Financial services are at the heart of our global economy and it is safe to say that cybercrime is a major risk to the banking system. Cybersecurity has become a vital investment for the financial sector. In 2019, Jamie Dimon, CEO of JP Morgan Chase & Co., stated that “cyber attacks may be the biggest threat to the U.S. financial system.” That’s probably why JP Morgan Chase spends nearly $ 600 million each year to strengthen its cyber defenses and in the face of “a steady stream of attacks”.
Even with JP Morgan Chase’s significant cyber spending, they suffered a major data gap in 2013. According to a Forbes article, information from 76 million households (approximately 65% of all U.S. households) and 7 million small businesses were committed. Financial services companies are well aware of the problem and are working hard to fight cybercrime, but cybercrime continues to disassociate huge amounts of money each year, $ 4.2 million in 2020 alone, according to the FBI.
Unfortunately, cyberattacks on the financial sector are all too common. In its latest report, the European Central Bank’s 2020 edition of its ECB banking supervision: the risk assessment report identified the main risk factors that the European Central Bank’s banking system is expected to face. the eurozone over the next three years. These risks are increased by:
- The continued digitization of financial services
- The obsolescence of certain banking information systems
- Interconnection with third-party information systems and, by extension, cloud migration
In the United States, financial services face identical problems. According to a cybersecurity report from the Boston Consulting Group, banking and financial institutes have a cyberattack risk 300 times more than other companies. In addition, an Accenture study found that the average annualized cost associated with data breaches for global financial services companies has risen to $ 18.5 million.
As for the banking sector, there are specific characteristics that make cyberattacks very serious, both in terms of the probability of occurrence and the potential severity of the impacts. Data security is an important issue for the financial sector, which plays a key role in the economy. A security incident in a banking institution can have consequences on the day-to-day operations of an entire country, or even an entire region of the world.
Current financial services depend entirely on computer systems. Although they began to be digitized very early on, there are many obsolete information systems (IS) today. In fact, many security incidents have been related to mismatched tools. In some cases, the software patches are simply not installed.
ImmuniWeb studied external web applications, APIs, and mobile applications from the S&P Global list (which lists the world’s largest financial organizations in 22 countries). Among other things, ImmuniWeb found that 91% of mobile banking applications contain at least one medium-risk security vulnerability. One thing to keep in mind when it comes to these companies is that financial sector information systems tend to rely on multiple decentralized systems within large and widely interconnected groups, which increases cyber risks. These elements make financial services a very lucrative goal. Banking requires more sophisticated protection mechanisms and detection of attacks in terms of cybersecurity.
3 main cyber threats for the banking and financial sector
(1) Phishing and DDoS at the forefront
According to recent trends, the financial sector continues to have higher rates of confirmed incidents in social engineering than most other sectors, especially phishing. In 2020, no other sector had as many DDoS attacks. Industries such as retail banking and banking experienced an increase in attacks at certain times during the months of COVID, probably due to the increase in online traffic volumes. According to the ORX News dataset, RCDevs estimates that, on average, in the financial sector, fraud-type cyberattacks account for 43% of events, data breaches for 34% and disruptions for 23%. In addition, Imperva’s 2020 report on DDoS attacks in COVID-19 times shows that DDoS attacks have increased by 30% in financial services between 2019 and 2020.
Overall, the pandemic and remote work of COVID-19 drove a significant increase in DDoS attacks on financial services in 2020 and it looks like this trend will continue throughout 2021.
(2) Artificial intelligence, a double-edged sword
Financial institutions are increasingly using artificial intelligence technologies. However, behind this growing use of AI lies a double reality. On the one hand, for many financial analysts, artificial intelligence has become an indispensable ally in the fight for cybersecurity. On the other hand, AI can also help cybercriminals trying to attack companies and financial services institutions. Cybercriminals use AI to increase the effectiveness of their attacks. AI can be used to understand patterns of human behavior and then convince them to engage networks and share sensitive financial data.
AI can also be used to identify new vulnerabilities in networks, devices, and applications. Finding vulnerabilities as soon as they appear makes it much easier for hackers to work. On the positive side, banks have developed increasingly sophisticated tools to prevent cyber risks and cybersecurity automation is now the norm in the financial sector, especially compared to other fields. Constant monitoring of all network activity and efficient patch management are essential to combat cybercriminals. When it comes to AI, fighting fire seems to be the best path for financial organizations.
(3) Advanced persistent threats
When it comes to banking systems and financial companies, advanced persistent threats (APTs) are another serious threat due to the sensitive nature of the data. Advanced persistent threats are stealthy threat actors, usually a national state or state-sponsored group, that gain unauthorized access to a computer network and remain undetected for an extended period of time.
Cyber espionage is on the rise and financial services have been hit hard in recent years. Such attacks can be carried out by competitors or a foreign state interested in financial data. The financial sector has been hit hard by APTs and banks are especially targeted. These sophisticated and stealthy threats combine advanced intrusion and counterfeiting techniques to allow hackers, for example, to access account management applications.
Take the Carbanak case. Carbanak is an APT-style campaign aimed at financial institutions that was discovered in 2014 by Russian / British company Cyber Crime Kaspersky Lab. According to estimates by the Economic and Financial Agency, between $ 800 and $ 1 billion was stolen from banks around the world, mainly in Russia, Japan, the United States and Europe. Malicious software discreetly installed a remote administration tool, which is used to access employee passwords. Cybercriminals have been developing other similar techniques to specifically target financial institutions.
There is no denying that financial services organizations are an important target for cyber attackers. Most criminals turn to financial companies simply because that’s where the money is. Despite great efforts to protect themselves from increasingly numerous and sophisticated attacks, companies in this sector must keep their guard up. To deal effectively with the risks of the financial sector, it is recommended to adopt a global and innovative approach. Compliance with applicable regulations should be one of the first steps, and probably the most important, towards effective protection.
Cybersecurity is one of the top priorities of the financial industry as it seeks to ensure the security of its assets as well as the efficient and reliable execution of its business. This is especially true in the post-COVID world, which is increasingly interconnected and digitized. Business leaders in the financial sector need to be more aware of the various cyber threats they face. In short, financial organizations need to be proactive in protecting their customers, their data, their networks, and their operations against cybercrime. Financial sector cybersecurity strategies should also lead to increasing cooperation between banks and other financial organizations. Sharing information about attacks and organizing attack simulations are great exercises, but they may not stop all cyberattacks – they can make a big difference in protection against attacks and in reducing detection and response times.