How the financial industry protects itself from cyberattacks

8월 30, 2022

How the financial industry protects itself from cyberattacks

A recent study by the bug bounty platform YesWeHack in collaboration with Foundry examines the extent to which financial institutions in the DACH region have been the target of cyberattacks in recent months. The result: Almost every company is affected in some way - and attackers are increasingly relying on more complex attack scenarios.

Finance is a lucrative target for cyberattacks

Only around seven percent of the study respondents stated that they had not been the victim of a cyberattack in the last twelve months. At 76 percent, the majority of respondents recorded between one and 20 successful attacks. One in 10 financial institutions (11 percent) had to contend with 21 to 50 attacks, and about four percent had even experienced more than 50. Credential theft is reported by 51 percent of respondents - particularly through social engineering attacks such as phishing. In third place among the most frequent attack scenarios is ransomware with almost 39 percent, followed by insider threats with 38 percent and attacks on databases (for example, via brute force attacks) with 37 percent.

No other target is more lucrative for cybercriminals than banks and insurance companies. The reason is obvious: There is a lot of data and money to be captured - in other words, exactly what attackers are after most. The current BKA situation report "Cybercrime" also confirms this development: Critical infrastructures, i.e. also banks and insurance companies, were particularly targeted by attackers last year.

What can the finance and insurance industry do to counter this growing threat?

The fact is, however, that banks are not sufficiently prepared for cyberattacks. Despite high standards, the financial sector has a massive backlog in IT security. The most frequent cause of attacks is human error: seven out of ten financial companies have become victims of cybercrime by mishandling email attachments. Striking in comparison to other critical infrastructure sectors: Many companies in the financial sector do not implement either technical or organizational measures to protect against email-based threats.

Virtual browser as protection against attacks from the Internet

The browser is the number one gateway for ransomware and other malware. The best protection against such attacks from the Internet is a virtual browser. This allows users to surf the Internet without hackers gaining access to government or corporate networks. R&S® Browser in the Box from Rohde & Schwarz Cybersecurity, for example, closes the "Internet" security gap by enabling a "digital" quarantine for hacker attacks. At the computer level, complete isolation takes place so that malware is kept away from the rest of the user's PC. In addition, at the network level, access to the Internet is separated from the intranet. The internal corporate network (intranet) is thus completely separated from the Internet. This mechanism also protects against attacks via e-mail attachments or during web conferences with microphone use and webcam support.

In addition, further protective measures should be taken - for example, encryption of the end devices, a highly secure VPN connection and securing the home WLAN. Further information on the protection of critical infrastructures:

Contact Us

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

마케팅 동의

로데슈바르즈에서 다음과 같은 방법으로 정보를 수신하겠습니다

Rohde & Schwarz GmbH & Co. KG 및 본 웹사이트의 기업 정보에 명시된 Rohde & Schwarz 각 법인 또는 각 지사가 마케팅 및 광고 목적(예: 특별 행사 및 할인 프로모션에 대한 정보)으로 이메일 또는 우편을 통해 연락하는 것에 동의합니다. 개인 데이터 사용 및 해지 절차에 대한 자세한 내용은 개인정보 보호정책마케팅 동의 단락에 명시되어 있습니다.

신청하신 내용이 제출되었습니다. 빠른 시일 내 회신 받으실 것입니다.
An error has occurred, please try again later.