As we move towards digital economy, we are facing a looming threat of cybersecurity in banks. Leveraging techniques and practices that are designed to protect our data is paramount to successful digital revolution. Whether it is an accidental breach or a well-coordinated cyberattack, the strength of cybersecurity in banks determines the safety of our Personally Identifiable Information (PII), and by extension, ourselves.
Review of Current State of Cybersecurity in Banks
According to the S&P Global study on the share of reported cyber incidents across the industries in the past five years, financial institutions have topped the list and experienced more than a quarter of these cybersecurity issues. To draw a comparison BFS industry faced 26% of these cybersecurity incidents in comparison to Healthcare (11%) and Software and Technology Services (7%) and Retail (6%).
The rapid rise in the volume of cyber threats implies how important cybersecurity in banks is today. Cyber-attacks can be extremely expensive to endure, especially for small financial institutions and credit unions that don’t have sufficient resources to get through. Also, reputational damage for such financial institutions can prove to be catastrophic.
Financial institutions face significant and varied cyber threats which can be handled well with effective cybersecurity strategies. In this article, we will discuss such threats, strategies that can help to deal with them and tools that financial institutions can leverage to strengthen their cybersecurity practices. Let’s begin.
Cybersecurity in Banks - Common Threats
Credential Stuffing
Phishing attacks are acknowledged to be the most recurring type of cyberattack and has evolved over the last 3 decades. They are used to steal login credentials, credit card numbers and other critical user data. It happens by opening a malicious link that leads to malware installation in the system.
Phishing attacks are also one the most common challenges of cybersecurity in banks. They can have a devastating impact on financial institutions as they can be used to gain a foothold in the institution’s network to launch a larger attack like APT (Advanced Persistent Threat). In case of APT, the unauthorized user can gain access to the system and remain undetected for an extended period. This can cause significant losses, in terms of money, data as well as reputational damage. The survey states that financial institutions are top targets of phishing attacks as of 1st Quarter 2021. (Statista)Phishing Attacks
Phishing attacks are acknowledged to be the most recurring type of cyberattack and has evolved over the last 3 decades. They are used to steal login credentials, credit card numbers and other critical user data. It happens by opening a malicious link that leads to malware installation in the system.
Phishing attacks are also one the most common challenges of cybersecurity in banks and can have a devastating impact on financial institutions as they can be used to gain a foothold in the institution’s network to launch a larger attack like APT (Advanced Persistent Threat). In case of APT, the unauthorized user can gain access to the system and remain undetected for an extended period. This can cause significant losses, in terms of money, data as well as reputational damage. The survey states that financial institutions top the list in most targeted by phishing attacks as of 1st Quarter 2021. (Statista)
Sneak Peek
The Reserve Bank of New Zealand announced it suffered a breach via a third-party file sharing service used to store sensitive data. The scope of the information accessed is still being evaluated. (Reuters)
Trojans:
Idea of Trojan Horse dates back to the Trojan War. The Greeks tricked Trojans with a horse filled with warriors to gain access to Troy. Today, the word Trojan is used to describe a variety of malicious strategies used by a hacker gains access to secure information using trickery.
A Banker Trojan appears as a legitimate piece of software until it is installed on a computer. But it is a malicious computer program designed to gain access to confidential information stored or processed through online banking systems. This type of computer program is built with a backdoor, allowing outside parties to gain access to a computer.
Ransomware
Ransomware is a cyber-threat in which the malware encrypts the critical data and makes it impossible for owners to access until they pay a hefty fee or ransom. It is a significant threat to banking institutions, as in the past year, 90% of them have experienced ransomware. (Purplesec)
Apart from challenging Cybersecurity in Banks, threat of ransomware also extends to cryptocurrencies. Decentralized nature of cryptocurrencies provides an opportunity to cybercriminals to hack into trading platforms and steal funds.
Sneak Peek
An attack on cloud environment of an American Bank Holding Company between March and July of 2019 compromised the personal data of approximately 100 million customers of this financial institution. The breach affected 100 million individuals in the United States and approximately 6 million in Canada and allowed the hacker to make away with about 140,000 Social Security numbers and about 80,000 linked bank account numbers of credit card customers. Besides financial penalties, this has also hampered the brand reputation of the bank. The type of cyberattack is known as a Server-Side Request Forgery (SSRF), which is nothing, but a trick used to make a server execute unauthorized commands on behalf of a remote user. (The New York Times)
Spoofing
In this kind of cyber-attack, hackers use a clone site. They impersonate a banking website by
a. creating a domain with a slight change in spelling or domain extension and
b. designing a layout that looks and functions exactly like the original one
This cloned website is shared with the user though a third-party communication platform such as text message or email. When an unsuspecting user enters his or her login information, that information is stolen by hackers. Much of this problem can be handled by having seamless multi-factor authentication.Food for Thought: Food for Thought: Cloud services have proven to be very useful and dependable for banking and financial industry over the years. The amount of IT expenses saved, notable boost in the system uptime, and easy management of data, have helped banks.
