A Bank’s Largest Cybersecurity Threats

October 5, 2021

Banks have always been a dream target for criminals. After all, that's where the money is. In today's technological landscape, much of a financial institution's operations now occur over the internet, creating a web of attractive targets for cybercriminals. Without cyber insurance and preventive measures in place, banks face an alarming level of risk to sensitive data, including the following areas that have been ranked as the top cyber threats for financial institutions.

Social Engineering

Cybercrime has increasingly become more sophisticated, but some of its most insidious techniques are based on psychology. Social engineering uses manipulation to entice people to divulge confidential information. Financial institution officers overwhelmingly feel that social engineering holds the biggest cybersecurity threats to banking institutions, including:

• Baiting: Lures victim with an enticing link or attachment in an effort to steal valuable information or upload malware
• Contact spamming: Uses unsolicited bulk email, text, or other digital messages to spread viruses and malware
• Customer-targeted phishing: Targets customers pretending to be their bank in an effort to obtain sensitive account information
• Employee-targeted phishing: Targets employees of financial institutions in an attempt to gain access to the bank's internal systems
• Spear phishing: Uses counterfeit messages that seem legitimate in an attempt to steal sensitive data or gain access to a computer network
• Vishing: Combining “voice” and “phishing,” uses a spoofed caller ID to make calls appear to originate from a legitimate business

Ransomware

According to a 2021 survey about cybersecurity threats, only 9% of bankers surveyed expressed concern about ransomware, yet it is one of the costliest and most concerning type of cybercrime. 2020 saw a huge increase in the number of ransomware attacks, and researchers predict an additional seven-fold rise in the coming year. Hackers have been paid millions of dollars in blackmail demands to free systems locked down by ransomware, and the techniques being used are evolving and becoming more sophisticated.

Supply Chain Attacks

Another critical threat to the financial services industry is the use of vendors and other third-party services that lack strong cyber security. Cybercriminals target these vendors, delivering malicious code through products or updates that seem legitimate that are then passed to the bank. This method of distributing malware is becoming more popular and disruptive.

Manipulated Data

Hackers don't always steal data when they infiltrate a system; sometimes, they just change it. This type of attack is very difficult to detect. For a bank, this type of cybercrime can result in millions of dollars in damages. In addition, the institution faces a loss of trust with its customers and potential damage to its reputation.

In today's world of increased technology, it's critical for financial institutions to obtain cyber insurance to address current cyber security threats. ◼