Financial institutions and cyber attacks: a cat-and-mouse game?

According to a recent study of 254 companies in seven countries by the US Ponemon Institute, financial institutions are suffering on average 125 intrusions a year (three times more than six years ago). Such statistics are rarely highlighted, but are enough to demonstrate the growing interest of cyber criminals in banks and insurance companies, which are now the victims of increasingly sophisticated attacks.

These security breaches lead to loss of revenue, undermine the integrity of client data and assets and have an adverse impact on the reputation of the institutions in question. In this context, another study, by B2B International, reveals that the financial institutions affected suffer average losses of nearly a million dollars ($926,000) from every cyber security incident to which they fall victim.

Another interesting figure is that institutions spend over €250,000 in combating a Denial of Service attack (DDoS) and nearly $100,000 for a ransomware-type attack. Finally, client losses amounted to an average $10,032 for companies and $1,446 for individuals. The damage caused by cyber attacks is therefore very significant and it is worthwhile to take pragmatic measures to guard against such incidents.

Some examples of attacks suffered by financial institutions

The world of finance has generally, been less affected than other sectors by the most common forms of cyber attack, such as malware. However, they are particularly exposed to Denial of Service and targeted attacks. A sharp increase has also been noted in the number of users infected by banking Trojans, whose principal aim is to steal client data. Finally, to complete the overview, financial institutions are affected by targeted phishing, social engineering and backdoors which enable cyber criminals to infiltrate information systems with complete secrecy.

Implementing appropriate defence strategies

For Pierre-Yves Hentzen, CEO of Stormshield, “Cyber security is now a major preoccupation for directors of major banks and insurance companies. This is reflected in particular in a sharp rise in recent years in budgets for information system security.”

Although they are already well-equipped with established solutions, banks now need to go further, taking advantage of new approaches such as AI and analytic technologies which will enable them to add to their existing arrangements and improve their levels of security. By doing so, financial institutions can actively guard against the new threats facing them and deliver digital transformation confidently and successfully.

“But in an area as sensitive as banking and insurance, companies need to protect themselves by choosing trusted technologies, whose reliability and robustness is reflected by certification and classification at the highest European level” says Mr Hentzen.

Stormshield

A European leader in digital infrastructure security and a wholly-owned subsidiary of Airbus CyberSecurity, we offer smart, connected solutions in order to anticipate attacks and protect digital infrastructures. Our mission: to ensure the cybersecurity and data protection of organizations, their employees, and their customers. Our expertise is available in three complementary product ranges for seamless security: Protection for industrial and IT networks (Stormshield Network Security), protection for servers and workstations (Stormshield Endpoint Security) protection for data (Stormshield Data Security). As per our Multi-Layer Collaborative Security approach, our product ranges interact with one another to raise the security level of IT, OT, and Cloud environments, regardless of the attack point.

These trusted, cutting-edge solutions are certified at the highest level in Europe (EU RESTRICTED, NATO, ANSSI EAL3+/EAL4+). Present in over 40 countries via our network of distributor partners, we ensure the protection of strategic information for companies of all sizes, public administrations, and defense agencies throughout the world.

For further information please visit: www.stormshield.com/