Attacks On Financial Services Are Increasingly Sophisticated

Uploaded on 2020-07-14 in TECHNOLOGY--Hackers, NEWS-News Analysis, FREE TO VIEW

Phishing attacks, in which carefully targeted digital messages are transmitted to fool people into clicking on a link that can then install malware or expose sensitive data, are becoming more sophisticated, but the other main reason UK businesses are ‘up at night’ in terms of cyber security is because of untrained and malicious users. 

IT security has become more highly prioritised by organisations, due in some cases to increased threats and in other cases, tougher legislation and cyber attacks were found to be the joint second most cited risk to the stability of the UK financial system in a recent survey by the Bank of England.

Maintaining organisational security against cyber threats is a unique challenge of trying to hit an always moving target with a Tool kit that’s trying to keep up. Cyber criminals are focused on the targeted game; identifying specific industry verticals, organisations, and even individuals, and devising tailored scams and attacks to maximise success.

In addition, there are notable increases in frequency, sophistication, and scope of ransomware, phishing, business email compromise, and malware attacks.
 
Ransomware has grown to include data theft and extortion to increase the chances of successful attack. The use of deepfake audio is now being used to trick users over the ‘phone, and attackers are no longer satisfied with raking in thousands of dollars when millions are plausible.

The challenge for Information Security leaders is to establish and maintain a layered security strategy that protects the organisation and its users. But the ever-changing landscape of threats, attacks, and malware has some of them deeply worried.

Ransomware, phishing, business email compromise, and malware attacks are becoming greater in frequency, sophistication and scope.

As for compliance with data and related security regulations, the survey of some 200 UK organisations found US-based regulations HIPAA and SOX that have both been around for decades appear to be as much an issue for UK firms as newer regulations, such as the 2018 GDPR Which is the EU-wide new data protection law.

Almost every initial attack vector, emails, links, attachments, webpages, requires the interaction of a user, whether malicious and either negligent or unwitting.

As the survey put it, the executive management of UK firms is more concerned with strategy and any business disruption that may keep those initiatives from succeeding, while IT professionals generally concern themselves with a more tactical perspective around keeping the business running; hence by and large, IT staff concerns are misaligned with those of their executives.

Bank of England:     Professional Security:     KnowB4:         ITProportal:

You Might Also Read: 

Financial Executives Are Out Of Touch With Cyber Threats:

 

« US Companies Hit With A New Ransomware Campaign
Australia To Spend Another A$1billion On Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Council on Foreign Relations (CFR)

Council on Foreign Relations (CFR)

CFR is dedicated to better understanding the world and the foreign policy choices facing the USA and other countries. Cyber security is covered within the CFR topic areas.

Rollbar

Rollbar

Rollbar is a full-stack error monitoring platform for web and mobile applications. We help developers find and fix bugs fast. Built by developers for developers.

LRQA

LRQA

LRQA are a leading global assurance provider, bringing together unrivalled expertise in certification, brand assurance, cybersecurity, inspection and training.

Vade Secure

Vade Secure

Vade Secure provides protection against the most sophisticated email scams such as phishing and spear phishing, malware and ransomware.

Cyanre

Cyanre

Cyanre delivers state of the art cyber forensic services through software technologies and procedures that exceed conformities of major law enforcement agencies across the globe.

Polyverse

Polyverse

Polyverse offers application security, zero-day defense, proactive cyber resiliency and more. Protect your critical applications with moving target defense.

Dermalog Identification Systems

Dermalog Identification Systems

Dermalog Identification Systems is a pioneer in biometry and the largest German manufacturer of biometric devices and systems.

Cancom

Cancom

CANCOM group is one of the leading providers of IT infrastructure and IT services in Germany and Austria. Solution areas include network security.

SwiftSafe

SwiftSafe

SwiftSafe is a cybersecurity consulting company providing auditing, pentesting, compliance and managed security services.

Czech Accreditation Institute

Czech Accreditation Institute

Czech Accreditation Institute is the national accreditation body for the Czech Republic. The directory of members provides details of organisations offering certification services for ISO 27001.

Center for Cyber & Homeland Security (CCHS)

Center for Cyber & Homeland Security (CCHS)

The Center for Cyber and Homeland Security at Auburn University is a nonpartisan think tank that works to develop innovative strategies to address current and future threats to the United States.

BluBracket

BluBracket

BluBracket is the first comprehensive security solution that makes code safe—so developers can innovate and collaborate, and security teams can sleep at night.

LBMC

LBMC

LBMC is a professional services solutions provider in accounting and finance, human resources, technology, risk and information security, and wealth advisory services.

Information Services Group (ISG)

Information Services Group (ISG)

As a leading global research and advisory firm, ISG partners with our clients to determine a future vision, lead rapid change and realize the value of your digital investments at scale.

ZX Security

ZX Security

ZX Security is a New Zealand owned and operated cyber security consultancy.

Vigilant Ops

Vigilant Ops

Vigilant Ops is a leader in Software Bill of Materials (SBOM) Automation. A proactive approach to cybersecurity with continuous vulnerability monitoring.