How the financial industry protects itself from cyberattacks

8月 30, 2022

How the financial industry protects itself from cyberattacks

A recent study by the bug bounty platform YesWeHack in collaboration with Foundry examines the extent to which financial institutions in the DACH region have been the target of cyberattacks in recent months. The result: Almost every company is affected in some way - and attackers are increasingly relying on more complex attack scenarios.

Finance is a lucrative target for cyberattacks

Only around seven percent of the study respondents stated that they had not been the victim of a cyberattack in the last twelve months. At 76 percent, the majority of respondents recorded between one and 20 successful attacks. One in 10 financial institutions (11 percent) had to contend with 21 to 50 attacks, and about four percent had even experienced more than 50. Credential theft is reported by 51 percent of respondents - particularly through social engineering attacks such as phishing. In third place among the most frequent attack scenarios is ransomware with almost 39 percent, followed by insider threats with 38 percent and attacks on databases (for example, via brute force attacks) with 37 percent.

No other target is more lucrative for cybercriminals than banks and insurance companies. The reason is obvious: There is a lot of data and money to be captured - in other words, exactly what attackers are after most. The current BKA situation report "Cybercrime" also confirms this development: Critical infrastructures, i.e. also banks and insurance companies, were particularly targeted by attackers last year.

What can the finance and insurance industry do to counter this growing threat?

The fact is, however, that banks are not sufficiently prepared for cyberattacks. Despite high standards, the financial sector has a massive backlog in IT security. The most frequent cause of attacks is human error: seven out of ten financial companies have become victims of cybercrime by mishandling email attachments. Striking in comparison to other critical infrastructure sectors: Many companies in the financial sector do not implement either technical or organizational measures to protect against email-based threats.

Virtual browser as protection against attacks from the Internet

The browser is the number one gateway for ransomware and other malware. The best protection against such attacks from the Internet is a virtual browser. This allows users to surf the Internet without hackers gaining access to government or corporate networks. R&S® Browser in the Box from Rohde & Schwarz Cybersecurity, for example, closes the "Internet" security gap by enabling a "digital" quarantine for hacker attacks. At the computer level, complete isolation takes place so that malware is kept away from the rest of the user's PC. In addition, at the network level, access to the Internet is separated from the intranet. The internal corporate network (intranet) is thus completely separated from the Internet. This mechanism also protects against attacks via e-mail attachments or during web conferences with microphone use and webcam support.

In addition, further protective measures should be taken - for example, encryption of the end devices, a highly secure VPN connection and securing the home WLAN. Further information on the protection of critical infrastructures:

联系我们

如果您有任何疑问或需要了解更多信息,请填写此表格,我们会尽快回复您。

推广许可

我同意通过以下方式接收罗德与施瓦茨提供的信息:

我同意通过电子邮件或邮政信件接收罗德与施瓦茨公司和本网站版权标记指明的罗德与施瓦茨实体或子公司提供的营销或广告信息(例如特价优惠和折扣促销信息)。有关个人数据使用和撤销程序的详情,请参阅隐私声明推广许可

你的申请已提交,我们稍后会联系您。
An error has occurred, please try again later.