Top cyber threats to financial institutions

In 2018, UK financial institutions saw the number of data breaches increase five times compared to the year before. With major retails banks such as Santander, RBS, Barclays and Tesco Bank being the victims.

Financial institutions make the perfect target for cyber criminals given the great amount of money they manage and the sensitivity of the data they hold. Cyber threats have become one of the biggest fears for boards because it is harder to prepare for them compared to ‘traditional challenges.’

The cyber threats faced by financial organisation are almost ‘unique’ compared to other industries and as technology becomes more sophisticated, so hacking techniques evolve and change.

Here are some of the rising cyber threats…

  1. Denial of Service (DDoS) Attacks via the IoT

This is an example of how emerging technologies can represent a risk for financial institutions. Unsecured IoT devices can easily be hacked and cause outages on websites or in applications. This could prevent customers from accessing their accounts and money and send them in a state of panic, which could lead them to lose trust in their bank.

  1. Third Party Services

Many financial institutions outsource their services to third party organisations. It’s important to understand that a business is only as strong as the weakest third-party vendor, meaning that if your vendor faces cyber threats, your organisation could also be vulnerable. Failure to review third party contracts and details about how they manage and store data, could cost you a lot of money and your reputation could take a big hit.

  1. Backdoors and Supply-Chain Attacks

This is one of the most serious cyber threats to financial institutions. These attacks use so called ‘backdoors’ – applications used to obtain remote access – that allow hackers to gain access to your network while bypassing intrusion detection systems. An attack like this could expose customers to serious cyber security threats.

  1. Insider Threats: Employees

Whether it is an intentional breach or a human error, when it comes to cyber security, your employees are a major threat – especially for financial institutions.

Because the threat comes from inside the organisation, threat mitigation tools don’t really work. For this reason, these threats often go undetected for a long time, allowing a lot of damage to be caused.

In order to protect itself, a financial institution should have a cyber security strategy that has full involvement and support of the Board. It is essential for top management to understand the severity of the cyber threats faced by the organisation and the measures in place to protect it. Having appropriate and updated cyber monitoring tools along with latest generation firewalls combined with employee monitoring, training and education will help you prevent and mitigate both internal and external threats to your cyber security.