Currently, the Facebook and Cambridge Analytica scandal is a matter of concern for the data privacy and data security everywhere. Last year, the ransomware attacks, which locked up more than 100,000 computers across 100 countries, also made headlines all around the world. In 2016, the Mirai Botnet attack created one of the largest one of the largest DDoS attacks in the history. In today’s digital world, where personal data is easily accessible by several firms, cybersecurity is no longer a luxury. Cybercrime (or cyber-attack) is a concern today all around the world. The banking and financial services industry, in particular, has become the target of the major cyber attacks. In this post, we will look into the major threats and potential solutions for cybersecurity in the banking and financial services sector.
Cybersecurity in the Banking and Financial Services Sector
In 2016, data security breaches cost the businesses nearly $4 billion and exposed an average of 24,000 records per incident (Source: HBR). In the UK, defending against cyber-attacks and repairing the damage done by hackers who penetrate security systems costs businesses £34 billion per year (Source: Veracode). Although the mega data breaches of 2015 were not repeated in 2017; but the number of data breaches in the healthcare domain increased in 2017 (Source: HIPAA Journal). Approximately, 3.2 million debit cards were compromised in 2016 through a hack on Hitachi’s ATM switch server. As a result, the Union Bank of India suffered a financial loss of around $171 million (Source: Livemint).
What is a Cyber Attack?
A cyber-attack is deliberate exploitation of computer systems, technology-dependent enterprises and networks. Hackers (cybercriminals) use malicious code and software to alter computer code, logic, or data, resulting in disruptive consequences that can compromise data and lead to cyber-crimes such as financial information, healthcare record, and identity theft or system infiltration.
As per the critical information infrastructure rules framed in 2013 under the Information Technology Act, 2000, the banking, financial services and insurance (BFSI) sector is one of the most critical domains that are prone to cyber-attacks. As per PwC, JPMorgan Chase (83 million accounts), Heartland Payments Systems (134 million accounts), Global Payments, Inc. (~1.5 million accounts), Citigroup (360K accounts) reported cybercrimes in 2014.
The banking and financial services sector faces almost three times more cyber-attacks than any other industry. Banks are where money is. Additionally, the banks also possess data of millions of users. So, for cybercriminals, attacking banks offers multiple avenues for profit through extortion, theft, and fraud. More and more, financial services organizations are operating under a constant state of attack, leaving IT and security teams challenged in their ability to collect, disseminate and interpret malicious events.
The Rise of Cyber-Attacks in the Internet Of Things (IoT) World
With the increase in IoT-connected devices, the risk of cyber-attacks increases as well. With the IoT, sensors collect, communicate, analyze, and act on information, offering new ways for technology, media and telecommunications businesses to create value. But this also creates new opportunities for all that information to be compromised. Not only is more data being shared through the IoT, among many more participants, but more sensitive data is being shared. As a result, the risks are exponentially greater.
The cybercriminals and hackers are:
- Using Cloud-based Botnets to takeover processing power
- Exploiting Near Field Communications
- Distributed Denial of Service (DD0oS) attacks launched via the cloud
- Hacks on multifactor authentication technologies
Major Cybersecurity Threats in Banking and Finance Sector
Unencrypted Data – The majority of data breaches happen due to improper encryption and stolen data immediately accessible after being stolen.
New automation technology without Security – CCTV cameras, connected devices, and toys can all be turned into bots if they are unprotected. It is important to understand that more than just computer, hard drive data can be used for cybercrime.
Unprotected Third Party Services – The Internet is a universal connector, therefore the unprotected third-party services can open the door for cyber attackers to access data. Therefore cybersecurity should be given priority when you connect services, rather than an afterthought.
Unsecured Mobile banking – in recent times as mobile banking popularity has increased, has given an opportunity to experts hackers to access its data due to less complicated security systems on mobile devices. Encryption must increase the mobile space for banks and customers data to remain safe.
A constantly changing threat landscape – The cyber threat landscape has changed over the past few years. Now Criminals have stopped going after low-value monetary amounts and shifted to high-value payment platforms. The number of breaches affecting the financial sector had led to an increase in fraudulent activities.
False Positives – Tone of the biggest issue for banks in its anti-money laundering (AML) monitoring systems is “false positives”. It means pointing out the issues that are not actually fraudulent activities, which takes up valuable time for an analyst.
The Big Breach – It’s the big breach that keeps banks awake at night. Huge volumes of valuable financial data are under increasing pressure to keep customer data safe from hackers and fraudsters.
