The 3 Most Common Vulnerabilities for Banking and Financial Services Organizations

Cybercriminals spare no one when launching campaigns, but the banking and financial services industry is targeted more frequently than almost any other. This shouldn’t come as much of a surprise – in addition to the substantial financial assets these organizations hold, threat actors are also after customer information, records, and credentials that help them diversify their attacks and infiltrade networks from multiple access points. Security teams within financial services organizations also face attacks that occur entirely outside their perimeters, like cyber fraud, domain spoofing, and social media impersonation.

Last month, IntSights released a report painting a comprehensive picture of the current cyber threat landscape in the financial services and banking sector based on key threat data collected in our platform. We took a random sample of some of our financial services customers and analyzed the threats targeting these organizations to find noteworthy trends, patterns, outliers, and developments. Threat researchers analyzed the most significant action in attack types, attack vectors, and regional trends facing these organizations. Here are three key findings that are shaping the landscape:

Leaked Credentials Up 129%

In January 2019, organizations around the world were forced to scramble to respond to the biggest global data leaks in history. All in all, 2.2 billion records of login credentials and personal information were exposed in the now-infamous Collections #1-5 leaks. The implications were clear, and staggering: The statistical likelihood of any given organization being affected by leaked credentials was too high for comfort.

IntSights obtained and reviewed the collections as they became available. As you might expect, our researchers observed a substantial increase in leaked credentials between January and February. The instances of credential leaks in Q1 2019 nearly doubled those of any of the previous four quarters dating back to Q1 2018.

Compromised Credit Cards Up 212%

Cybercriminals use compromised credit card numbers to make relatively small purchases, which allows them to avoid unwanted attention and remain anonymous. However, these small purchases can generate nearly ten times more “free money” than what the card itself is worth on the black market. Since credit card companies typically reimburse customers who have been victimized by credit card fraud, cybercriminals depend on stolen credit cards as a safe and simple way to generate profits. The risks are relatively small, and the potential gains are substantial.

IntSights observed 9708 instances of compromised credit card data among our random sample of banking and financial services clients in 2019 Q1. This marked a 212 percent increase year-over-year. The number of leaked credit cards continued to rise steadily throughout 2018 – despite stagnating between Q2 and Q3 – before skyrocketing in early 2019.

Malicious Applications Up 102%

Since most banks have mobile apps these days to allow customers to access their assets remotely, cybercriminals know they can fool users into downloading malicious fake applications. In fact, more than 1 in 3 consumers are fooled by fraudulent mobile apps. In many cases, hackers will create apps that mimic major blue-chip banking apps to appear legitimate. It works frequently enough: While we observed a brief dip in the number of malicious applications in 2018 Q4, it appeared to only be a temporary lull, as 2019 Q1 brought more activity in this area than ever. As consumers grow more and more comfortable with mobile banking, the risk of malicious applications grows in parallel.

It’s no secret that cybercriminals view banks and financial services organizations as valuable resources for generating profit. While these organizations – especially in more economically and technologically advanced areas of the world – tend to have staunch security systems, they also have an ever-increasing number of vulnerabilities due to the sheer volume of assets, users, and digital properties they maintain. Traditional cybersecurity strategies focus on stopping direct attacks, like ransomware, phishing, DDoS, and malware attacks. Because cybercriminals primarily dwell and operate on the dark web, corporate cybersecurity teams must extend their defense outward to collect and analyze external threat intelligence

In today’s increasingly digital business environment, financial services organizations must look beyond their own perimeters to identify threats before they turn into full-fledged attacks, and take them down at the source.

For more on the state of the cyber threat landscape for banking and financial services organizations, download the full report.

Download Now

Stay up to Date!

Subscribe to the blog to stay up to date with all the latest industry news and updates from IntSights.