Banks Under Constant Hacker Attacks

Uploaded on 2015-10-28 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

 

It makes sense that hackers would go after banks. When you're looking to steal as much money as you can, as quickly as possible, why not go where the money is?

But the effort that hackers expend to break into financial institutions' computer systems every day is pretty staggering, according to a new report from information security firm Websense. The report found that companies in the finance sector encounter "security incidents" 300% more often than other industries.
 
"The financial services sector has been targeted for years now, as you know, and they do have more mature security practices than other industries," says Rajiv Motwani, director of security research at Websense Security Labs. "But still, they're a very lucrative target for attackers, and the numbers speak for themselves."

Searching for weakness
There's a surprising amount of preparation that goes into a successful cyberattack. Typically, criminals start by researching the company they're trying to breach -- learning employees' names, email addresses and roles within the company.
After that, the next step is what Motwani calls the "lure stage." That's where hackers try to fool employees into accidentally opening up a hole in their company's cyber defenses by, for instance, clicking a link or double clicking a virus-filled attachment in an email.
Last year alone, Websense recorded 4.9 million different "lure" attempts against financial institutions worldwide, representing a third of all lure attempts worldwide, according to the Websense report.
"Hackers are investing disproportionately in terms of financial services victims," Motwani says.

Why you should care
With this much attention from hackers, it's inevitable that some attempts will succeed, threatening customer privacy and financial assets, Motwani says. While customer funds lost because of security breaches are typically restored, it can take time for a bank to investigate and put money back in your account.
But even if your account or financial institution is never breached, you still pay a cost for cyberattacks. Keeping hackers at bay is extremely expensive -- banks can spend as much as $2,500 per employee on cybersecurity annually, according to a report from PricewaterhouseCoopers. Financial institutions also typically carry cybersecurity insurance to cover losses from hackers.
The money to pay for that doesn't materialize out of thin air -- those costs end up being reflected in higher fees for checking accounts and other bank services.
"It is more expensive today to maintain a higher security posture for banks," Motwani says. "Clearly somebody's paying the cost."
Of course, more than your money is at risk during a cyberattack. Hackers could take your personal information, too, and use it to compromise your credit.
Bankrate: http://http://bit.ly/1LR13aP

 

 

« Jobs Are Disappearing to the Digital Revolution
Apple Removes Spy Apps »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Brookings Institution

Brookings Institution

The Brookings Institution is a nonprofit public policy organization. Cyber security is covered within the various study areas.

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

Cyber Discovery

Cyber Discovery

Cyber Discovery, the UK Government's Cyber Schools Programme, is a learning programme designed to give young people the opportunity to learn the skills needed to enter the cyber security profession.

SureVine

SureVine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

ACM-CCAS

ACM-CCAS

ACM is a UKAS-accredited certification body helping businesses around the world perform to a higher standard. Our certifications include ISO 27001 and ISO 22301.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

ThreatGen

ThreatGen

ThreatGEN™ works with your team to improve your resiliency and industrial cybersecurity capabilities through an innovative and modernized approach to training and services.

Cingo Solutions

Cingo Solutions

Cingo Solutions is a Managed Detection & Response company providing specialized data security services.

Hut Six Security

Hut Six Security

Train, test and track your Information Security culture through information security awareness training and customised phishing simulation campaigns.

Boxphish

Boxphish

Boxphish provides a proven solution to reduce Human Error and Cyber Human Risk via automated learning journeys and intelligent phishing simulations.

Smoothstack

Smoothstack

Smoothstack is a technology talent incubator whose immersive training program kick starts IT careers and delivers a fresh source of IT talent.

Cardonet

Cardonet

Cardonet is an IT Support and IT Services business offering end-to-end IT services, 24x7 IT Support to IT Consultancy, Managed IT and Cyber Security.

Cognilytica

Cognilytica

Cognilytica’s Cognitive Project Management for AI (CPMAI) training and certification is recognized around the world as the best practices methodology for implementing successful AI & ML projects.

SHI International

SHI International

SHI International deliver against your IT and business needs, helping you build strategies and solutions that will drive innovation, collaboration and security.

Clarity

Clarity

Clarity is an AI cybersecurity startup that protects against deepfakes and new social engineering and phishing attack vectors accelerated by the rapid adoption of Generative AI.

eGyanamTech (EGT)

eGyanamTech (EGT)

eGyanamTech provides robust security solutions tailored for Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) systems used in critical infrastructure systems.