The financial industry, subject to strict regulatory requirements, has higher average security breach costs than most other industries. As IBM points out in its 2020 Cost of a Data Breach report, public sector organizations traditionally have the lowest costs because they are unlikely to experience a significant loss of customers due to the breach. of data. Naturally, due to the type of data banks and other businesses collected from customers, the financial industry has always had a target on its back. COVID-19 has only made the problem worse, with threat actors taking full advantage of these uncertain times.
Effect of the pandemic on cybercrime
In the first half of 2020, according to VMware Carbon Black, financial institutions faced a peak in attacks of 238%. In addition, 27% of all attacks targeted the healthcare or financial sectors. In early 2021, Keeper Security found that 70% of financial services organizations had reported experiencing a cyber attack in the past year, with the majority of respondents suggesting that COVID-related conditions were contributing to the increase in the severity of the attacks. The peak in attacks coincided with significant developments in COVID-19, such as the World Health Organization declaring a global health emergency. Major events that can create fear or hysteria are a useful lure for phishing scams.
Why is the cost so high?
IBM’s report notes that the average total cost of a data breach in the financial services industry in 2020 was $ 5.85 million; the average cost of a data breach across all industries was $ 3.86 million. There are a myriad of reasons, direct and indirect, why the cost of a beach can be so high for financial organizations. Upfront costs can include crisis detection and management, such as forensics, as well as the required notifications, which can become expensive depending on the number of people affected.
One of the main long-term costs is loss of business. High data exposure often leads to negative media exposure, which damages brand reputation, ultimately leading to loss of trust and confidence from customers. Other factors to consider include legal fees; increases in insurance premiums; ransomware payments (despite the US government warning not to); and finally, heavy fines. In 2020, 198 fines were imposed, a peak of 141% from the previous year, according to Fenergo.
Types of cyber attacks
Attacks facing the industry span the gamut from Distributed Denial of Service (DDoS) to mobile banking exploitation, and tracking the most common attack types is critical to properly preparing your organization.
Professional messaging compromise (BEC)
Cybercriminals can spoof executives’ email addresses and demand payments, making it difficult to discern whether an email is legitimate. According to Kroll, the BEC is a major threat to organizations in this industry, with its associated risks such as misdirected payments.
Distributed Denial of Service (DDoS)
DDoS attacks – which can freeze the operations of customers of financial institutions – increased last year in the wake of the digital shift caused by COVID-19. DDoS attacks can also serve as a distraction to cover up the fraud that takes place behind the scenes. Operation of mobile banking services
In June 2020, the Internet Crime Complaint Center (IC3) released a public service announcement warning that the use of mobile banking services has increased by 50% – which could lead to exploitation via banking Trojans based on applications and fake banking applications.
In September 2020, it was reported that one in four Americans had received a phishing email related to COVID-19. Phishing emails were so problematic amid the pandemic that the American Bankers Association launched the #BanksNeverAskThat campaign to provide the public with information to arm them against scams. Shortly after, the Financial Crimes Enforcement Network (FinCEN) issued a notice alerting financial institutions to the potential of phishing programs related to COVID-19 vaccines and their distribution.
FinCEN’s December advisory added that, “Cyber criminals, including ransomware operators, will continue to exploit the COVID-19 pandemic alongside legitimate efforts to develop, distribute and administer vaccines.” There are, unfortunately, many examples of ransomware affecting banks in the past year alone.
Tips for reducing cyber risks
Financial organizations can take simple steps to prevent cybercrime, and in particular, human error plays an important role in mitigating cyber threats. Just training employees in cybersecurity awareness can make a huge difference. Employees need to understand the signs of a scam, stay alert, and report phishing attempts early. Other tips include: implementing multi-factor authentication on customer-facing applications; establish a strong password policy for your organization; and proactively monitor, detect and discover identity information found in open sources (surface, social, deep and dark web) to understand your organization’s digital footprint.
As the vaccine becomes more widely available and we move towards a sense of normalcy, we must not let our guard down on cybersecurity. Cybercriminals will continue to evolve, so security operations teams must keep pace to minimize future exploitation.
Pablo Castillo is a Cyber Threat Research Analyst at Constella Intelligence – a digital risk protection company that works in partnership with some of the world’s largest organizations to protect what matters most and defeat digital risks.