New Forms of Hacking – Nowadays hackers do not only just delete consumer data, whereas they change or hold its hostage for later use. Every time hackers are using new ways to exploit financial service.
Ignoring a Potential Breach – This failure of the system to alert to a potential breach is a major part of a modern cybersecurity strategy and would keep any CISO worth their salt up at night.
Customers’ Accounts – Customer accounts can be the most vulnerable point of entry to a bank’s systems. The hackers used stolen privileged credentials to steal from their account.
Ruthless Adversaries – The threat shouldn’t be considered a technology problem but more like organized crime. They are like ruthless operations that work outside of a regulatory system. They are even quicker than the system and are more pragmatic. That’s a really tough problem banking industry has to deal with, so one needs to stop thinking about this as a technology problem.
Key Highlights of the Threats to the Banking & Financial Services Sector by PwC
Cybersecurity Solutions for the Banking & Financial Services Sector
The end-user (customer), very much like an employee at a financial institution, is the weakest link to any secure environment. They face an almost infinite attack surface: phishing (email, VOIP), malware (drive-by, or targeted), security vulnerabilities (0-day, 1-day) and a plethora of other vectors. Read the tips by Hector Xavier Monsegur (former super-hacker) on how to secure your accounts against financial frauds and cyber-crimes.
But, how do the banks confront these issues? How do the banks deal with this ever-changing cyber threats? Let’s have a look at the potential solutions
Communication and Intelligence
The cybersecurity and fraud have now shifted from a walled-garden approach to a holistic one, and this has brought a better communication and intelligence sharing. This comes down to not just technology, but people and process. It helps to shift cybersecurity analyst that is very much focused on technology and cyber controls, to an analyst that understands the business and can have a conversation with the customer in the payments space. This approach can also be seen in the language of modern cybersecurity vendors.
Structure exercises and scenario testing are also one of the best ways for the banking and financial industry to protect from cyber threats, specifically when they are conducted across the industry. Doing exercises, like getting everyone around the table and you recreate different scenarios to understand where your gaps are and what you do well, it also gives an understanding about what needs to be built into your cyber process and resiliency process. It is essential to do that with everyone within the organization: legal, compliance, the business, cyber, the operations staffs, the technology staffs and even with peers.”
In order to progress in combating today’s cyber threats, banks need to stop keeping the cyber strategy a closely guarded secret with banks staffs only.In today’s time threats exploiting the ecosystem, don’t look for an individual link in the chain, whereas they look for weak points in the end-to-end chain.So the response means we have to work together as an ecosystem. Moreover, as soon as you make it more difficult, start sharing and taking away the different avenues to target any bank and increase awareness, you making it a less alluring environment for adversaries to engage in.
Financial and banking Industry is seeking to get more actionable insights not just for their security analysts but also for the people within the business units. It allows intelligence to quickly turn into a response by the most relevant people, especially important in a landscape where breaches happen in a heartbeat. It is important in the payments system, to create intelligence inside the bank and publish it out and circulate that fast and someone needs to receive it and do something with it, so actionable intelligence. That more likely to speak a common language. So being able to say, here is a set of accounts and a volume of transactions that you should be mindful of so that they can set alerts.
From perimeter security to multiple layers
Banks need for a change its perimeter security to in-depth multi-layers defence. Realizing the fact that sooner or later someone will get in and catching them when they get in, seeing what they do and being able to respond by having multiple layers of defence is important.
Cybersecurity Considerations for Banks & FinTechs (BDO India)
Implementing Blockchain Technology for Cyber Security
Although originally invented for the cryptocurrencies (bitcoins), Blockchain technology can be very useful for tightening cybersecurity. Blockchain could reduce banks infrastructure costs by US$ 15-20 billion per annum by 2022. Owing to their distributed nature, blockchains provide no ‘hackable’ entrance or a central point of failure and, thereby, provide more security when compared with various present database-driven transactional structures.
Blockchain technology Applications in FinTech & Cybersecurity:
- Resolving the “lack of trust” problem between counterparties at the basic level
- Eliminates human intervention from the Authentication process
- Ensures decentralized storage
- Cryptographic security that protects that storage from unauthorized modification
- Has the potential to improve everything from improving data integrity and digital identities to enabling safer IoT devices to prevent DDoS attacks
- Provides traceability of all transactions
- Synchronized, consensus-based third-party validation on every recorded transaction
Online Courses in Cybersecurity
Those who are interested (or considering) a career in cybersecurity, here are few top online courses:
A Developer’s Guide to Internet of Things – IBM
Acknowledgment: The article has been co-authored by Parinita Gupta.