the dark web, the lists of keys and logins save a lot of time for hackers, as the credentials being used are known to have worked at some point. Although it is an emerging threat to cybersecurity in banks, credential stuffing is a credible cyberthreat that can cause a massive surge in data breaches if not dealt with properly.
Phishing attacks are acknowledged to be the most recurring type of cyberattack and has evolved over the last 3 decades. They are used to steal login credentials, credit card numbers and other critical user data. It happens by opening a malicious link that leads to malware installation in the system.
Phishing attacks can have a devastating impact on financial institutions as they can be used to gain a foothold in the institution’s network to launch a larger attack like APT (Advanced Persistent Threat). In case of APT, the unauthorized user can gain access to the system and remain undetected for an extended period. This can cause significant losses, in terms of money, data as well as reputational damage. The survey states that financial institutions top the list in most targeted by phishing attacks as of 1st Quarter 2021. (Statista)
The Reserve Bank of New Zealand announced it suffered a breach via a third-party file sharing service used to store sensitive data. The scope of the information accessed is still being evaluated. (Reuters)
Idea of Trojan Horse dates back to the Trojan War (1260 BC – 1180 BC), where the Greeks used wooden horse filled with fighters in order to gain access to the Turkish city of Troy. Today, the word Trojan Horse/Trojan is popularly used to describe a variety of malicious strategies whereby a foe gains access to an otherwise secure location using trickery.
A Banker Trojan which is a form of Trojan may appear as a legitimate piece of software until it is installed on a computer device, but it is a malicious computer program designed to gain access to confidential information stored or processed through online banking systems. This type of computer program is built with a backdoor, allowing outside parties to gain access to a computer.
Ransomware is a cyber-threat in which the malware encrypts the critical data and makes it impossible for owners to access until they pay a hefty fee or ransom. It is a significant threat to banking institutions, as in the past year, 90% of all financial institutions have experienced ransomware. (Purplesec)
The threat of ransomware also extends to cryptocurrencies, as their decentralized nature provides an excellent opportunity to cybercriminals to hack into trading platforms and steal funds. Due to the nature of cryptocurrencies, ransomware becomes untraceable, which enables cyber criminals to attack any business without the threat of any evidence leading back to them.
An attack on cloud environment of an American Bank Holding Company between March and July of 2019 compromised the personal data of approximately 100 million customers of this financial institution. The breach affected 100 million individuals in the United States and approximately 6 million in Canada and allowed the hacker to make away with about 140,000 Social Security numbers and about 80,000 linked bank account numbers of credit card customers. Besides financial penalties, this has also hampered the brand reputation of the bank. The type of cyberattack is known as a Server-Side Request Forgery (SSRF), which is nothing, but a trick used to make a server execute unauthorized commands on behalf of a remote user. (The New York Times)
In this kind of cyber-attack, hackers use a clone site. They impersonate a banking website by creating a domain with a slight change in spelling or domain extension and by designing a layout that looks and functions exactly like the original one. This cloned website is shared with the user though a third-party communication platform such as text message or email. When an unsuspecting user enters his or her login information, that information is stolen by hackers. Much of this problem can be handled by having seamless multi-factor authentication.Food for Thought: Cloud services have proven to be very useful and dependable for banking and financial industry over the years. With the amount of IT expenses saved, the notable boost in the system uptime, and easy management of data, it has really come in handy for banks and other financial institutions. However, bad strategy and execution could negate the benefits that cloud offers. Hence, financial institutions must opt for the right technological solution to avoid potential security issues.
Cyberthreats in small banks and credit unions
The rising threat of ransom Cyber criminals are going after smaller banks and credit unions. These smaller financial institutions many times do not have the well-placed cyber security defenses to avert hackers, therefore, makes them an attractive target for cyber attackers.
The rising threat of ransomware is a particular concern for smaller financial institutions like credit unions. A recent report by Beazley Breach Response notes the rising threat to small banks and credit unions with less than $35 million in annual revenue. According to the sixth annual community bank survey conducted by the CBCS (Conference of State Bank Supervisors), more than 70% of respondents considered cybersecurity in banks as the most important risk.
