Protecting your business from cyber threats has become increasingly important over the years due to progressively sophisticated methods of attack. Recent reports from the White House, Cybersecurity and Infrastructure Security Agency, and the Federal Bureau of Investigation are urging companies to ramp up security measures due to intelligence warning of potential Russian hacking on a large scale. Critical infrastructure industries, including financial, were specifically singled out as needing to be extra vigilant with their cybersecurity.
Below are the common types of cyber threats financial industries face and steps you can take to protect your business and members.
Common Cyber Threats
Phishing
This method tricks users into providing login credentials that allow someone to gain access to an internal network. Email phishing is the most common of this type of threat, where an email posing as legitimate communication is sent to victims. Interacting with infected links or attachments in the emails could result in malware being installed or the harvesting of login credentials. To unsuspecting recipients, the scam email seems very convincing since they typically present a matter requiring urgent response and they often mimic the look of a valid email from your business.
Ransomware
During a ransomware attack, victims are locked out of their computers, which have been encrypted with malware. Cybercriminals use this method to pressure victims into paying a ransom to prevent the release of sensitive data. Financial industries are an attractive industry to target in this manner because of the valuable customer information they possess, and they rely on being viewed by the public as being a safe, trustworthy business.
Distributed Denial-of-Service (DDoS) Attacks
These occur when a victim’s server is overloaded with fake connection requests, which force it offline. This type of attack is used against financial businesses because of the variety of infrastructures that can be impacted, such as banking IT, customer accounts, and payment portals.
Supply Chain Attacks
This type of attack occurs when cybercriminals circumvent security controls by creating a pathway to sensitive information through a target’s third-party vendor. Third-party vendors may store information for multiple clients, meaning a single compromise could impact hundreds of companies.
Vector Attacks
The most common of this type of attack are SQL Injections, Cross-site Scripting, Local File Inclusion, and OGNL Java Injection. SQL Injections are web security vulnerabilities that allow an attacker to interfere with the queries that an application makes to its database. This can result in the user being able to access sensitive data that was not intended to be displayed. Cross-site Scripting attacks occur when a victim visits a web page or application that executes malicious code, and the code is delivered to the user’s browser. This type of attack is most common on forums, message boards, and web pages that allow comments. Local File Inclusion is a technique where users trick a web application into exposing files on a web server, which can lead to the exposure of sensitive data or the attacker being able to control your entire server remotely. OGNL Java Injection attacks occur when the attacker-supplied data is interpreted without validation, and they are able to inject their own code onto the website. A well-known example of an OGNL Java Injection attack was the Equifax breach in 2017.
How to Defend Against Cyber Threats
It is critical that financial institutions are proactive in protecting themselves and their members from cyber threats. Defending against most attacks can be addressed with the following security measures:
Multi-factor Authentication
Require users to provide two or more verification factors to gain access to a resource, such as their online account, or an application. An example of this would be requiring a user to provide their username and password, plus either a one-time password that is delivered via text or email or by answering personal security questions.
Third-Party Risk Management
Make sure that any third-party vendors you use adhere to the highest cybersecurity standards. Their security vulnerabilities can impact your secure information if they are the victim of a cyberattack.
Use Modern Security Tools
These security tools, such as firewalls and antivirus programs, continuously look for and mitigate threats. Make sure that your systems are protected against all known vulnerabilities and change passwords network-wide, so previously stolen credentials are rendered useless to cybercriminals.
Back Up Your Data
Keep backups of your data and ensure you have offline copies in case of an attack. Encrypting your data also offers a level of assurance that even if stolen, the data is no longer useable.
Send Reminders About Common Ploys
Educate employees on common strategies used by cyber attackers, such as phishing emails and website malware. Advise against clicking on suspicious links or forwarding questionable information.
Have a Plan Ready to Implement
Have an emergency plan in place in case of a cyberattack. Being able to respond quickly will help to minimize the impact of any attack.
Having a robust cyber security defense is crucial for all businesses, but especially those that have individuals’ sensitive information stored on their servers. An effective data security plan will save your business time and money in the future and ensures that your members continue to trust you.
Sources
https://thehill.com/homenews/administration/599072-white-house-warns-russia-prepping-possible-cyberattacks-on-us?rl=1
https://www.upguard.com/blog/biggest-cyber-threats-for-financial-services
https://www.zdnet.com/article/white-house-warns-do-these-8-things-now-to-boost-your-security-ahead-of-potential-russian-cyberattacks
https://www.cisa.gov/news/2022/02/18/cisa-releases-new-insight-help-critical-infrastructure-owners-prepare-and-mitigate