Cyber Security & The Financial Services Industry

Cyber Security & The Financial Services Industry 


Directors Report: This article is exclusive to premium subscribers. For unrestricted website access please Subscribe: £5 monthly / £50 annual.


The finance sector is an attractive target for hacks and particularly ransomware attacks because of the sheer volume of data and critical services used by financial institutions. 

Targeting client information and threatening to leak data can not only result in financial damage, but also jeopardise the values and the reputation of the bank. Cyber security is of particular concern for the financial services industry because, well, as the saying goes, “that’s where the money is.” 

Today’s world is rife with complicated and sophisticated schemes to relieve other people of their money. Still, nothing is quite as appealing to the criminal mind than to electronically divert funds from someone else’s account into one they control. And now new types of cyber attacks from increasingly sophisticated cyber criminals are an ever-growing threat to financial organisations. 

The expanding list of cyber attack types on financial institutions means banking and finance companies must be aware of the current cyber-crime trends and stay proactive in fighting cyber threats.

Data security for financial services has always been a priority, especially now as the industry is going through massive digital transformation driven by changing consumer habits, competitive pressures, and technological advances. The trend towards a new all-digital customer experience is causing a rapid adoption of new technology to support better capabilities and scalability. However, the combined challenges of cyber security threats and a stricter regulatory environment heighten the risks and increase the costs of digital transformation. 

Over A Quater UK Cyber Attacks Hit Financial Services

And security researchers have said that over a quarter of all cyber-attacks (28%) in the UK have hit the financial services and insurance (FSI) industry in the last 12 months and similar amounts of attacks are hitting most countries. And because cyber crime is a very lucrative business criminals are increasingly targeting the financial sector in their quest for fast financial reward. As cyber attacks continue to grow in both frequency and sophistication across all industries, the financial sector in particular is under relentless attack from hackers.

As technology continues improving, more financial transactions will continue happening online, however online transactions come with their own special risks.

Financial institutions are a primary target for cyber attacks worldwide, and the range of cyber-attacks in this industry is expanding from website-based attacks to interfering the transaction systems. And currently cyberspace is filled with predators seeking innocent victims of their hard-earned funds and global cyber crime cost the world about $7 trillion at the end of 2022, and these attacks are costing financial institutions massive losses. With vast amounts of income and data at stake, the banking sector must always be on top of its game, however the first half of 2020 saw a significant 238% increase in cyber-attacks targeting financial institutions and these attacks included the introduction of viruses and other malware into the system which enables hackers unauthorised access allowing them financial and data theft.  

The most prevalent attacks that the financial industry faces in 2023/4 are ransomware, phishing, web application, and vulnerability exploitation attacks, denial of service (DoS) attacks, insider threats, and attack campaigns of the nation-state and state-sponsored threat actors and Advanced Persistent Threat groups. 

Although almost every business is a potential victim of cybercrime, cyber threat actors usually select their victims based on two criteria: Maximum Revenue and Maximum Impact. 

Financial institutions, such as banks and financial services, are prime  targets for cyber criminals since they fulfil these two criteria. Organisations in the finance industry keep highly critical and valuable data electronically, from credit cards and deposit information to estates, wills, titles, and other sensitive data, and routinely handle trillions of dollars. The financial services industry is a very attractive target to ransomware gangs because of the valuable customer information they possess. 

The threat of leaking this data on the Dark Web, and the resulting reputational damage, compels many financial services organisations to comply with ransom demands. But these attacks have been going on for a while and back in February 2016, hackers targeted the central bank of Bangladesh and exploited vulnerabilities in SWIFT, the global financial system’s main electronic payment messaging system, trying to steal $1 billion.  While most transactions were blocked, $101 million still disappeared. The heist was a wake-up call for the finance world that systemic cyber risks in the financial system had been severely underestimated.

Cyber Attacks Are A Threat To Financial Stability

Today, the assessment that a major cyber attack poses a threat to financial stability is not currently question of if, but when, but the world’s governments and companies continue to struggle to contain the threat because it remains unclear who is responsible for protecting the system. 

