Financial services firms are hit by security incidents a staggering 300 times more frequently than businesses in other industries, with attack patterns changing frequently to outwit IT pros, according to Websense.
The Raytheon-owned security vendor claimed in its 2015 Industry Drill Down Report that attacks against the sector outgun those in adjacent industries by 3:1, as cyber-criminals look to focus on those targets they believe will give them the biggest return on their efforts.
The majority of attacks studied in the report therefore feature some element of data or credential stealing, with Rerdom (30%), Vawtrack (13%), SearchProtect (13%) and BrowseFox (4%) the most prolific threats.
As can be expected, cyber-criminals are working hard to ensure their attacks are as successful as possible, firing a large volume of low level threats at their targets in order to distract IT security professionals while the main targeted attack is launched, Websense said.
Obfuscation, malicious redirection and black hat SEO have become popular of late, although patterns apparently shift on a month-by-month basis – again to improve success rates.
Targeted typosquatting is also making a comeback in the sector, usually in combination with social engineering as part of spear phishing attacks designed to compromise a host or trick a user into instigating a payment or transfer of money, the report claimed.
Such incidents apparently cost, on average, $130,000 each.
Interestingly, Websense also warned that banks’ desire to “maintain their realtime connection to the global economy” has harmed their ability to adequately manage risk.
Citing a Wall Street Journal article, it claimed that nearly one third of banks don’t require multi-factor authentication for third party vendors, and that one Fortune 500 bank in particular has not yet patched Heartbleed on its servers because it would disrupt the operations of several European counterparts that haven’t yet upgraded.
Carl Leonard, Websense principal security analyst, argued that members of the financial community need to improve communication so that they can “move together towards the desired security goals.”
“The key element to maintaining the realtime connection to the global economy is ensuring that financial services’ security is as real time as their connections,” he told Infosecurity.
“The industry demands availability, integrity and performance, and security has a role to play in achieving that. Security therefore needs to be placed at the forefront of these decisions, as good security deployment will ensure the other elements are better preserved.”
In related news, a new .bank gTLD is set to launch in the UK on Friday, in a bid to offer better online security for financial institutions and their customers.
The report period was January to May 2015.