Our financial services sector is under cyberattack
Financial institutions like banks and other brokers hold large volumes of data about their clients, investors and customers.
That data is often of a highly sensitive nature, including everything from names, addresses, logins, bank account information, to credit and debit histories. That makes the financial services sector a prime target for hackers, as information like that can be highly valuable when carrying out fraud and identity theft. Add to that the treasure trove of data yielded by the explosion of financial technology (Fintech) apps and services (think everything from payroll apps to invoicing apps), the opportunity for hackers has never been greater.
In fact, Finance was the second-highest reporting sector in the first half of this year, notifying 14% of all breaches, as reported by the OAIC.
As Australia’s financial sector continues to digitise, cybersecurity risks also grow bigger, with the potential to affect any sector that depends on financial services. But what are these cyber risks exactly? Let’s take a look at the three biggest cyber threats facing our financial services sector.
1. DDoS and web application attacks
DDoS, or a distributed denial-of-service (denial-of-service), attacks try to disable websites by overwhelming them with fake requests, denying any other users access. These attacks can be relatively cheap and simple to pull off, which explains why they’re so common. Almost a third of network downtime incidents are attributed to DDoS attacks, resulting in huge financial losses and damaging business reputations. Luckily, there are lots of DDoS protection tools and integrated services out there that are designed specifically to counter DDoS attacks.
Web applications present another potential point of entry for hackers. Most of the digital applications we use today are hosted on the web (think Google docs, cloud-based email or online forms). Hackers love targeting these because they are the most accessible and rely on user input to work. Firewalls can be effective against hackers trying to commandeer these web apps, especially smart firewalls that can also block cross-site scripting (XSS) attacks.
The best way to deal with these risks is to simply adopt good cyber habits. Simple steps like clearing stored cookies (which a lot of apps can do automatically if the right settings are enabled), avoiding questionable websites and making sure you’re running up-to-date antivirus and anti-malware tools can go a long way to reducing your risk profile.
2. Backdoors and third-party vulnerabilities
Targeted attacks often use “backdoors” – software vulnerabilities that allow remote access – to sneak into secured systems. But modern digital networks are growing a lot more interconnected and complex. Modern businesses make use of everything from third-party vendors to smart devices and smartphones to carry out their operations, and any vulnerability at any point in the chain can open the door for hackers to sneak in. Though you can control the security standards of your own network, you can’t always dictate the same standards to your business partners and third party services.
The risk will never be fully eliminated, but there are ways to defend your organisation. Your first priority should be good housekeeping: using multi-factor authentication, access control, patching and good cyber habits can greatly limit your exposure to risk.
Next, you will need to thoroughly review your vendor and partner contracts for their security practices. Whether it’s cloud storage provider or a web developer, ensure any vendors you work with have good security measures in place. It won’t eliminate the risk entirely, but will greatly reduce it. Finally, consider bringing in an external security provider. Letting a reputable security partner manage and monitor your services can be a great way to ensure you have trained eyes on your network 24/7.
3. Insider Threats
Despite the hue and cry over external cyberattacks in the media, the inconvenient truth is that a significant number of data breaches originate from inside the company. Over a two year period, the financial services sector saw a 20.3% increase in insider attacks, according to a report from The Ponemon Institute and IBM.
Malicious employees can give hackers a way to bypass even the strictest security, just by sharing their credentials or by simply neglecting cybersecurity practices already in place. But not all of these incidents are intentional. Simple human error forms a big part of the picture, with phishing scams and malware downloads tricking even the most well-intentioned and dedicated employees.
The best defence against insider threats is to identify mission-critical operations and tighten access to them. The ACSC has a great guide on the concrete steps you can take to secure your company from insider threats. The next security measure is building a supportive work culture. Organisational culture is a big factor when it comes to insider risks. By fostering an open and collaborative culture that protects and values employees, your first layer of defence – the people you employ – are ready and motivated to look after your institutional assets as well as their security.