Cybercrime is constantly evolving and in recent years we have witnessed a steep increase in the number of cyber-attacks as criminals become more advanced and creative in their attack methods.
According to a recent report from McAfee, the global cost of cybercrime has now reached as much as $600 billion annually, which correlates to a worrying 0.8 percent of global GDP. This is a massive growth from 2014 when the same analysis reported the cost at $445 billion.
Cybercrime is no longer a niche subject but a global security problem that poses a very real and dangerous threat to organisations around the world.
There are some organisations that prove a more lucrative target for cybercrime than others and in the last year banks have been hit hardest by this global wave of cyber-attacks.
The attacks have been far reaching and have hit financial institutions in every corner of the world. In the UK, hackers targeted Tesco Bank and stole over £2 million from customer accounts, in the US over 100 million people had their private data leaked when Equifax was breached, and in Mexico, attackers made off with $15.4 million after a targeted attack on five banks.
In the last five months alone, Mastercard has tracked over 20 million intrusion attempts to its systems, demonstrating the persistent and constant threat faced by financial institutions across the world.
Why are banks getting hit so hard?
Cyber criminals follow the money, and banks and financial institutions have more money than most organisations making them a very lucrative and attractive target. Despite banks investing heavily in strengthening their cyber security defences, today’s cyber criminals are becoming more sophisticated in their attack methods. They have a thorough understanding of the inner workings of the banking system and are quick to exploit any possible vulnerability to launch an attack.
What methods are attackers using to penetrate the bank’s security systems?
Criminals are using a range of attack methods to target banks. In recent years, there has been a steep increase in the number of DDOS (distributed denial of service) attacks. DDOS attacks are used to disable computer systems by flooding them with high volumes of internet traffic. This method was recently used to cripple financial institutions across the Netherlands, and last year, attackers used a DDOS attack to bring down Lloyds Banking Group’s digital services causing widespread disruption.
Phishing and Malware
As has proved the case in many other industries, one of the easiest ways for attackers to bypass traditional security measures is to exploit the human factor and target an organisation’s employees. The criminals use a range of social engineering tactics to penetrate an organisation’s security systems and phishing remains the most popular and effective way to do this.
In research conducted by Positive Technologies, employees at 75% of banks had clicked on links in phishing messages, and in 25% of banks, at least one employee ran a malicious attachment on their computer.
This is exactly how cybercriminals managed to pull off one of the world’s biggest cyberheists in the infamous Carbanak attack which saw as much as $1 billion stolen from over 100 financial institutions throughout the world.
The multinational gang behind the attack, gained entry into the banks’ computer systems by sending employees spear phishing emails which appeared to come from legitimate sources. As soon as the banks’ employees clicked on the links their computers were infected with Carbanak malware.
This enabled the attackers to gain entry into the internal network and infect servers that controlled ATM machines. The criminals would remotely instruct the machines to dispense cash and have members of the gang at pick-up points to collect the stolen money. They also used e-payment methods to transfer money from financial institutions to criminal accounts.
Third Party Services
Most third-party suppliers to financial institutions will have significantly less security measures in place than the banks themselves and present an attractive weak point for the hackers to exploit.
This has been evident in the increasing number of cyber-attacks targeting systems running SWIFT. The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a network that enables financial institutions to move trillions of dollars around the world each day.
Cyber criminals have successfully used malware to manipulate the systems used for these cross-border transactions and have siphoned off money from a large number of banks around the world.
How will banks protect themselves against the growing threat of cyber-attacks?
Cybercrime is proving to be hugely disruptive to banks around the world and cybersecurity has now become a top priority as banks look at ways of strengthening their defences to combat this growing threat.
HSBC is using former military intelligence officers to strengthen their systems against attack, and Bank of America’s CEO, Brian T Moynihan said that “cybersecurity is the only place in the company that doesn’t have a budgetary constraint” indicating the magnitude of the problem and the lengths that banks are prepared to go to, to protect their business.
Criminals will look to exploit any vulnerabilities in the bank’s security systems, so it is vital that banks become more proactive in their approach and look at new ways of improving their security procedures.
Financial institutions will need to prioritise and assess the areas which are most vulnerable to attack and put in place measures that will limit the ability of hackers to move freely within a compromised network. To protect the sensitive data that they hold, banks will need to aggressively defend every potential access point and segment networks into zones. This could mean the difference between attackers only getting as far as an employee’s computer or committing a grand scale heist resulting in the loss of millions.
Banks will need to regularly test their systems and implement a well-defined security policy that will determine the best way to operate with minimal risk, whilst supporting any compliance requirements.
It will also be vital for banks to implement effective and engaging cyber security training for staff. This will enable employees to identify and respond appropriately to the growing range of cyber security threats.
Financial institutions may have the strongest security systems in place but unless they are continually training their staff on the evolving threat landscape, they remain vulnerable to attack. Creating a human firewall will help protect sensitive data, reduce threats and ensure the reputation of the bank remains intact.
How will banks fight cybercrime going forward?
To combat this growing threat, banks will need to pool their resources and share knowledge on industry attacks to help create a better understanding of the threats and vulnerabilities faced across the sector.
There will need to be continual investment in cyber security, and spending will need to be allocated across a variety of solutions to prevent against potential breaches and data loss. The use of machine learning technology, behavioural analytics and cyber security training will provide a layered approach that will protect against potential threats.
John McFarlane, chairman of TheCityUK and Barclays commented on the approach that banks need to take going forward: “Cybercrime is a clear and present danger, not only to our current way of life, but also to society as a whole. Our traditional defences are no longer adequate to protect ourselves as shared industry systems, companies or individuals. This is a war, and needs wartime, not peacetime, urgency.”
Sign up for our fortnightly newsletter to keep up to date with the latest cyber security news and advice on how to keep you and your family safe online.