Financial institutions are a primary target for cyber attacks worldwide. With the digitalization of most financial services, cyber security is becoming a leading priority for financial firms. The range of cyber-attacks in this industry is expanding from website-based attacks to interfering the transaction systems. The United States is one of the biggest financial markets worldwide and is a target for a considerable share of cyber attacks.
What are the cyber attack motives?
It is not a coincidence that financial firms are among the most targeted ones – alongside users’ personal information that hackers steal in order to sell it on the dark web, in the case of financial institutions, bad actors also gain access to financial resources that the customers or the institution possess. With rapid digitalization in many industries, personal data protection has become crucial. According to an April 2022 survey of U.S. consumers, one of the main factors customers consider when choosing a bank is the security of their personal data. By attacking financial institutions, cyber criminals attempt to access data points, such as credit or debit card numbers, social security numbers, and similar.
How much do cyber attacks cost the financial industry?
In 2022, the average cost of a data breach in the financial industry worldwide was nearly six million U.S. dollars in 2022, ranking second after the healthcare sector. By comparison, the average cost of a breach across all industries amounted to over four million U.S. dollars. In the United States, the financial damage of a data breach came to around nine million U.S. dollars on average. The two types of attacks causing the highest monetary loss were business e-mail compromise (BEC) and e-mail account compromise (EAC) scams.
Most frequent types of cyber attacks in financial sector
While companies try to develop more comprehensive data protection solutions, cyber criminals go further in designing new mechanisms of cyber attacks. Between 2020 and 2021, the most common attacks in the financial industry worldwide were network and application anomalies, followed by account anomalies. In 2021, 17 percent of financial phishing attacks worldwide targeted e-shops, while payment systems and banks followed. Overall, financial malware desktop attacks were more likely to target consumers rather than companies. In the same year, financial services ranked second among the industries most affected by ransomware attacks.
Spotlight: business focus on cyber resiliency
The most common experiences of financial institutions related to cyber security were ransomware attacks and attacks against market strategies. Additionally, more than eight in ten financial sector security leaders were concerned about the security of cryptocurrency exchanges. A 2021 survey found that one of the main concerns of companies classed as cyber leaders was the infrastructure breakdown due to a cyber attack. Subsequently, 25 percent of the companies worldwide have increased their cybersecurity budget by six to 10 percent. However, increasing the spending on cybersecurity is just the first step for companies in the attempt to protect customer data and finances. Financial firms now turn to a more active defense in cyberspace, which means tracking the hacking mechanisms to prevent possible attacks.
