Consumer devices are the most vulnerable point for bank cyberattacks
By Maria Korolov
Cybercriminals who attack banks are more likely to focus on their online customers, according to the latest Verizon Data Breach Investigations Report. End-user devices were involved in 82 percent of all financial incidents, compared with about half for all industries on average.
According to the report, a common pattern is for cybercriminals to send phishing emails to the banking customers, get their login details and then empty their bank accounts. “We’re seeing an increase in phishing attacks,” says Jay Jacobs, senior analyst on Verizon’s RISK Team, which publishes the annual report, considered one of the most reputable gauges of cybercriminal activity. “They’re becoming a lot more prevalent.”
One reason? They work.
According to the Verizon report, 22 percent of the people who receive phishing emails open them, and 11 percent click on malicious links in those emails. If attackers send out 10 emails, then the odds are 90 percent or better that at least one person will fall victim. The phishing emails also work quickly.
Twenty-two percent of people who receive phishing emails open them, and 11 percent click on malicious links in those emails.
The median time between when the first message in a campaign goes out and someone clicks on it is just one minute and 22 seconds. Nearly half of all users open emails and click on the phishing links within the first hour. That means that banks have to be extremely diligent about watching for phishing campaigns against their customers, and to respond immediately when an attack surfaces, experts say.
In fact, personal banking information was the top target of all crimeware across all industries, accounting for 60 percent of all incidents with confirmed data loss, according to the Verizon report. Login credentials were in second place at 30 percent.
The financial services industry was hit less hard by other types of attacks, such as direct malware attacks. Retail companies, for example, saw an average of 801 attacks a week, and financial institutions were on the low end of the scale, at just 350. This could mean that banks are better at filtering out phishing emails aimed at their employees, or their employees are better trained to spot them, experts say. Financial institutions are faster at detecting and cleaning up infections than other industries.
Financial institutions also did about average when it came to privilege abuse, which accounted for 11 percent of all incidents. Privilege abuse is associated with data breaches caused by insiders. “It is a small proportion of all breaches,” Jacobs says. “It fluctuates between 10 and 15 percent of all incidents and has been consistent over all the years of data.”
Overall, however, the financial sector was one of the top three hardest hit by cyberattacks last year. And the attacks on smaller financial institutions in particular have been increasing, according to the report, from 24 incidents with confirmed data losses in 2013 to 33 last year.