The financial industry has found itself in a unique situation; suffering from attacks against its own infrastructure, as well as attacks against its customers. It faces a wide variety of threats, from phishing and widespread trojans, to complex and targeted attacks, and it operates with a wide variety of IT infrastructure: from traditional to specialized, including ATMs and Point-of-Sale terminals.
Addressing this vast threat landscape requires global, real-time, specialized security intelligence and dedicated technologies. Understanding the needs and challenges faced by financial industry professionals is also important. To find out more about how financial companies perceive cybersecurity and the challenges they face, Kaspersky Lab, together with B2B International, has conducted a global study of 841 business representatives from financial services businesses in 15 countries. These are the main findings.
Click here to get the full report, available for free after registration.
- The financial industry operates using a wide variety of employee devices, with an average firm handling almost ten thousand devices. For banks, the figure is even higher at more than 12,000 devices on average. Virtualized infrastructure and specialized devices like ATMs add to this count.
- Mobile banking is on the rise. 42% of banks predict that the overwhelming majority of their customers will use mobile banking in three years. In connection to this, phishing attacks seem to be a major concern for the financial retail industry, with 46% of banks saying their customers are frequently attacked today.
- 70% of banks reported financial fraud incidents that have lead to a monetary loss
- Improving security on the customer side is thus one of the main priorities:
- Financial firms see the potential in trending technologies like blockchain. Their hopes are mostly centered on improving the security of transactions, yet the adoption of blockchain in the production environment is very low.
Specific threats
Banks facing the entire threat landscape need to prioritize. We asked them about the threats they are typically concerned about, and attacks they find it difficult to protect themselves and their customers from. Comparing the results gives us a chance to separate known, prevalent threats from future and niche ones.
This breakdown, yet again, shows the importance of protecting customers from phishing and/or social engineering attacks. Another potential threat is attacks on ATMs: here, banks show a comparatively lower level of concern, but report a high level of vulnerability. If measures are not taken, this perception mix is a true recipe for potential disaster. We can see that potentially highly damaging but well-known threats against the financial industry are attacks on the back office and front-facing online banking infrastructure.
The importance of protecting core infrastructure was highlighted by the recent incident at Tesco Bank – in November 2016 it was reported that the weakness in the bank’s online system led to the theft of £2.5 million from 9,000 customers.
The survey reveals additional challenges addressing cyberthreats beyond vulnerable infrastructure and financial fraud. 60% of financial firms are yet to embrace third-party threat intelligence, a major factor in efficient security. This affects the time banks need to detect a threat – for example 24% of financial organizations reported that some of the incidents they faced in 2016 were eventually discovered and reported by a customer.
Looking for solutions
Unlike complex and targeted attacks on core banking infrastructure, financial fraud in cyberspace can be addressed using existing protection methods. With banks being mostly concerned over threats such as phishing, fraud prevention methods have to be applied more actively, utilizing modern approaches such as the behavior-based detection of irregular activity with intelligent algorithms.
The security of financial transactions may be significantly improved in the future by using modern technologies such as blockchain. Before this happens though, the need for modern, intelligent solutions to detect complex and targeted attacks is high. The prevalence of complex attacks also forms the argument for intelligence sharing within the financial services sector.
Overall, the financial industry, like no other, depends on new, customized security technologies to better protect existing infrastructure and financial applications – from ATMs to core data centers. It also needs security intelligence to efficiently respond to new cyberthreats and predict the evolution of the threat landscape for the near future.