While most industries around the world are affected by the looming danger of cyber threats, the banking sector has always been the worst hit. Naturally, this brings upon considerable damages due to the very environment that the banking sector works in – they deal in billions of dollars every single day, trading with a plethora of people and businesses all over the world. They also deal in an incredibly important and vast financial information from multiple customers, making the banking industry a veritable goldmine for cybercriminals.
Recently, a cyber attack on Cosmos Bank in Pune, India resulted in Rs. 94 crore being stolen. In 2016, Bangladesh Bank, the country’s central bank, was hacked and the hackers successfully stole 81 Million USD. The hackers used the bank’s SWIFT credentials to transfer money into various banks across the globe before the heist was discovered. Hackers had used a combination of social engineering and viruses to obtain employee credentials and access the bank’s network to make the transfers. Fortunately, the transfer of 800 Million+ USD was stopped after the discovery of the breach. These incidents make it clear that the negligence of cybersecurity can have severe consequences on the banking sector.
- Insider Threats
Insider threats refer to current or former employees who may have been responsible for security breaches in an organization. This is a major issue for banks – in 2015, Morgan Stanley fired a financial adviser in its wealth management division who stole data from 350,000 clients or 10% of its customer base. In fact, 82% of financial organizations considered insiders with legitimate access as the main threat to cybersecurity.
- Not investing in the best cyber defence
At times, banks can lag behind when it comes to following the latest cybersecurity measures, which can bring about a catastrophe. Merely investing in the best and most powerful solutions does not always work – cybersecurity is an ever-evolving threat and even banks need to be proactive and conduct a continuous risk assessment and intelligence gathering.
- Dependence on legacy banking systems
Cybercriminals love targeting banks because they are aware that banks are not very keen on upgrading to modern systems from their legacy systems. These legacy systems have plenty of loopholes and issues which cybercriminals are aware of, ensuring that they use these channels as their primary attack routes.
An Indian survey suggested that there was a 350% increase in cybercrime in India which happened through legacy systems.
- Malware & frauds
Banks and financial institutions are extremely vulnerable to various forms of cyber attacks and online frauds. 40% of banking, financial services and insurance (BFSI) businesses have been attacked at least once and there has been a multifold increase in credit and debit card related frauds.
With the majority of mobile banking transactions happening on personal devices, this is also likely to increase.
- Non-patched systems
A major survey of over 7,000 financial firms found that more than 1,300 of them had at least one patched security vulnerability. Given their cumbersome infrastructure, most banks work with applications that contain unpatched, known security vulnerabilities.
Seqrite helps to mitigate such threats with its range of dynamic, scalable and future-ready solutions: Endpoint Security, Data Loss Prevention, Unified Threat Management and mSuite with powerful features like Patch Management, IDS/IPS, Device Control, Gateway Protection, ensures the provision of a strong cybersecurity setup.