Financial services are at the heart of our global economy and it’s safe to say cybercrime is a major risk for the banking system. Cybersecurity has become a vital investment for the financial sector. In 2019, Jamie Dimon, CEO of J.P. Morgan Chase & Co stated that, “Cyberattacks may very well be the biggest threat to the U.S. financial system.” This is probably why J.P. Morgan Chase spends nearly $600 million each year to strengthen its cyber defenses and in the face of “a constant stream of attacks.”

Even with J.P. Morgan Chase’s significant cyber spending, they suffered a major data breach in 2013. According to a Forbes article, the information of 76 million households—approximately 65% of all U.S. households—and 7 million small businesses were compromised. Financial services companies are well aware of the problem and are working hard to combat cybercrime, but huge amounts of money are still being siphoned off every year by cybercriminals —US$4.2B in 2020 alone, according to the FBI.

Unfortunately, cyberattacks in the financial sector are all too common. In their latest report, the European Central Bank’s 2020 edition of its ECB Banking Supervision: Risk assessment report identified the main risk factors that the eurozone banking system is expected to face over the next three years. These risks are increased by:

• The continued digitization of financial services
• The obsolescence of certain banking information systems 
• The interconnection with third-party information systems and, by extension, migration to the cloud 

In the United States, financial services face identical problems. According to a cybersecurity report by Boston Consulting Group, banking and financial institutes are 300 times more at risk of cyberattack than other companies. On top of that, an Accenture study found that the average annualized cost associated with data breaches for financial services companies globally has increased to $18.5 million.

When it comes to the banking sector – there are specific characteristics that make cyberattacks very serious, both in terms of the probability of occurrence and the potential severity of the impacts. Data security is a major issue for the financial sector, which plays a key role in the economy. A security incident in a banking institution can have consequences on the day-to-day operations of an entire country, or even an entire region of the world.

Today’s financial services are entirely dependent on computer systems. Although they started to digitalize very early on – today, lots of information systems (IS) are obsolete. In fact, many security incidents have been linked back to maladjusted tools. In some cases, software patches simply aren’t installed.

ImmuniWeb studied external web applications, APIs and mobile applications of the S&P Global list (which mentions the world’s largest financial organizations, from 22 countries). Among other things, ImmuniWeb found that 91% of mobile banking apps contain at least one medium risk security vulnerability. One thing to keep in mind when it comes to these companies is that financial sector information systems often rest on multiple, decentralized systems within large, widely interconnected groups – which increases cyber risks. These elements make financial services a very lucrative target. Banking requires more sophisticated protection and attack detection mechanisms in terms of cybersecurity.

Top 3 cyber threats to the banking and financial sector

(1) Phishing and DDoS in the lead

Based on recent trends, the finance sector continues to have higher rates of confirmed social engineering incidents than most other sectors, especially phishing. In 2020, no other sector had as many DDoS attacks. Industries such as retail and banking experienced an upsurge of attacks at certain times during the COVID months, most likely due to increased online traffic volumes. As per the ORX News dataset, RCDevs estimates that on average, in the financial sector – fraud-type-cyberattacks account for 43% of events, data breach 34% and disruption 23%. On top of that, Imperva’s 2020 report on DDoS Attacks in the Time of COVID-19 shows that DDoS attacks have increased by 30% in financial services between 2019 and 2020.

Overall, the COVID-19 pandemic and remote work drove a significant increase in DDoS attacks on financial services in 2020 and this appears to be a trend that is set to continue throughout 2021.

(2) Artificial Intelligence, a Double-edged Technology

AI technologies are increasingly used by financial institutions. However, behind this growing use of AI lies a double reality. On the one hand, for many financial analysts – artificial intelligence has become an indispensable ally in the fight for cybersecurity. On the other hand, AI can also help cybercriminals trying to attack financial services businesses and institutions. Cybercriminals use AI to increase the effectiveness of their attacks. AI can be used to understand patterns in human behavior, and then convince them to compromise networks and share sensitive financial data.

AI can also be used to identify new vulnerabilities in networks, devices and applications. Finding vulnerabilities as soon as they emerge makes the job a lot easier for hackers. On the bright side, banks have developed increasingly sophisticated tools to prevent cyber risks and cybersecurity automation is now the norm in the financial sector, especially compared to other fields. Constant monitoring of all activity on networks, and efficient patching is essential to fight cybercriminals. As far as AI is concerned, fighting fire with fire seems to be the best way to go for financial organizations.

(3) Advanced Persistent Threats

When it comes to banking systems and financial firms, advanced persistent threats (APTs) are another serious threat due to the sensitive nature of the data. Advanced persistent threats are stealthy threat actors, typically a nation state or a state-sponsored group, which gain unauthorized access to a computer network and remains undetected for an extended period.

Cyber espionage is on the rise and financial services have been hit hard in recent years. These types of attacks can be carried out by competitors or a foreign state interested in financial data. The financial sector has been highly affected by APTs and banks are particularly targeted. These sophisticated and stealthy threats combine advanced intrusion and spoofing techniques to allow hackers to gain access to account-management applications for example.

Take the Carbanak case. Carbanak is an APT-style campaign targeting financial institutions that was discovered in 2014 by the Russian/UK Cyber Crime company Kaspersky Lab. Based on the Economic and Financial Agency’s estimate, between $800 million and $1 billion was stolen from banks around the world, in mainly Russia, Japan, the US and Europe. The malware discreetly installed a remote administration tool, used to access employees’ passwords. Cybercriminals have been developing other similar techniques in order to target financial institutions specifically.

There’s no denying financial services organizations are a hot target for cyber attackers. Most criminals target financial firms simply because that’s where the money is. Despite major efforts to protect themselves against ever-more-numerous and sophisticated attacks, businesses in this sector need to keep their guard up. In order to effectively deal with the risks faced by the financial sector, it is recommended to adopt a global and innovative approach. Compliance with applicable regulations should be one of the first – and surely most important – steps towards effective protection.

Cybersecurity is a top priority in the financial industry as it seeks to ensure the security of its assets as well as the efficient and reliable execution of its business. This is especially true in the post-COVID world, which is increasingly interconnected and digitalized. Business leaders in the financial sector need to be more aware of the various cyber threats they face. In short, financial organizations need to be proactive in protecting their customers, their data, their networks and their operations against cybercrime. Cybersecurity strategies in the financial sector should also go towards increasing cooperation between banks and other financial organizations. Sharing information on attacks and organizing attack simulations are great exercises and though, they may not stop all cyberattacks – they can make a big difference in guarding against attack and reducing detection and response times.