However, bad strategy and execution could negate the benefits that cloud offers. Hence, financial institutions must opt for the right technological solution to avoid potential security issues.
Cyberthreats in small banks and credit unions
The rising threat of ransom Cyber criminals are going after smaller banks and credit unions. These smaller financial institutions may not have well-placed cybersecurity defences to avert hackers. Therefore, they become attractive target for cyber attackers.
Ransomware is a particular concern for credit unions due to financial and reputational ramifications. A recent report by Beazley Breach Response notes the rising threat to small banks and credit unions with less than $35 million in annual revenue. According to the sixth annual community bank survey conducted by the CBCS (Conference of State Bank Supervisors), more than 70% of respondents considered cybersecurity in banks as the most important risk.
Even though the extent of cyber threats looks terrifying, there are a few measures can be taken to resolve threats of cybersecurity in banks:
- Evaluate the cloud security’s current state against security benchmarks, best practices, and compliance standards.
- Keep all systems up to date to minimize vulnerability and avoid sideloading applications to minimize the chances of zero click attacks.
- Formulate a well-structured disaster recovery plan to avoid massive data loss and downtime in case of a cyber-attack.
- Use vulnerability management tools to automate threat detection and protect against potential threats.
- Install automated back-up options with secured encryption and Privileged access management (PAM)
- Have a defined access management to part-time workers, temporary workers, and third-party vendors.
- Improve the cybersecurity in banks at data level by investing in cryptographic encryption.
- Many users never change their passwords. Or even if they do, they just make cursory changes. This leaves such accounts vulnerable. Using Multi-Factor Authentication (MFA) as protection layer (introducing another factor of authentication such as sending a code sent to a customer’s mobile phone or email address) decreases the chance of breach.
Along with these strategies, there are certain tools which financial institutions can leverage to strengthen their cybersecurity policies:
Banks must have the Right Cybersecurity Tools in Place. What banks can’t see can hamper security. When it comes to the increasing use of digital consumer data and corresponding compliance requirements, the lack of visibility into the type of tools being used and how they are interrelated can create significant security shortfalls that financial institutions can’t afford. Armed with better analytics and insights, one need to dig in and find what’s working, what isn’t and what needs to change to boost overall cybersecurity in banks.
Network Insight Products
Network insight products are tools that focus on providing a centralized view of the bank’s network data to identify potential security concerns. Detecting vulnerabilities and loopholes in advance can prove beneficial.
Data Loss Prevention Solutions
Data Loss Prevention (DLP) solutions can help in improving cybersecurity in banks by minimizing the blind spots and protects data in transit or at rest. Integrating DLP solutions into existing cybersecurity tools is a smart move to strengthen cybersecurity.
E-Crime Intelligence Tools
E-crime intelligence tools offer comprehensive monitoring of the digital underground. They monitor underground sources such as the dark web and hacker forums to make cybersecurity practices proactive instead of reactive. These tools boost the cybersecurity in banks and minimizes the occurrence of cybercrimes.
Machine Learning Powered Cybersecurity Tools
Machine learning powered cybersecurity tools keep track of customers’ spending patterns and detect when accounts have been compromised in any way. Its fraud alerts help financial institutions to tackle the situation before the damage becomes severe. Its practices also help to identify mule accounts, both internal and external.
We have penned down our views on Role of RPA in Banking and how they are mitigating risks in financial institutions.
Cybersecurity in Banks: Ready and Resilient
As banks and financial institutions understand well, the weight of responsibility on their shoulders and the level of risk which they face when it comes to cybersecurity threats. Therefore, banks have been quick to adapt to the changing demands of remote working.
Some of the measures to improve cybersecurity in banks include:
- Addressing training gaps and encouraging employees to maintain digital hygiene.
- Ensuring that employees get secured and continuous software updates.
- Adjusting security policies, like running frequent and tailored awareness campaigns, which results in an improvement in employee click rates during monthly anti-phishing tests.
- Restricting the use of USB devices.
- Adopting secure remote hardware by shifting contact centers into the cloud.
- Embracing customer-focused measures, such as expanding biometrics and device-based authentication for sensitive transactions on new digital channels.
- Investing in advanced, AI-powered security and fraud detection tools for fraud prevention.
- Ramping up cybersecurity spending to fortify new work-from-home arrangements.
Improving Cybersecurity in Banks - Way Forward
Cybersecurity is a major area of concern for industries across the globe. The constant threat of someone stealing crucial data haunts organizations. Especially for financial institutions that hold massive amounts of what is probably the most critical data of people, cyber threats become a great challenge.
Constant adoption of cybersecurity practices in banks can strengthen the protection from cyber threats and help financial institutions to gain the reputation of safety and security. As it is commonly said, prevention is better than the cure. It is particularly true about cybersecurity in banks. So, investment into foolproof cybersecurity solutions in banks is a critical step to stay competitive and future-ready.