Before we cover our roundup of banking threats for 2021, it’s important to note that many of the threats we saw in 2020, such as ransomware and zero-day attacks still remain major threats going into this year. The financial sector’s ongoing digital transformation and COVID-induced cloud reliance have caused the sector’s attack surface to grow exponentially, exposing organizations to increased levels of cyberthreat activity. Another key accelerator to all this is the fact that the Covid-19 pandemic is likely to cause a sharp wave of poverty, invariably leading to higher rates of cybercrime in the coming years.
Meanwhile, attack groups leveraging ransomware have already made a large profit last year. In 2020, an increasing number of small-medium banks and financial institutions across Africa, Asia, and Eastern Europe have fallen prey to attacks from groups with expertise in vending RDP/VNC network access. The modesty of a small bank’s cybersecurity architecture has made them preferred targets for hacking groups.
Unfortunately, the problem isn’t going away any time soon. The estimated cost of cyberattacks on financial institutions is more than $18.3 million each year, and that number is only expected to rise going into 2021. An added challenge to all this is the difficulty law enforcement is having cracking down on cyber crimes in a post-COVID world. Looking forward, we can expect larger-scale attacks coupled with the use of more sophisticated 0-day and N-day exploits. Most importantly, cyber criminals targeting financial assets will likely turn to extortion tactics. A scenario like this could be especially damaging to companies that have suffered a data loss, undergo a data recovery process, and then get targeted again only to be taken offline. Now on to 2021.
With an alarming rise in vicious cyberattacks on financial institutions in 2020, it’s now estimated that 10% of all data breaches were related to the financial industry. With reported breaches already at The U.S. Treasury Department and the New Zealand Central Bank, 2021 doesn’t look like it’s off to a good start for financial sector. If these hacks are any indication of what’s to come – it’s critical for financial institutions to be prepared for the year ahead. Here’s our list of top cybersecurity threats banks can expect to defend against in 2021:
As we’ve already seen in 2020, ransomware is the weapon of choice for many threat actors. Ransomware is a rising threat to small banks and credit unions with less than $35 million in annual revenue. And with 90% of all financial institutions having experienced ransomware in the past year, the problem is only going to get worse in 2021.
Hackers behind targeted ransomware attacks have become emboldened by their more recent successes and are steadily increasing their asking price in exchange for not publishing stolen information. We’re also seeing that when it comes to high-profile targets, such as enterprise and secure cloud networks, threat actors are spending more time and resources on sophisticated social engineering campaigns designed to access victims’ networks using the MICE framework.
It’s usually safe to rely on ATMs when they are regularly updated by vendors. But many ATM machines are still running on outdated operating systems such as WindowsXP and require major security patches to be considered truly secure.
Since major changes to an ATM’s running software requires approval by the ATM vendor, failing to approve updates leads to a void of warranty and invariably a higher chance of attack. Many banks wait for their ATMs to reach their end-of-cycle before upgrading them. Rather than updating existing software regularly as versions become available, it's common practice for banks to simply replace the entire machine itself with upgrade software.
In addition, an ATM’s location plays an important role when it comes to its security. Due to the lack of physical security in isolated locations, hackers can easily gain physical access to the internal ports of the motherboard, making remote ATMs favorable targets for hackers. The hacking group Prilex is now positioning itself as a MaaS bazar and is moving to target PIN pad communications. In general, the group is touting a variety of skills related to ATM malware, PoS malware, EMV software for cloning payment cards, DDoS services, and others.
Insider threats caused by successful social engineering campaigns and phishing attacks remain a critical vulnerability for banks. A large part of this is due to weak Privileged Access Management (PAM) policies within protected environments coupled with exploitable WFH networks. Consider for a moment the fact that nearly two-thirds of financial service employees regularly have access to over 1,000 sensitive files of customer data. The average financial service employee has access to nearly 11 million files daily – a number that’s even higher within larger organizations (Varonis).
Strong PAM policies allow financial institutions to effortlessly implement intelligent application policies across their organization while removing local admin rights in order to ensure resilience against malware. We already know that our most critical environments require more complex layers of security and control.
We see similar policies leveraging IAM and PAM come into play when it comes to securing software — but a zero-trust policy needs to be adopted when it comes to safeguarding the most sensitive data of financial institutions.
If after reading this article, you’re starting to doubt the security of your organization’s IT structure, know you’re not alone. Here are just a few methods you can adopt in order to create a more safe and secure digital landscape and defend against potential cyber threats in 2021.
Regularly review your cloud infrastructure to ensure it’s up to date. Assess your cloud security’s current state compared to security benchmarks, best practices and compliance standards.
Use a vulnerability management tool to help you automate threat detection and protect against potential threats before they become a problem. There are many available solutions that help financial organizations do this safely and effectively.
By only providing access permissions to employees who require it, you’re ensuring your organization is well-protected from within – especially if you employ contractors or part-time workers. Adopting a zero-trust Privileged Access Management (PAM) policy can help organizations greatly reduce their attack surface by preventing unauthorized access.
Having a plan in place helps you avoid data loss and allows your organization to minimize downtime after a disruption. This only works if data is backed up regularly and often.
Encrypting data cryptographically, and protecting the cryptographic keys to that kingdom, ensures your most sensitive digital assets are always protected – even if your IT structure is critically compromised.