Even though the extent of cyber threats looks terrifying, there are a few measures can be taken to resolve threats of cybersecurity in banks:
- Evaluate the cloud security’s current state against security benchmarks, best practices, and compliance standards.
- Keep all systems up to date to minimize vulnerability and avoid sideloading applications to minimize the chances of zero click attacks.
- Formulate a well-structured disaster recovery plan to avoid massive data loss and downtime in case of a cyber-attack.
- Use vulnerability management tools to automate threat detection and protect against potential threats.
- Install automated back-up options with secured encryption and Privileged access management (PAM)
- Have a defined access management to part-time workers, temporary workers, and third-party vendors.
- Invest in cryptographic encryption of data.
- Many users never change their passwords. Or even if they do, they just make cursory changes. This leaves such accounts vulnerable. Using Multi-Factor Authentication (MFA) as protection layer (introducing another factor of authentication such as sending a code sent to a customer’s mobile phone or email address) decreases the chance of breach.
Along with these strategies, there are certain tools which financial institutions can leverage to strengthen their cybersecurity policies:
Banks must have the Right Cybersecurity Tools in Place. What banks can’t see can hamper security. When it comes to the increasing use of digital consumer data and corresponding compliance requirements, the lack of visibility into the type of tools being used and how they are interrelated can create significant security shortfalls that financial institutions can’t afford. Armed with better analytics and insights, one need to dig in and find what’s working, what isn’t and what needs to change to boost overall cybersecurity in banks.
Network Insight Products
Network insight products are tools that focus on providing a centralized view of the bank’s network data to identify potential security concerns. Detecting vulnerabilities and loopholes in advance can prove beneficial.
Data Loss Prevention Solutions
Data Loss Prevention (DLP) solutions can help in improving cybersecurity in banks by minimizing the blind spots and protects data in transit or at rest. Integrating DLP solutions into existing cybersecurity tools is a smart move to strengthen cybersecurity.
E-Crime Intelligence Tools
E-crime intelligence tools offer comprehensive monitoring of the digital underground. They monitor underground sources such as the dark web and hacker forums to make cybersecurity practices proactive instead of reactive. This minimizes the occurrence of cybercrimes in financial institutions.
Machine Learning Powered Cyber Security Tools
Machine learning powered cyber security tools keep track of customers’ spending patterns and detect when accounts have been compromised in any way. Its fraud alerts help financial institutions to tackle the situation before the damage becomes severe. Its practices also help to identify mule accounts, both internal and external.
We have penned down some of our views on Role of RPA in Banking and how they are mitigating risks in financial institutions.
Cybersecurity in Banks: Ready and Resilient
As banks and financial institutions understand well, the weight of responsibility on their shoulders and the level of risk which they face when it comes to cyber security threats. Therefore, banks have been quick to adapt to the changing demands of remote working.
Some of the measures to improve cybersecurity in banks include:
- Addressing training gaps and encouraging employees to maintain digital hygiene.
- Ensuring that employees get secured and continuous software updates.
- Adjusting security policies, like running frequent and tailored awareness campaigns, which results in an improvement in employee click rates during monthly anti-phishing tests.
- Restricting the use of USB devices.
- Adopting secure remote hardware by shifting contact centers into the cloud.
- Embracing customer-focused measures, such as expanding biometrics and device-based authentication for sensitive transactions on new digital channels.
- Investing in advanced, AI-powered security and fraud detection tools for fraud prevention.
- Ramping up cybersecurity spending to fortify new work-from-home arrangements.
Cybersecurity is a major area of concern for industries across the globe. The constant threat of someone stealing crucial data haunts organizations. Especially for financial institutions that hold massive amounts of what is probably the most critical data of people, cyber threats become a great challenge.
Constant adoption of cybersecurity practices in banks can strengthen the protection from cyber threats and help financial institutions to gain the reputation of safety and security. As it is commonly said, prevention is better than the cure. It is particularly true about cybersecurity in banks. So, by investing in foolproof cybersecurity strategies and tools financial institutions can stay on top of the game and secure their data efficiently.