Financial institutions face growing hacking and malware threat

Financial institutions face growing hacking and malware threat | Insurance Business

Financial institutions face growing hacking and malware threat
Hackers are increasingly targeting smaller financial institutions, said data breach response insurance provider Beazley.

In a report entitled Beazley Breach Insights – July 2016, it was revealed that after healthcare, financial institutions, particularly those with annual revenues below $35 million, experienced the highest level of breaches for the first half of 2016.

Within the financial institutions segment, hacking and malware attacks have sharply increased as a proportion of total breaches. It accounted to 43 per cent of financial institution breaches handled by Beazley in the first half of 2016, as compared to 27 per cent of breaches over the same period in 2015.

The Beazley Breach Response Services, which managed 955 data breaches on behalf of clients for the first half of 2016, noted a sharp increase in hacking and malware attacks to smaller and more vulnerable financial institutions, particularly small banks and credit unions.

Banks and credit unions with less than $35 million in annual revenue accounted for 81 per cent of hacking and malware breaches at financial institutions in 2016.

In the report, Beazley said hackers are increasingly targeting smaller financial institutions because “they hold valuable personal information and many times do not have the same cyber security defences in place to ward off hackers as their larger counterparts.”

Katherine Keefe, global head of BBR Services, said: “The large increase we've observed in hacks aimed at financial institutions is noteworthy. Smaller banks and credit unions that typically have fewer defenses against these breaches are becoming bigger targets and need to be prepared."

Beazley identified four key steps financial institutions can take to minimise the risk:
  • Deploy prevention and detection tools;
  • Use threat intelligent services;
  • Train managers and staff of cyber security and threat awareness; and
  • Conduct risk assessments focused on identifying and protecting sensitive data.
"There is a lot they can do to protect themselves, but the sobering reality is that not every breach can be prevented and businesses − including financial institutions − should have robust plans for managing breaches should they occur," said Keefe.

Read the full report here.

Related stories:
Insurers at high risk of cyber-attacks, says regulatory body
Munich Re, Beazley to offer $100 million cyber cover
Cyber: What are the emerging issues?