Over a quarter of all malware attacks targeted banks and financial services for purposes such as infiltrating corporate networks, gaining access to financial assets, and stealing customer records, corporate credentials, and enterprise data.
The pace at which cyber criminals are training their weapons at banks and other financial services organisations that hold vast amounts of customer data and store financial information of millions of people is such that security researchers observed a massive rise in malware attacks in the first quarter of this year compared to previous quarters.
The new Banking & Financial Services Cyber Threat Landscape Report (April 2019) from Insights has revealed a 212 percent year-over-year increase in instances of credit card compromise, a 102 percent year-over-year increase in malicious applications, including fraudulent mobile banking apps, and a 129 percent year-over-year increase in credential leaks as a result of the Collection #1 leak.
25.7% of malware attacks targeting banks and financial services
In fact, banks and financial services organisations suffered 25.7 percent of all malware attacks, more than any other industry. Those based in Latin America, Africa, and South Asia suffered a disproportionately large number of malware attacks as many of them lack the external-facing security systems that banks and financial services organisations in the United States or in the EMEA region possess.
"Financial fraud offers a lucrative source of income for cybercriminals. With such tempting promise of high reward and low prosecution rates, emboldened cybercriminals and have grown in their sophistication, exploiting the human-interest factor by posing as banks or suppliers and then duping consumers into revealing their personal details.
"These scams have also proved effective in targeting commercial organisations, as senior executives have been tricked into revealing sensitive information which enables access to a company network," says Ryan Wilk, vice president at NuData Security.
"The increasing volume of attacks globally has also been attributed to more fraudsters willing to commit the crime, more data available on the black market, and more financial institutions and merchants that are vulnerable to attacks. Plus, as more countries fully adopt EMV, fraudsters have switched their tactics online and fraud will continue its migratory path to all available online channels," he adds.
Banks must adopt behaviour-based authentication methods
He adds that banks and financial services organisations must adopt new authentication methods that cyber criminals cannot crack to gain access to customer records or financial assets. New authentication methods could include passive biometrics and behavioural analytics technology that can distinguish good from bad users even when new devices and correct stolen credentials are used because they rely on a different set of keys – consumer behaviour.
A major reason why cyber criminals are so successful in infiltrating corporate networks, gaining access to financial assets, and stealing customer records is that many financial services and banking apps continue to feature a large number of vulnerabilities that are either taking too long to fix or have not been discovered yet.
Earlier this month, security researchers at Arxan Technologies found as many as 180 serious vulnerabilities in thirty financial services apps for Android that enabled malicious actors to carry out identity theft and account fraud, and tamper with source codes of such apps.
These vulnerabilities ranged from lack of binary protections, private key exposure, client-side injection, trusting of all certificates, weak encryption, insecure random-number generation, insecure data storage, and unintended data leakage.
These vulnerabilities were also observed in a large number of mobile payment apps, apps run by retail brokers, those by health insurers, those by auto insurers, HSA banks, and those that permitted cryptocurrency payments. The most common flaw in all financial services apps was the lack of adequate application security technology that enabled hackers to reverse engineer and gain access to keys and other sensitive data.