Just ten years ago, financial security risks such as card cloning, identity theft, and unauthorized transactions worried bank customers, now cybersecurity is changing the way we have conceived of and prepared for cybersecurity breaches.
In response to concerns raised by banking customers, the banking industry leveraged technology to develop new cybersecurity systems. The customer trusted (and still trusts) banks to keep all their data under lock and key in their “cyber vaults” in the cloud.
Now, all customer trust will only be as secure as the banks’ cyber-technological system allows. Therefore, the most vulnerable to security breaches today are not the customers, but the banking industry.
Banks, insurers, and financial services firms, in general, remain the main targets of cybercriminals looking to steal money, disrupt operations, destroy or tap critical infrastructure, and/or steal information. Cyber risk is second only to regulatory risk in the risk ranking of financial institutions. It is for this reason that cyber risk is currently present in practically all the agendas of the executive committees and directors of financial institutions. This environment makes it difficult for organizations’ cybersecurity teams to detect and counteract these advanced cyber threats against the clock. In the financial industry, this situation is combined with the existence of a technological transformation in which mobile applications, new technologies (Fintech), and cloud services, among others, are increasingly used.
We will start with the recapitulation of approximately five years ago, (where in recent years we will make more emphasis on Mexico) when the world was not yet fully digitized as it is now, especially talking about the pandemic that forced everything to be done via online.
2016
In February 2016, Bangladesh Bank suffered a Cyber-attacks against the bank’s infrastructure that was connected to SWIFT, in which 81 million dollars were stolen. Immediately following the attack, SWIFT launched its Customer Security Programme (CSP) in a concerted effort to spur industry-wide collaboration against the cyber threat and help strengthen and safeguard the security of the wider ecosystem. According to the World Bank, the Global Banking Group estimated that financial services customers suffered 65% more cyberattacks than customers in any other industry.
2017
In May, hackers managed to access the clouds of two of Canada’s largest banks – Bank of Montreal and Canadian Imperial Bank of Commerce. The hackers managed to steal the data of 90,000 people. In exchange for the data, they asked for a $1 million XRP. Two months later, something similar happened in Chile: A hacker group managed to leak thousands of credit cards from 19 banks.
Because of this, in 2017 several US banks were collaborating in an initiative called Sheltered Harbor. This initiative benefits participating banks in the event of a cybersecurity breach. In the event of a breach at one bank, another bank takes over with copies of the data (backup). This is something that can be replicated in several countries.
2018
In May, the Mexican national financial system was alerted to a large-scale failure in banking operations of approximately 15 million dollars.
Days later, it was confirmed what until that moment no authority had accurately reported: a hack estimated at around 400 million pesos to the Interbank Electronic Payments System (SPEI) of the Bank of Mexico, standing out as one of the largest known cybercrimes in the country.
The incident exposed technological vulnerabilities in the financial system, as well as the need to strengthen the country’s cybersecurity regulatory framework at that time. However, this attack also brought favorable consequences, because, since then, the legal provisions became stricter and the institutions of this sector were given the task of strengthening their cybersecurity mechanisms, in order to increase their levels of protection. Even so, Mexico is still not prepared for this because, according to the study “State of cybersecurity in the Mexican financial system”, prepared by the Organization of American States (OAS), in conjunction with the National Banking and Securities Commission (CNBV), all financial institutions in the country identified some event in their digital platforms that threatens their cybersecurity and, of that total, 43% were successful. The three most common attacks were through: malicious software or malware (56%), phishing (47%), which is impersonation to obtain data such as passwords or card numbers, and violation of clean desk policies (31%).
2019
According to the World Economic Forum, fraud, data theft, and cyberattacks are the ranking among the most dangerous risks facing businesses; these threats are not limited to the richest countries.
In Mexico, an average of 10 cyberattacks per second were recorded, reaching eight billion dollars; a figure equivalent to an increase of 38% per year.
In Spain, attacks against financial institutions increased by over 20% compared to 2018.
2020
The impact of COVID-19 on a global scale made it clear that attackers are targeting financial institutions directly:
From the beginning of February to the end of April:
- Attacks targeting the financial sector have grown by 238%.
- Ransomware attacks against the financial sector increased 9 times over.
Mexico:
Between July 5 and 11, the National Commission for the Protection and Defense of Users of Financial Services (Condusef), the Bank of Mexico (Banxico), and the Tax Administration System (SAT) had their respective websites affected. The most affected were the Condusef, whose website was completely intervened for several hours by cyber attackers.
Both Banxico and SAT barely experienced intermittences due to the robustness of their security systems, something that can only be seen in Mexico in the most important financial institutions.
