Search
Close this search box.

Cyberattack on financial institutions, a real risk

Banks, fintechs and other companies in the financial sector have been one of the main targets of cyber attacks on financial institutions due to the abundance of confidential information contained in customer files.

Especially as more and more people transition to online banking and seek alternative, contactless ways to pay during the pandemic.

Now, a new wave of financial solutions, such as Pix and Open Banking, is emerging to make real-time transactions easier for customers, but further expanding the threat landscape.

Along with growing threats, financial institutions must also meet regulatory compliance requirements, such as the General Data Protection Act (LGPD), or regulatory fines and sanctions will apply, further amplifying the risks of major losses to businesses connected to the segment.

According to a study by the Boston Consulting Group, financial services firms are 300 times more likely than other companies to be targets of cyber attacks, including phishing, ransomware and other malware attacks, and even insider threats.

Financial institutions must take a more proactive approach to cyber attacks or risk devastating data breaches

Cybercriminals have different motives when carrying out cyberattack on financial institutions, but in the case of cybercriminals, their goal is financial gain.

Financial institutions have a wealth of personal and financial information, ready for monetization if breached, including cryptocurrency wallets and the transfer of money via Pix.

Like other attack methods, cybercriminals work to compromise account credentials through phishing. All it takes is for an employee to reuse account credentials, such as passwords, and attackers have everything they need to cyberattack financial institutions and wreak havoc.

Ransomware is a type of malware that encrypts confidential files or locks companies out of their systems. The only way to unlock it is with a mathematical key that only the attacker knows, which you will receive after paying a ransom.

In the financial segment, ransomware is one of the most common cyber attacks. In 2017 alone, 90% of financial institutions were hit by a ransomware attack. In 2020, the world’s third largest Fintech company, Finastra, was targeted.

So why is ransomware so effective for cybercriminals? Because, most of the time, it is much faster and cheaper to pay the ransom than to suffer downtime.

Dealing with Cyber Attack Risks: Detecting and Managing Threats

In practice, banks, Fintechs, and other financial institutions can follow good security practices to ensure that their organization is protected while continuing to adhere to regulatory compliance.

Implementing continuous monitoring and threat detection capabilities is the first step in closing the glaring security gaps that many banks and financial institutions are facing.

In fact, ransomware attacks are usually not a one-time event. In fact, this can happen several times in the same company.

Regardless of whether an organization has experienced an incident or not, it is important to monitor the full range of networks and applications across the IT landscape on an ongoing basis, rather than periodic assessments.

With this kind of constant visibility, companies know whether they are compromised or secure.

It is increasingly important for banks and fintechs to build a solid foundation by adopting security technologies and processes that leverage their ability to detect cyberattack on financial institutions as early as possible.

There are a number of ways in which these technologies can help institutions protect themselves, including providing important context for anomalous behavior, flagging known indicators of compromise, and accelerating threat detection and response.

However, detection alone does not prevent cybercriminals from attacking.

After suspicious activities that may indicate early stages of an attack are detected, it is important that companies have controls in place to stop future activities and an incident response plan to mitigate the attack.

How Ransomware uses Unprotected Remote Access Protocols (RDP)

Encryption and data integrity are also part of the protection strategy against cyber attacks

People will use any financial application based on the trust that their data is safe in their hands, which is why data breaches via Ransomware are so damaging to the reputation of banks and Fintechs.

Besides establishing trust, encryption is also one of the easiest ways to comply with most government regulations. In fact, many control agencies even require it.

For example, in addition to LGPD, the Payment Card Industry Data Security Standards (PCI DSS) require companies to encrypt credit card information before storing it in their database.

Encrypting data is crucial.

However, encrypting data only during storage is not enough. Unless you have no plans to move your data, encrypting it during transport is equally crucial.

This is because cybercriminals can spy on the application server connections and intercept any data sent.

Backup and disaster recovery as the most efficient way to decrease downtime for financial institutions

Planning for potential outages can reduce the impacts to banks, Fintechs, and other financial institutions not only valuable time, but also significant amounts of money in terms of lost revenue, credibility, and recovery services.

A recent report by Sophos, “
State of Ransomware 2021
“, showed that the average total cost of recovering from a ransomware attack could be as high as $2 million.

Creating a plan against cyberattack on financial institutions before disaster strikes also puts organizations in a better position to avoid paying ransoms due to the ability to resume operations.

A solid disaster recovery capability can limit the impact of cyber attacks to a minor disruption, rather than a company-ending event.

CipherTrust Data Security Platform Enables Protection Against Cyberattacks on Financial Institutions

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To address the complexity of where data is stored, CipherTrust Data Security Platform provides strong capabilities to protect and control access to sensitive data in databases, files, and containers from cyber attacks. Specific technologies include:

CipherTrust Transparent Encryption

Encrypts data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious cyber attacks.

CipherTrust Database Protection

It provides transparent column-level encryption of structured and confidential data that resides in databases such as credit card, social security numbers, national identification numbers, passwords, and e-mail addresses.

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

It offers application-level data tokenization services in two convenient solutions that provide customer flexibility – Token without Vault with dynamic policy-based data masking and Tokenization in Vault.

CipherTrust Batch Data Transformation

Provides static data masking services to remove sensitive information from production databases so that compliance and security issues are alleviated when sharing a database with a third party for analysis, testing, or other processing.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables companies to protect data at rest and in motion across the entire IT ecosystem and ensures that the keys to this information are always protected and only under your control.

It simplifies data security, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform ensures that your data is secure, with a wide range of proven, industry-leading products and solutions for deployment in data centers, either those managed by cloud service providers (CSPs) or managed service providers (MSPs), or as a cloud-based service managed by Thales, a leading security company.

Tool portfolio that ensures data protection against cybercrime

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen security and compliance against cyber attacks

CipherTrust data protection products and solutions address the demands of a range of security and privacy requirements, including electronic identification, authentication and trust, Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Act (LGPD), and other compliance requirements.

Optimizes team and resource efficiency

CipherTrust Data Security Platform offers the broadest support for data security use cases in the industry, with products designed to work together, a single line for global support, a proven track record of protecting against evolving threats, and the industry’s largest ecosystem of data security partnerships.

With a focus on ease of use, APIs for automation, and responsive management, the CipherTrust Data Security Platform solution ensures that your teams can quickly deploy, secure, and monitor the protection of your business.

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

CipherTrust Data Security Platform’s data protection portfolio offers a broad set of data security products and solutions that can be easily scaled, expanded for new use cases, and have a proven track record of protecting new and traditional technologies.

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About Eval

EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

About the author

Other posts