In February 2020, Christine Lagarde, president of the European Central Bank and former head of the International Monetary Fund, warned that a cyber attack could trigger a serious financial crisis. In April 2020, the Financial Stability Board (FSB) warned that “a major cyber incident, if not properly contained, could seriously disrupt financial systems, including critical financial infrastructure, leading to broader financial stability implications.” 

The potential economic costs of such events can be immense and the damage to public trust and confidence significant. Two ongoing trends exacerbate this risk.

  • First, the global financial system is going through an unprecedented digital transformation, which was accelerated by the COVID-19 pandemic. 

As central banks around the globe are considering throwing their weight behind digital currencies and modernising payment systems, however cyber hacks could easily undermine trust and derail such innovations, cyber security is more essential than ever.

  • Second, malicious actors are taking advantage of this digital transformation and pose a growing threat to the global financial system, financial stability, and confidence in the integrity of the system. 

Malicious Actors

Even more dangerous attacks and ensuing shocks should be expected in the future. Most worrisome are incidents that corrupt the integrity of financial data, such as records, algorithms, and transactions; few technical solutions are currently available for such attacks, which have the potential to undermine trust and confidence more broadly. 

The malicious actors behind these attacks include not only increasingly daring criminals, such as the Carbanak group, which targeted financial institutions to steal more than $1 billion during 2013–18, but also states and state-sponsored attackers. North Korea, for example, has stolen some $2 billion from at least 38 countries in the past five years.

This is a global problem. While cyber attacks in high-income countries tend to make headlines, less attention is paid to the growing number of attacks on softer targets in low- and lower-middle-income countries. Yet it is in those countries where the push towards greater financial inclusion has been most pronounced, leading many to leapfrog to digital financial services such as mobile payment systems. Although they do advance financial inclusion, digital financial services also offer a target-rich environment for hackers. The October 2020 hack of Uganda’s largest mobile money transfer networks, MTN and Airtel, for example, resulted in a major four-day disruption of service transactions.

The Responsibility Gap

Despite the global financial system’s increasing reliance on digital infrastructure, it is unclear who is responsible for protecting the system against cyber attacks. In part, this is because the environment is changing so quickly. Without dedicated action, the global financial system will only become more vulnerable as innovation, competition, and the pandemic further fuel the digital revolution. 

Although many threat actors are focused on making money, the number of purely disruptive and destructive attacks has been increasing.

Furthermore, those who learn how to steal also learn about the financial system’s networks and operations, which allows them to launch more disruptive or destructive future attacks or sell such knowledge and capabilities to others. This rapid evolution of the risk landscape is challenging for a mature and well-regulated system.

Better protecting the global financial system is primarily an organisational challenge. Efforts to harden defences and toughen regulation are important but are not enough to outpace the growing risks. 

Fortunately, unlike many sectors, most of the financial services community does not lack resources or the ability to implement technical solutions. The main issue is a collective action problem: how best to organise the system’s protection across governments, financial authorities, and industry and how to leverage these resources effectively and efficiently. 

The current fragmentation among stakeholders and initiatives partly stems from the unique aspects and evolving nature of cyber risk. Different communities operate in silos and tackle the issue through their respective mandates. The financial supervisory community focuses on resilience, diplomats on norms of state behaviour, national security agencies on trying to deter malicious activity, and industry executives on firm-specific rather than sector-specific risks. 

As lines between financial services firms and tech companies become les distinct, the lines of responsibility for security are likewise increasingly blurred.

The disconnect between the finance, the national security, and the diplomatic communities is particularly pronounced. Financial authorities face unique risks from cyber threats, yet their relationships with national security agencies, whose involvement is necessary to effectively tackle those threats, remain tenuous. This responsibility gap and continued uncertainty about roles and mandates to protect the global financial system fuel risks.

Part of this uncertainty is due to the current geopolitical climate and high levels of mistrust, which hinder collaboration among the international community. Cooperation on cyber security has been hampered, fragmented, and often limited to the smallest circles of trust because it touches on sensitive national security equities. International and multi-stakeholder cooperation is not a “nice-to-have” but a “need-to-have.”

An International Strategy

One cybersecurity weakness of the banking and finance sector comes from insider vulnerabilities. This is where staff within a banking or financial organisation inadvertently leave the company open to attack. To overcome this, cyber security should be made a concern beyond just the IT department.

