Cybersecurity in banks is not just ticking the boxes, it has to be an ongoing strategy
Wherever there is money, there is bound to be a crime and criminal activities. Therefore, it is not surprising that the banking and financial services sector is the most targeted by cybercriminals.
According to the New York Federal Reserve, cyber-attacks on financial services companies happen 300 times more often than in any other sector. It is a fact that 80% of all cyber-attacks are targeted at the financial services sector. During the pandemic, hacking and ransomware attacks rose multi-fold when online transactions increased.
These statistics should frighten anyone because banks are the repository of the majority of all monetary resources across the world, and billions of transactions are being handled by them. Cyber-attacks result in losses not only to economies but also to individuals.
As the world – including banks - increasingly go digital, we need to understand cybersecurity threats and the trends that are taking place because awareness is critical in the battle against cyber fraud. We can put systems in place, but there needs to be qualified people who can understand and assess the risks and mitigate them. Otherwise, policies will fail.
Digital banking is convenient with mobile devices having become our banking points. In their zeal to go digital and allow customers to access financial services anytime from anywhere, there has been a rush by banks and other financial institutions to adopt cloud technologies.
Some years back, the financial services sector was not keen on cloud adoption. All that has changed over the past few years. Since demonetisation and during the coronavirus pandemic, there has been an increasing migration to the cloud in the BFSI sector. We are in advanced conversations with very large private sector banks who have adopted cloud technologies and are engaging with us from an identity security perspective.
Identity is an integral part of security protocols, especially in the financial services sector, particularly banking. Therefore, protecting the integrity of identities is of paramount importance.
But we are witnessing an increase in cloud-based attacks with malware.
Getting personal information has become simpler for cyber criminals who are now leveraging social media in their attacks. Since billions of people use social media platforms, it has become easy for criminals to access critical data through phishing. This can happen either through fake websites that mimic the real thing or by sending users notifications of their accounts being closed or being in violation of regulations. The criminal then guides the user through a process that ultimately ends in their divulging personal information.
The other method attackers are using is social engineering, a digital form of a confidence trick whereby the perpetrator gains the confidence of the victim to divulge sensitive information.
In 2021, the data breach of around 6 billion accounts occurred, among which were users of Netflix and LinkedIn. The social media company later said there had been no actual breach of its systems, but that data was 'scraped' from the profiles of the users from the internet-facing applications. This happens on other social media platforms as well.
Unfortunately, people are in the habit of putting in a lot of personal details on such sites, which can be 'scraped' by hackers and sold on the dark web, with disastrous consequences. We cannot stress enough on the need for people to be on their guard while keying in personal details. Unless statutorily required or it is an authentic bank or financial services provider site, users are under no obligation to reveal personal information online.
Distributed denial-of-service attacks that slow down banks' servers or other transactional sites have become another favourite method for hackers to extort ransom.
Remote working habits have intensified the threat landscape, especially in banking. While banking corporations ensure that those involved in critical functions do so under supervision and on machines that are owned and controlled by them, remote working has, to a certain extent, weakened the strictly controlled environment, as remote access solutions can be hacked and identity credentials stolen. This is especially since attackers continue to evolve their modus operandi.
Organizations must have comprehensive and strict regulatory compliance policies and strategies. However, it is not enough to tick the boxes for compliance's sake; it has to go beyond the minimum standards required.
The acceleration of digital transformation has brought an end to the traditional network security perimeter. Instead, organizations rely on identity as a security barrier, with the need to implement a zero-trust framework to reinforce this new perimeter. Zero trust is an approach that does not assume implicit trust on any corporate resources, no matter where they reside — in the cloud, from home, mobile, etc. — instead requiring that every identity re-establish trust for every session with a corporate resource.
A zero-trust strategy also helps organizations as they look to gain greater enterprise visibility and reduced IT complexity, demand less of their security teams, and more.
Rohan Vaidya
Rohan Vaidya is the regional director of sales, India at CyberArk.