30-Aug-2022
How the financial industry protects itself from cyberattacks
A recent study by the bug bounty platform YesWeHack in collaboration with Foundry examines the extent to which financial institutions in the DACH region have been the target of cyberattacks in recent months. The result: Almost every company is affected in some way - and attackers are increasingly relying on more complex attack scenarios.
Finance is a lucrative target for cyberattacks
Only around seven percent of the study respondents stated that they had not been the victim of a cyberattack in the last twelve months. At 76 percent, the majority of respondents recorded between one and 20 successful attacks. One in 10 financial institutions (11 percent) had to contend with 21 to 50 attacks, and about four percent had even experienced more than 50. Credential theft is reported by 51 percent of respondents - particularly through social engineering attacks such as phishing. In third place among the most frequent attack scenarios is ransomware with almost 39 percent, followed by insider threats with 38 percent and attacks on databases (for example, via brute force attacks) with 37 percent.
No other target is more lucrative for cybercriminals than banks and insurance companies. The reason is obvious: There is a lot of data and money to be captured - in other words, exactly what attackers are after most. The current BKA situation report "Cybercrime" also confirms this development: Critical infrastructures, i.e. also banks and insurance companies, were particularly targeted by attackers last year.
What can the finance and insurance industry do to counter this growing threat?
The fact is, however, that banks are not sufficiently prepared for cyberattacks. Despite high standards, the financial sector has a massive backlog in IT security. The most frequent cause of attacks is human error: seven out of ten financial companies have become victims of cybercrime by mishandling email attachments. Striking in comparison to other critical infrastructure sectors: Many companies in the financial sector do not implement either technical or organizational measures to protect against email-based threats.
Virtual browser as protection against attacks from the Internet
The browser is the number one gateway for ransomware and other malware. The best protection against such attacks from the Internet is a virtual browser. This allows users to surf the Internet without hackers gaining access to government or corporate networks. R&S® Browser in the Box from Rohde & Schwarz Cybersecurity, for example, closes the "Internet" security gap by enabling a "digital" quarantine for hacker attacks. At the computer level, complete isolation takes place so that malware is kept away from the rest of the user's PC. In addition, at the network level, access to the Internet is separated from the intranet. The internal corporate network (intranet) is thus completely separated from the Internet. This mechanism also protects against attacks via e-mail attachments or during web conferences with microphone use and webcam support.
In addition, further protective measures should be taken - for example, encryption of the end devices, a highly secure VPN connection and securing the home WLAN. Further information on the protection of critical infrastructures: