Financial institutions and cyber attacks: a cat-and-mouse game?

According to a recent study of 254 companies in seven countries by the US Ponemon Institute, financial institutions are suffering on average 125 intrusions a year (three times more than six years ago). Such statistics are rarely highlighted, but are enough to demonstrate the growing interest of cyber criminals in banks and insurance companies, which are now the victims of increasingly sophisticated attacks.

Major consequences on a range of levels

These security breaches lead to loss of revenue, undermine the integrity of client data and assets and have an adverse impact on the reputation of the institutions in question. In this context, another study, by B2B International, reveals that the financial institutions affected suffer average losses of nearly a million dollars ($926,000) from every cyber security incident to which they fall victim.

Another interesting figure is that institutions spend over €250,000 in combating a Denial of Service attack (DDoS) and nearly $100,000 for a ransomware-type attack. Finally, client losses amounted to an average $10,032 for companies and $1,446 for individuals. The damage caused by cyber attacks is therefore very significant and it is worthwhile to take pragmatic measures to guard against such incidents.

Some examples of attacks suffered by financial institutions

The world of finance has generally, been less affected than other sectors by the most common forms of cyber attack, such as malware. However, they are particularly exposed to Denial of Service and targeted attacks. A sharp increase has also been noted in the number of users infected by banking Trojans, whose principal aim is to steal client data. Finally, to complete the overview, financial institutions are affected by targeted phishing, social engineering and backdoors which enable cyber criminals to infiltrate information systems with complete secrecy.

Implementing appropriate defence strategies

For Pierre-Yves Hentzen, CEO of Stormshield, “Cyber security is now a major preoccupation for directors of major banks and insurance companies. This is reflected in particular in a sharp rise in recent years in budgets for information system security.”

Although they are already well-equipped with established solutions, banks now need to go further, taking advantage of new approaches such as AI and analytic technologies which will enable them to add to their existing arrangements and improve their levels of security. By doing so, financial institutions can actively guard against the new threats facing them and deliver digital transformation confidently and successfully.

“But in an area as sensitive as banking and insurance, companies need to protect themselves by choosing trusted technologies, whose reliability and robustness is reflected by certification and classification at the highest European level” says Mr Hentzen.

 

Sources

- https://securelist.com/analysis-of-malware-from-the-mtgox-leak-archive/58553/?pubid=200676379
- https://media.kasperskycontenthub.com/wp-content/uploads/sites/45/2018/03/08235118/B2B-International-2014-Survey-DDoS-Summary-Report.pdf
- https://media.kaspersky.com/pdf/Kaspersky_Lab_B2C_Summary_2013_final_EN.pdf
- https://www.kaspersky.com/blog/from-the-perils-to-strategies/6682/
- Cost of Cybercrime 2017 – Accenture and the Ponemon Institute

Share on

About the author

mm
Pierre-Yves Hentzen
Chief Executive Officer, Stormshield

Combining entrepreneurial, managerial, and financial expertise, Pierre-Yves Hentzen’s career began in 1989. Having joined Arkoon in 2001 as the Chief Financial and Administrative Officer, Pierre-Yves Hentzen retained this position in the 2013 Arkoon-Netasq merger. After his appointment as Deputy Chief Executive Officer in 2015, he was named Chief Executive Officer of Stormshield in 2017.