The financial sector has long been a target of cyber thieves. But despite their robust security postures, they continue to be the focus of some of the most innovative attack campaigns.
Cybercriminals are laser focused on crafting attacks that will yield the most amount of revenue for the least amount of work. So, organizations whose business revolves around money makes a lot of sense as a potential target, right? Banks, lenders, mortgage brokers, and other organizations are a constant target because of the lure of easy big money.
According to the 2nd annual report, Modern Bank Heists: The Bank Robbery Shifts to Cyberspace, from security vendors Carbon Black and Optiv, cybercriminals are hitting financial institutions hard:
- 67% of organizations saw an increase in cyberattacks over the past 12 months
- Attacks focused on destroying data rather than financial gain have increased 160% over 2018
- 47% reported an increase in wire transfer fraud attacks
- 31% reported an increase in home equity loan fraud attacks
- 32% have experienced counter-incident response tactics
The bad guys are definitely coming for the financial institution with a passion. 79% of financial institutions feel cybercriminals have become more sophisticated in their methods, “leveraging
highly targeted social engineering attacks, advanced tactics, techniques, and procedures (TTPs) for hiding malicious activity, and exploiting weaknesses in people, processes and technology.”
Financial institutions need to focus their security efforts in the areas the cybercriminal is targeting.Social engineering and “exploiting weaknesses in people” highlights the need for Security Awareness Training to educate users on the need for vigilance when interacting with email and the web, the importance of security, and methods used by cybercriminals to make the user – and the organization – their victim.