United Kingdom:
Finastra, which provides financial software and services to more than 9,000 customers worldwide, suffered a major ransomware attack. Finastra is central to the functioning of the global financial system, serving 90 of the world’s 100 largest banks. The attackers accidentally triggered a security alert; knowing they were being targeted, they deployed aggressive ransomware attacks using a tool called Ryuk. What’s significant about the Finastra attack is that its security team decided, rather than pay the ransom demanded, to take down thousands of its servers quickly. While the company did not provide much detail about the attack, the subsequent analysis indicated that early detection and good decisions by the security team ensured that the matter did not escalate. The potential for financial and reputational losses, not only for Finastra but also for its customers, could have been gigantic.
New Zealand:
In late August, the New Zealand Stock Exchange (NZX) suffered a distributed denial of service (DDoS) attack that took many of its operations offline. The Guardian newspaper said that for four consecutive days NZX experienced network connectivity problems similar to those caused by DDoS attacks. This led to the temporary disruption of servicing of Fonterra’s debt and shareholder markets.
France:
Sopra Steria, the French IT services company serving large clients in the financial sector detected an attack on its network on October 17 and 18; they subsequently deployed the ransomware. The firm did not identify any leaked data or damage caused to its clients’ information equipment. The malicious code progressively rebooted computers and operations. Ryuk, a favorite tool of hackers, works by phishing. It arrives in emails that include malicious Word or PDF files that target ransomware; downloading the files encrypts the contents of the hard drive and launches payment instructions in cryptocurrencies.
In a study conducted by Deloitte, it was identified that 88% of cyber attacks in the financial sector are successful in less than a day, but only 21% of them are detected during the first day. The economic impact of these attacks on organizations varies considerably, depending on when they are detected and countered. In the case that the detection occurs on the same day, it can cost a few thousand pesos, but that impact rises to millions of pesos when it is more than three days.
Although the financial industry has been investing in cybersecurity for years, recent studies show that it is still a challenge to identify and keep up with today’s cyber threats, due to the number and complexity of their evolution.
Today, this is no longer enough. Financial institutions need to monitor “what they don’t know”, to be able to predict the behavior of existing cyber threat campaigns through advanced monitoring and predictive analytical intelligence. This is the new challenge they face and it will largely determine the potential impacts they will continue to counter. That’s why at Infosecurity Mexico we tell you how to reduce the risk of suffering a cyberattack in today’s famous telecommuting with the COVID-19 pandemic.
Finally, a hopeful approach is that Asia is expected to be the central continent of financial technology innovation. With increased urbanization and middle-class growth of massive populations, considerable improvements in infrastructure technology are expected.
2020 is the year we finally outsmart these cyber attackers! #bringiton #levelup
Oh, sweet summer child. Cyber attackers are always ahead of the game. It’s a constant battle, not a one-time victory. Stay vigilant and keep your guard up. #realitycheck
“Can you believe cyber-attacks are evolving faster than Pokémon? Gotta catch ’em all!”
“Wow, cyber-attacks keep evolving! But hey, did anyone see a unicorn hacking a bank in 2019? 🦄”
Seriously? Unicorns hacking banks? Are we in a fairytale now? Let’s stick to the real threats and stay informed about the actual cybersecurity risks out there. 🙄
Wow, can you believe how cyber-attacks in the financial industry have evolved from 2016 to 2019? Mind-blowing stuff!
“Wow, cyber-attacks in the financial industry have really evolved over the years. Scary stuff! 😱”
Yeah, it’s terrifying how advanced these hackers have become. Makes you wonder if anyone’s money is really safe anymore. Better start stashing cash under the mattress, just in case.
Comment: Who would have thought cyber-attacks could evolve so much? Mind-blowing stuff! 🤯💻
Reply: It’s not surprising at all. Technology keeps advancing, and so do the methods of cyber-attacks. Stay informed and vigilant, or you might end up being the next victim. Don’t underestimate the power of hackers. 💻🔒
“Whoa, cyber-attacks in the finance industry have evolved so much in the past few years. Mind-blowing stuff, right? 🤯”
“Who would have thought we’d be battling hackers in 2019? Time to up our security game!”
Seriously? It’s not like hackers just emerged out of nowhere in 2019. We’ve been dealing with them for years now. Maybe it’s time you caught up with the rest of us and realized that beefing up security has always been essential.
“Wow, can you believe how cyber-attacks in the financial industry have evolved over the years? Mind-blowing stuff!”
Absolutely! It’s crazy to see how cybercriminals constantly outsmart the financial industry. But hey, it keeps things interesting, right? Gotta stay on your toes to stay protected.