Financial Services Targeted, Work from Home to be Blamed
The cybersecurity posture of organizations was put to test with the onset of the COVID-19 pandemic. The financial sector has been constantly targeted by cybercriminals and the trend continues. According to a recent report, attackers targeted security gaps at firms in the financial services sector as the majority of the workforce had to shift to work from home.
Blame work from home
The report, published by the international Financial Security Board (FSB), states that work from home conditions accelerated the adoption of new technologies and reliance on third-party service providers. As a result of the pandemic, financial services moved to rapid digitalization.
- Complete reliance on VPNs and unsecured WiFi access points brought forth new obstacles in the form of patching and other cyber issues.
- Phishing, ransomware, and malware attacks witnessed a rise from 5,000 per week in February 2020 to 200,000 per week in late April 2021.
Why it matters
The report, published by the international Financial Security Board (FSB), states that work from home conditions accelerated the adoption of new technologies and reliance on third-party service providers. As a result of the pandemic, financial services moved to rapid digitalization.
- Reliance on a handful of third parties can lead to a single failure point with possible adverse outcomes for financial firms. Moreover, this concentration risk has reportedly increased during the pandemic era.
- In addition to this, accessing and auditing information from these providers create obstacles for financial institutions in managing these risks.
What else?
Remote working condition is not the only threat badgering the financial sector.
- Social engineering fraud is one of the paramount concerns for the sector, of which BEC scams are the most common exploits.
- The scam enables the fraudulent transfer of funds. Small- and medium-sized businesses are the most vulnerable to these attacks.
The bottom line
The current times call for financial services firms to modify their cyber risk management mechanisms, incident response and recovery activities, and management of cloud and third-party services. While the rapid move to new technologies has improved their operational resiliency, there is a lot of room for improving cyber resilience.
Responses