It probably isn’t news to anyone that the financial services industry is a major target when it comes to data breaches, accounting for 35 percent of all data breaches and weighing in as the No. 1 most breached industry, according to the Verizon (News - Alert) 2016 Data Breach Investigation Report.
However, what might be less obvious is that a successful breach of a financial organization presents two money-making opportunities to enterprising hackers. Attackers can either use the stolen data themselves to conduct financial fraud, or sell the data on the dark Web where the blackest of the Internet’s black market resides. With so much potential profit contained within its databases, the financial services industry needs to be informed of the top threats they face in order to mount the most impenetrable data security possible.
Financial Services Threat No. 1: Web Application Attacks
A classic case of taking the bad with the good. To keep up with our online world, it’s now standard for financial institutions to offer online banking, mobile payments and Internet brokerage, to name just a few digital financial services. For every online service offered, however, there’s a new avenue a hacker can try to take into an organization’s databases.
According to the Verizon report, attacks on Web applications made up 82 percent of all financial services data breaches in 2016, with attackers frequently either exploiting known vulnerabilities or using stolen account credentials.
How to lower the threat level: What’s most frustrating about the high number of Web application attacks is how preventable they are. Most of the time, another term for known vulnerabilities could very well be patched vulnerabilities. Financial institutions need to ensure their systems are regularly updated with all applicable patches applied. They also need to use a Web application firewall, or a WAF. In addition to protecting against the OWASP Top 10 threats, a WAF used in conjunction with threat intelligence can also help protect against account takeovers caused by weak or default passwords.
Financial Services Threat No. 2: DDoS Attacks
Distributed denial of service (DDoS) attacks are a big-time problem for websites and businesses of all types, but financial organizations in particular need to be on the lookout for these types of attacks that are used as a smokescreen for an intrusion. While an organization’s cybersecurity team is scrambling to stop a DDoS attack to keep their services online and their customers happy, hackers may very well be sneaking into the database to cause even bigger problems. According to the 2016 Verisign DDoS Trends Report, the already beleaguered financial services industry saw a 15 percent increase in DDoS attacks between Q4 2015 and Q1 2016.
How to lower the threat level: Financial institutions require a full DDoS response plan for the entire organization, and they would also be wise to consider professional DDoS mitigation – scalable, cloud-based, always-on protection that can be positioned at the perimeter of the network to inspect traffic for malicious intent and keep DDoS traffic from ever reaching the website, Web applications or network.
Financial Services Threat No. 3: Insiders
Insider threats come from a financial institution’s employees and contractors as well as the third parties involved in the institution’s business operations. While there are certainly malicious insiders willing to steal from the organization that they are either employed by or do business with, negligence is also a significant contributing factor when it comes to data breaches caused by insiders. According to the Ponemon Institute’s (News - Alert) 2016 Cost of Data Breach Study, insider negligence can be blamed for 25 percent of breaches.
How to lower the threat level: Preventing either malicious misdeeds or devastating negligence by employees or others who are already inside of the secure perimeter may seem impossible, but a few key data security strategies will go a long way toward mitigating this risk.
Database activity monitoring provides visibility into who is accessing what data and when, which is essential for detecting abnormal access and unauthorized activity. Data masking is a method of obfuscating data to keep it from being seen by anyone who does not need it to do their jobs. Data masking effectively hides data from developers and other contractors who require datasets to develop or test programs by providing functional but inauthentic data, and can be used to allow employees and third-parties to only see the exact data they need.
The databases at the heart of financial institutions may be twice as enticing for hackers, but the consequences for a successful data breach in the financial services industry are almost exponentially bad. Whether the breach results in immediate fraud or the data ends up for sale on the dark Web, fines await, as do class action lawsuits and the tremendous mistrust and loss of customer confidence that can dagger an organization. It’s critical to stay informed on the biggest threats and formulate data security strategies accordingly.