
Read the full story here.
Financial institutions deliver a vast amount of services to consumers and business. Trillions of dollars’ exchange hands daily to keep the world going. These institutions hold, invest and care for the wealth of large populations. Financial institutions form the backbone of our industrialized world. These institutions depend heavily on information technology systems and any form of disruption to these critical systems can severely undermine confidence and thereby result in loss of business and reputation to these financial institutions. As these institutions manage a lot of money, they are also a key target for cybercriminals.
Cyberattacks impacting financial institutions are predominantly focused on trying to scam people and get money from them. If pressed, I would say that 95% of these attacks are executed for direct financial gain. The other 5%? In most cases, organized hacktivists and other groups working towards hurting a financial institution, its brand, and its customer loyalty.
To financially gain from an attack on a financial institution, these bad actors are most likely looking to accomplish one of two things:
- They can utilize credentials from a financial institution’s customers to access their accounts directly and siphon off their funds.
- Or, they can use the personally identifiable information that they can gather from a customer’s records to create new accounts for their own benefit.
Financial institutions are privy to a large amount of information about their customers. They can have social security numbers, birthdates, email addresses and other information. And perusing recent transactions can also disclose other valuable information about an individual — like their other paid online accounts.

Using this information, bad actors can apply for lines of credit, credit cards and other accounts that they can then exploit. They can also use this information to fuel brute force attacks against the other online accounts of an unsuspecting bank customer and use them for other fraudulent activity.
According to the Verizon Data Breach Investigations Report, about 88% of security incidents in the finance sector fall into just three categories:
- Web app attacks
- Distributed denial-of-service (DDoS) attacks
- Payment card skimmers
In addition, the bulk of cyberattacks impacting financial services institutions are focused on ATMs. In these instances — which Verizon claims account for approximately 66% of attacks on financial service institutions — the ATM machines are in some way tampered with. This tampering can include the installation of a credit card skimmer or another device that captures, stores, and transmits the information carried in an ATM card’s magnetic strip back to the perpetrator.
However, eliminating attacks on ATMs leaves the remaining 34% of attacks on financial services companies. And in those cases, the targets are predominantly databases (20%), end-users (9%), desktops (8%) and Web applications (8%). And — according to Verizon — the attacks targeted at these areas break down as follows:
- Spyware/keylogger — 78%
- Stolen credentials — 66%
- Backdoor — 52%
- Export data — 45%
- Backdoor or C2–39%
- SQL injection — 38%
With 66% of attacks impacting ATMs, it’s important to consider how we can make ATMs more secure and keep bank customers from having their credentials stolen at the cash machine.
Traditionally, accessing account on ATMs requires a user to have two factors — “What I have” and “What I know”. They require the use of a physical ATM or credit card (what I have) and a PIN number (what I know). Unfortunately, the authentication process is completely in-band — both the card and the PIN are entered and transmitted via the same device (the ATM machine). This means that compromising the ATM machine gives a bad actor access to everything they need to access a customer’s account.
Continue reading this article here.