  • Staff with access to the network at all levels, from administrative to managerial, should be properly educated and trained in their responsibility for keeping it secure from cyber attacks. Poor updates or configuration of servers can also mean the network is more vulnerable to malicious attacks aimed at untrustwothy insiders.

Software solutions such as anti-phishing web browsing software can help prevent phishing emails from getting into employees’ inboxes in the first place. Plus, IT can implement email and link filtering with black and white lists to block known offenders.

  • Additionally, organisations should clearly define how staff are expected to interact with the network. Implementing policy for location and the devices staff can log in from, as well as the type of access they’re allowed, will help minimise threat.

Also to achieve more effective protection of the global financial system against cyber threats, the Carnegie Endowment for International Peace released a report in November 2020 titled “International Strategy to Better Protect the Global Financial System against Cyber Threats.” Developed in collaboration with the World Economic Forum, the report recommends specific actions to reduce fragmentation by fostering more collaboration, both internationally and among government agencies, financial firms, and tech companies. The strategy is based on four principles:

  • First, greater clarity about roles and responsibilities is required. Only a handful of countries have built effective domestic relationships among their financial authorities, law enforcement, diplomats, other relevant government actors, and industry. Existing fragmentation hampers international cooperation and weakens the international system’s collective resilience, recovery, and response capabilities.
  • Second, international collaboration is necessary and urgent. Given the scale of the threat and the system’s globally interdependent nature, individual governments, financial firms, and tech companies cannot effectively protect against cyber threats if they work alone.
  • Third, reducing fragmentation will free up capacity to tackle the problem. Many initiatives are underway to better protect financial institutions, but they remain siloed. Some of these efforts duplicate each other, increasing transaction costs. Several of these initiatives are mature enough to be shared, better coordinated, and further internationalized.
  • Fourth, protecting the international financial system can be a model for other sectors. The financial system is one of the few areas in which countries have a clear shared interest in cooperation, even when geopolitical tensions are high. Focusing on the financial sector provides a starting point and could pave the way to better protection of other sectors in the future.

Among actions for strengthening cyber resilience, the report recommends the development of a basic framework for supervising cyber risk management at financial institutions. 

Governments Should Share Threat Information

Governments and industry should strengthen security by sharing information on threats and by creating national  financial Computer Emergency Response Teams (CERTs). Financial authorities should also prioritise increasing the financial sector’s resilience against attacks targeting data and algorithms. This should include secure, encrypted data vaulting that allows members to securely back up customer account data overnight.

Regular exercises to simulate cyber attacks should be employed to identify weaknesses and develop action plans.To reinforce international norms, the report recommends that governments make clear how they will apply international law to cyberspace and strengthen norms to protect the integrity of the financial system. The governments of Australia, The Netherlands, and the United Kingdom have already taken a first step with statements indicating that cyber attacks from abroad may be regarded as illegal use of force or intervention in the domestic affairs of another state.

Cyber resilience and strengthened international norms can facilitate collective response through law enforcement actions or multilateral reaction with industry.

Responses can include sanctions, arrests, and asset seizures. Governments can support these efforts by establishing entities to assist in assessing threats and coordinating responses. Intelligence gathering should include a focus on threats to the financial system, and governments should share such intelligence with allies and like-minded countries.

Building Capacity

The comprehensive strategy outlined in the Carnegie report depends in turn on building the cyber security workforce, expanding the financial sector’s cyber security capacity, and safeguarding gains in financial inclusion that have resulted from the digital transformation. Financial services firms should invest in initiatives to build the talent pipeline, including high school, apprenticeship, and university programs.

Building cyber security capacity means focusing on providing assistance where it is needed. The IMF and other international organisations received many requests for cyber security assistance from member states, particularly following the 2016 Bangladesh incident. G20 governments and central banks could create an international mechanism to build cybersecurity capacity for the financial sector, with an international agency such as the IMF designated to coordinate the effort. The Organisation for Economic Co-operation and Development and international financial institutions should make cyber security capacity building an element of development assistance packages and should significantly increase assistance to countries in need.

