TMCnet News
United States : Three Attack Patterns Accounted for 75% of Cyberattacks on Financial Institutions [TendersInfo (India)](TendersInfo (India) Via Acquire Media NewsEdge) You may think that the threat of an electronic attack on your business is receding; you d be wrong. Attackers are just getting smarter. Today s global economy has streamlined commerce for both corporations and consumers, and financial systems are readily accessible worldwide. Organizations in the finance and insurance industry face some unique challenges with regard to information protection. While not immune to routine opportunistic attacks by miscreants who continually scour the Internet for easy pickings, their status as a high-value target means they attract significantly more directed and tenacious criminal attention. Verizon s 2014 Data Breach Investigations Report (DBIR) identified the attack threat patterns specific to each industry, and is opening up a more focused and effective approach to fighting the cybercriminal. Importantly this research finds that on average, just three threat patterns covered 72 percent of the security incidents in any industry. So my question to the financial industry is do you know which three attack patterns impact your industry the most? Just three of the nine threat patterns covered 75 percent of security incidents experienced by financial services organizations. These are: Web application (web app) attacks found in 27 percent of analyzed incidents For example where attackers use stolen credentials or exploit vulnerabilities in web applications such as content management systems (CMS) or e-commerce platforms. Denial of service (DOS) found in 26 percent of analyzed incidents DOS attacks use armies of botnets of PCs and powerful servers to overwhelm an organization s systems and applications with malicious traffic, causing normal business to grind to a halt. Skimming found in 22 percent of analyzed incidents For example - criminals tampering with a card payment device to install a skimmer that automatically captures a customer s card data, usually ATMs that are targeted. Put simply, improving defenses against these three areas could help financial organizations substantially lower risk. It seems simple, and it is - by looking at each attack pattern in detail, organizations can tailor their security strategies to target these specific areas. Unsure how to implement this knowledge? Watch out for my next article which will delve deeper into the attack patterns and provide recommendations as to what you can do to limit their impact on your organization. When all things are considered, dealing with security incidents may seem like the smallest of concerns when the very existence of financial institutions has been on the line. Yet a successful attack on a financial institution could leave irreparable damage - quantifiable in tangible items such as stolen or misappropriated resources. (c) 2014 Euclid Infotech Pvt. Ltd. Provided by SyndiGate Media Inc. (Syndigate.info). |