BFSI Sector has always been favorite of all hackers and attackers. BFSI has always been top priority for email security threats and cybercrimes.
According to Beazley Breach Insights July 2016 Report Hackers are targeting smaller financial institutions.
- During the first half of 2016, Beazley Breach Response (BBR) Services managed 955 data breaches on behalf of clients, compared to 611 breaches during the same period last year. After healthcare, financial institutions, particularly those with annual revenues below $35 million, experienced the highest levels of breaches.
- Within the financial institutions segment, hacking and malware attacks increased sharply as a proportion of total breaches as hackers went after their valuable financial data, increasingly targeting smaller and more vulnerable institutions. In 2015, hacking and malware accounted for 27% of the 128 financial insitution breaches handled by Beazley; in the first half of this year, that rose to 43% of 139 breaches handled
- Banks and credit unions with less than $35 million in annual revenue accounted for 81% of hacking and malware breaches at financial institutions in 2016, a major increase over the 54% of incidents they represented in 2015. Hackers are increasingly targeting smaller financial institutions with less robust data security systems and personnel than larger banks.
Few incidents in financial services as described in Beazley Breach Insights report:
- Phishing : A financial firm’s systems were compromised due to a spear-phishing scheme a that resulted in a fraudulent wire transfer and potential ex-filtration of emails with customer personally identifiable information
- Malware : A bank experienced a sophisticated malware attack, where hackers were in the insured’s system for at least six months. The hackers set up fake accounts and money was withdrawn from the bank from those fake accounts. The forensic investigation was extremely expensive due to the type of malware.
- Vendor hacking : A financial services firm reported that the passwords for a web based dealer portal (which is licensed from a third party vendor) were compromised. Four dealer accounts were hacked and the routing and account numbers were transposed. This caused the firm to issue unauthorized deposits to dealers who did not actually request them.
Over last few years Indian banks and financial sector has also seen several cyber threats almost every month. Whatever route BFSI segment may take to fight against cyber threat important thing is to maintain focus on proactive prevention and discovering new and effective ways to avoid all email security threats and attacks.