Maintaining progress in financial inclusion requires strengthening connections between financial inclusion and cyber security. This is particularly urgent in Africa, with many countries on the continent experiencing a significant transformation of their financial sectors as they extend financial inclusion and move to digital financial services

The time has come for the international community, including governments, central banks, supervisors, industry, and other relevant stakeholders, to come together to address this urgent and important challenge. 

A well-thought-out strategy is crucial for banks to have the proper cyber security solutions and procedures in place, especially for institutions that store a lot of personal data and transaction lists. Banking cyber security is an issue that cannot be bargained with. Hackers are more likely to target the banking sector as digitalisation advances and an engaging and regular up-dated strategy and security audit must be undertaken by all financial operations. 

The financial services industry needs more qualified cyber security professionals. All business sectors struggle with the current cyber security skills shortage, but financial services companies are often high profile targets and must be particularly vigilant when it comes to cyber security.

References:

IMF:   ITPro:   Picus Security:   EY:   Swivel Secure:   Upguard:   

UKFinace:   ComputronixUSA:   Knowledege Hut:    Statista:     

Thales Group:   Security Boulevard:    Infosecurity-Magazine:   

 Fortinet:     CheckPoint:    Cyber Security Guide

You Might Also Read: 

Securing The Future Of Open Finance:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Meta Is Building A Rival To Twitter 
Google's App Store - Full Of Spyware »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ON-DEMAND WEBINAR: Navigating cloud security: The importance of posture management tools

ON-DEMAND WEBINAR: Navigating cloud security: The importance of posture management tools

Watch this webinar to see how cloud security posture management (CSPM) tools can fit into your cloud security strategy.

DataGuidance

DataGuidance

DataGuidance is a platform used by privacy professionals to monitor regulatory developments, mitigate risk and achieve global compliance.

Concise Technologies

Concise Technologies

Concise Technologies provide specialist IT and telecoms solutions, support services, managed backup, disaster recovery, cyber security and consultancy to SME businesses across the UK and Europe.

Hewlett Packard Enterprise (HPE)

Hewlett Packard Enterprise (HPE)

HPE is an information technology company focused on Enterprise networking, Services and Support.

CIRT.GY

CIRT.GY

CIRT-GY is the national Computer Incident Response Team for Guyana.

Detack

Detack

Detack is an independent supplier of IT security auditing and consulting services.

Riscure

Riscure

Riscure is a global test lab and tools leader for device security. Core expertise in side channel analysis, fault injection and embedded device software.

Living Security

Living Security

Living Security specializes in metric driven and engaging security awareness solutions that reduce risk by increasing security culture and changing employee behaviour.

Tehtris

Tehtris

TEHTRIS XDR Platform was developed to control and improve the IT security of private and public companies against advanced cyber threats such as cyber espionage or cyber sabotage activities.

ByteSnipers

ByteSnipers

ByteSnipers specialize in penetration testings and secure development services. Our focus is on your security.

Silicon Labs

Silicon Labs

Silicon Labs are a leader in secure, intelligent wireless technology for a more connected world. We provide award-winning hardware and software security to help safeguard connected devices.

Dazz

Dazz

Dazz is the cloud security remediation platform for smart security and development teams.

AI Spera

AI Spera

AI-Driven Cyber Threat Intelligence Security. AI Spera provides real-time intelligence to empower your security competences in all aspects of the business.

Ironblocks

Ironblocks

Ironblocks is a pioneering cybersecurity firm that specializes in delivering comprehensive, end-to-end security solutions for the rapidly evolving Web3 ecosystem.

CMIT Solutions

CMIT Solutions

CMIT Solutions is a recognized leader in Managed IT Services for businesses. We empower businesses like yours by providing innovative technology solutions, managed IT services and cybersecurity.

Wattlecorp Cybersecurity Labs

Wattlecorp Cybersecurity Labs

Wattlecorp Cybersecurity Labs are a group of IT security specialists, ethical hackers, and researchers driven to identify security flaws before cyber threat actors does.

Alcatel-Lucent Enterprise (ALE)

Alcatel-Lucent Enterprise (ALE)

We are Alcatel-Lucent Enterprise. Our mission is to make everything connect with digital age networking, communications and cloud solutions.