Cyberattacks and Financial Services: Good News, Bad News

By on

As highlighted in the Verizon 2017 Data Breach Investigations Report, the financial services sector continues to be a target of cyberattacks. That said, the trend has also shifted to other verticals, such as healthcare with the recent WannaCry attack and other hospital data breaches. One hopes, as the report suggests, that banks’ significant investments have paid off, and that the reduction in overall incidents is a demonstration of their improved security posture. Of the reported attacks, most were associated with DDOS, and the rest were primarily skimming efforts used in stealing card data.

Account take overs continue to be a pestilence for the banking industry although improvements in fraud detection and authentication have reduced the success of these types of attacks. Meanwhile, insider privilege misuse continues to rise and banks will clearly need to make more investment in their systems and behavioral analytics to protect themselves.

These types of security improvements may have reduced the number of financial services breaches. On the other hand, we must also examine an alternate theory: That the sheer availability of financial data has reduced its value and, therefore, prompted criminals to seek more fruitful avenues—for example, health care data and its rich bounty of Social Security numbers or and other personal identifiers. Analysts of the U.K. health system’s WannaCry breach estimate that medical information could be worth ten times more than credit card numbers on the Dark Web.

Even in these cases, however, cybercriminals often seek to monetize attacks. Their activity will often still touch financial institutions, who will continue to bear the brunt of monetary losses associated with cybercrime regardless of the originally targeted industry.

Further, we can expect to see a rise in mobile and cloud-based attacks as these technologies gain consumer adoption. To blunt these threats, communication across the financial industry and across vertical industry lines will be one of the best defenses as the business of cybercrime continues to keep pace with the technical evolution.

Categories: Business
Tags: , ,

Leave a Comment

Similar articles

As ransomware threats become more sophisticated, the tactics cybercriminals use to coerce payments from users become more targeted as well. And now, a stealthy strain is using deceptive techniques to mask its malicious identity. Meet CryptoMix ransomware, a strain that disguises itself as a children’s charity in order to trick users into thinking they’re making ...
Read Blog
Microsoft recently patched a critical flaw in Internet Explorer’s scripting engine that could lead to remote code execution. The vulnerability is being exploited in the wild and was originally reported by a researcher from Google’s Threat Analysis Group. Microsoft released an out-of-band patch to fix the vulnerability before the normal patch cycle. McAfee products received ...
Read Blog