- About 70% of financial services firms have faced a cyberattack over the past year, as remote work and COVID-19 led to increased activity and weaker endpoints, according to a research conducted by the Ponemon Institute and sponsored by Keeper Security. The report was based on a survey of 2,215 IT and IT security professionals in the U.S., U.K., DACH, Benelux, Scandinavia, Australia and New Zealand.
- The attacks have cost financial institutions an average of $4.7 million, about 75% more than the similar costs for other organizations, according to the report. The attacks range from credential theft and general malware to account takeover.
- Many teleworkers exposed their companies to external attacks, using poorly secured laptops, mobile phones and other devices when they went remote, according to the report. Only 60% of financial services organizations have policies in place to regulate the security of remote employees.
Since the beginning of the COVID-19 outbreak, financial services firms have become massive targets for criminal cyberattacks and nation-state activity due to the changing nature of accessing funds or working in remote digital environments. It opened up more vulnerable endpoints for attack.
The switch to remote work led to a 20% increase in actual attacks and a massive 500% increase in attempted attacks, according to Darren Guccione, CEO of Keeper Security.
"The word I would use in terms of what COVID brought to the table, I would just say it was catalytic in nature," he said in a Zoom interview. "The cybercriminals always knew that, wow, every single endpoint of an organization represents the potential vulnerability and access point for us to attack."
The report shows financial services companies had to make a number of drastic changes in how they configured and managed their respective workforces, as about 58% of their respective workforces had to change to remote work after the pandemic, compared with 22% of their employees before the pandemic. About 33% of employees at these organizations were also furloughed due to the pandemic.
The report shows 71% of respondents said remote work made their companies a risk of a data breach, while 57% said they are prime targets for a hacker wishing to exploit a vulnerability.
A widely used method of exploiting financial services organizations is account takeover, Guccione said. This would involve getting into a personal account, taking over the username and password and withdrawing all the funds, or as an alternative take over a victim's computer and demand a payment in bitcoin.
Another commonly seen attack involves the theft of trade secrets as part of an industrial espionage campaign.
About 31% of respondents said their organizations do not require remote employees to authenticate their identity during work. Meanwhile, of the 69% that said authentication is required, only 35% said multifactor authentication is required.
This research echoes a rising concern by companies regarding the vulnerabilities of having more than half of the workforce working remotely. The need to maintain safety and maintain a productive workforce is running up against the need to secure vulnerable endpoints and enforce existing security protocols.
Financial services firms are also dealing with other challenges, including how to securely store the data in a cloud environment that makes it accessible to remote workers, but remains closely protected.